Lucene search
+L

188 matches found

nessus
nessus
added 2026/06/28 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-52971

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: ena: PHC: Fix potential use-after-free in gettimestamp Move the phc-active check and resp pointer assignment to after acquiring the spinlock. Previously,...

7.8CVSS6.1AI score0.00133EPSS
Exploits0References3
attackerkb
attackerkb
added 2026/06/26 7:40 p.m.6 views

CVE-2026-53303

In the Linux kernel, the following vulnerability has been resolved: f2fs: protect extensionlist reading with sblock in f2fssbishow In f2fssbishow, the extensionlist, extensioncount and hotextcount are read without holding sbi-sblock. If a concurrent sysfs store modifies the extension list via...

5.7AI score0.00126EPSS
Exploits0References7Affected Software1
nvd
nvd
added 2026/06/25 9:16 a.m.9 views

CVE-2026-53265

In the Linux kernel, the following vulnerability has been resolved: dm cache policy smq: check allocation under invalidate lock commit 2d1f7b65f5de "dm cache policy smq: fix missing locks in invalidating cache blocks" added mq-lock around the destructive part of smqinvalidatemapping, but left the...

7.8CVSS0.00129EPSS
Exploits0References8
ptsecurity
ptsecurity
added 2026/06/25 12:0 a.m.9 views

PT-2026-52256

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free race condition exists in the fastrpc map create function. The fastrpc map lookup function returns a raw pointer after releasing the fl-lock. Subsequently, fastrpc map...

7.8CVSS5.9AI score0.00125EPSS
Exploits0References20
nvd
nvd
added 2026/06/24 5:17 p.m.5 views

CVE-2026-53072

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix locking in hciconnrequestevt with HCIPROTODEFER When protocol sets HCIPROTODEFER, hciconnrequestevt calls hciconnectcfmconn without hdev-lock. Generally hciconnectcfm assumes it is held, and if conn is deleted...

8.8CVSS0.00247EPSS
Exploits0References8
astralinux
astralinux
added 2026/06/24 3:11 p.m.10 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: net: mscc: ocelot: added missing lock protection in ocelotportxmitinj The ocelotportxmitinj function calls ocelotcaninject and ocelotportinjectframe without holding the injection group lock. Both functions contain...

5.5CVSS5.8AI score0.00136EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: A use-after-free issue was fixed in ksmbdsessionrpcopen. A UAF Use-After-Free issue may occur due to a race condition between ksmbdsessionrpcopen and sessionrpcclose. Adding rpclock to the session can help protect it fr...

7.8CVSS6.3AI score0.00195EPSS
Exploits0References4
astralinux
astralinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ALSA: aloop – Fixedracy access during PCM trigger events The PCM trigger callback of the aloop driver attempts to check the PCM state and stop the stream of the tied substream in the corresponding cable. Since both the check and...

7.8CVSS6.1AI score0.00113EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/06/15 12:0 a.m.24 views

PT-2026-49241

Name of the Vulnerable Software and Affected Versions Zephyr versions prior to 4.4.1 Description The native TCP stack contains a use-after-free flaw when iterating the global connection list in the net tcp foreach function. The issue occurs because the function releases the tcp lock while invokin...

5.3CVSS6AI score0.00274EPSS
Exploits1References4
debiancve
debiancve
added 2026/05/28 9:35 a.m.23 views

CVE-2026-46121

In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs-schemes: protect memcgpath kfree with damonsysfslock Patch series "mm/damon/sysfs-schemes: fix use-after-free for memcgpath". Reads of 'memcgpath' and 'