Lucene search
K

555 matches found

RedHat Linux
RedHat Linux
added 2026/07/06 2:33 p.m.5 views

kernel: ima: don't clear IMA_DIGSIG flag when setting or removing non-IMA xattr

In the Linux kernel, the following vulnerability has been resolved: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr Currently when both IMA and EVM are in fix mode, the IMA signature will be reset to IMA hash if a program first stores IMA signature in security.ima and then...

5.8AI score0.00168EPSS
Exploits0References5
OSV
OSV
added 2026/06/26 8:17 p.m.3 views

DEBIAN-CVE-2026-53319

In the Linux kernel, the following vulnerability has been resolved: blk-wbt: remove WARNONONCE from wbtinitenabledefault wbtinitenabledefault uses WARNONONCE to check for failures from wbtalloc and wbtinit. However, both are expected failure paths: - wbtalloc can return NULL under memory pressure...

5.5CVSS5.8AI score0.001EPSS
Exploits0References1
NVD
NVD
added 2026/06/25 9:16 a.m.6 views

CVE-2026-53230

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix slab-out-of-bounds in mlx5querynicvportmaclist mlx5querynicvportmaclist sizes its firmware command buffer using the PF's logmaxcurrentuc/mclist capabilities. When querying a VF vport with a larger configured max via...

8.7CVSS0.00131EPSS
Exploits0References5
OSV
OSV
added 2026/06/25 9:16 a.m.5 views

UBUNTU-CVE-2026-53246

In the Linux kernel, the following vulnerability has been resolved: sctp: validate cached peer INIT chunk length in COOKIEECHO processing When a listening SCTP server processes a COOKIEECHO chunk, the cached peer INIT chunk embedded after the cookie is parsed and its parameters are later walked b...

9.8CVSS5.9AI score0.00481EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/25 8:39 a.m.6 views

EUVD-2026-39217

In the Linux kernel, the following vulnerability has been resolved: netfilter: bridge: make ebtsnat ARP rewrite writable The ebtables SNAT target keeps the Ethernet source address rewrite behind skbensurewritableskb, 0. This is intentional: at the bridge ebtables hooks the Ethernet header is...

5.7AI score0.00129EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/25 8:39 a.m.5 views

EUVD-2026-39291

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: nv: Fix handling of XN0 when !FEATXNX XN has already been extracted from its bitfield position so using FIELDPREP on the mask that clears XN0 is completely broken, having the effect of unconditionally granting execute...

5.8AI score0.00129EPSS
Exploits0References2
CVE
CVE
added 2026/06/25 8:39 a.m.18 views

CVE-2026-53191

CVE-2026-53191 affects the Linux kernel io_uring/net path. In bundle recv retries (with incremental mode and provided buffer rings IOU_PBUF_RING_INC), a memory handling bug caused IORING_CQE_F_BUF_MORE to be dropped during flag merge, allowing the kernel to leave a stale BUF_MORE in carried flags...

7.8CVSS6AI score0.00138EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/06/24 6:32 p.m.5 views

EUVD-2026-38849

In the Linux kernel, the following vulnerability has been resolved: neigh: let neighxmit take skb ownership neighxmit always releases the skb, except when no neighbour table is found. But even the first added user of neighxmit mpls relied on neighxmit to release the skb or queue it for tx. sashik...

5.8AI score0.00539EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/06/24 4:29 p.m.31 views

CVE-2026-53045 memory: tegra124-emc: Fix dll_change check

In the Linux kernel, the following vulnerability has been resolved: memory: tegra124-emc: Fix dllchange check The code checking whether the specified memory timing enables DLL in the EMRS register was reversed. DLL is enabled if bit A0 is low. Fix the check...

9.8CVSS0.00521EPSS
Exploits0References8
CVE
CVE
added 2026/06/24 4:28 p.m.9 views

CVE-2026-52981

CVE-2026-52981 concerns a Linux kernel issue in neigh_xmit: when called with an uninitialized neighbor table (e.g., NEIGH_ND_TABLE with IPv6 disabled), neigh_xmit can return -EAFNOSUPPORT without releasing the skb, risking a memory leak. The fix removes the remaining code path that could neither ...

7.5CVSS5.8AI score0.00539EPSS
Exploits0References6
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.9 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: kcm: fixed zero-frag skb in fraglist in case of partial sendmsg errors Syzkaller reported a warning in kcmwritemsgs when processing a message with a zero-fragment skb in the fraglist. When kcmsendmsg fills MAXSKBFRAGS fragments i...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: Media: imon: Make sendpacket more robust syzbot reports that imon has three problems that result in hung tasks due to continuously holding the device lock 1. The first problem is that when usbrxcallbackintf0 receives an -EPROT...

6AI score0.00177EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: 6lowpan: resetting the link-local header in the IPv6 receive path The Bluetooth 6lowpan.c netdev module has the headerops function; therefore, it must set the link-local header for the RX skb packet. Otherwise, thin...

5.8AI score0.00171EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: enetc: Deny offloading of tc-based TSN features on VF interfaces TSN features on the ENETC taprio, cbs, gate, police are configured through a combination of command BD ring messages and port registers: enetcportrd,...

5.5CVSS5.8AI score0.00225EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.6 views

Siemens RUGGEDCOM RST2428P Improper Update of Reference Count (CVE-2025-40251)

In the Linux kernel, the following vulnerability has been resolved: devlink: rate: Unset parent pointer in devlratenodesdestroy The function devlratenodesdestroy is documented to Unset parent for all rate objects. However, it was only calling the driver-specific rateleafparentset or...

5.5CVSS5.9AI score0.00127EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.7 views

Siemens RUGGEDCOM RST2428P Improper Input Validation (CVE-2025-71191)

In the Linux kernel, the following vulnerability has been resolved: dmaengine: athdmac: fix device leak on ofdmaxlate Make sure to drop the reference taken when looking up the DMA platform device during ofdmaxlate when releasing channel resources. Note that commit 3832b78b3ec2 dmaengine: athdmac:...

5.5CVSS5.7AI score0.00183EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.5 views

Siemens RUGGEDCOM RST2428P Improper Input Validation (CVE-2026-23111)

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: fix inverted genmask check in nftmapcatchallactivate nftmapcatchallactivate has an inverted element activity check compared to its non-catchall counterpart nftmapelemactivate and compared to what is logically...

7.8CVSS6.1AI score0.00344EPSS
Exploits7References3
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.14 views

Siemens RUGGEDCOM RST2428P Multiple Releases of Same Resource or Handle (CVE-2025-40261)

In the Linux kernel, the following vulnerability has been resolved: nvme: nvme-fc: Ensure -ioerrwork is cancelled in nvmefcdeletectrl nvmefcdeleteassocation waits for pending I/O to complete before returning, and an error can cause -ioerrwork to be queued after cancelworksync had been called. Mov...

5.9AI score0.00171EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/09 2:21 a.m.14 views

SUSE CVE-2026-46285

In the Linux kernel, the following vulnerability has been resolved: mtd: docg3: fix use-after-free in docg3release In docg3release, the docg3 pointer is obtained from cascade-floors0-priv before the loop that calls docreleasedevice on each floor. docreleasedevice frees the docg3 struct via...

5.5CVSS5.4AI score0.00126EPSS
Exploits0References3
OSV
OSV
added 2026/06/08 3:46 p.m.1 views

CVE-2026-46307 wifi: ath5k: do not access array OOB

In the Linux kernel, the following vulnerability has been resolved: wifi: ath5k: do not access array OOB Vincent reports: The ath5k driver seems to do an array-index-out-of-bounds access as shown by the UBSAN kernel message: UBSAN: array-index-out-of-bounds in...

8.3CVSS5.8AI score0.0022EPSS
Exploits0References11
Rows per page
Query Builder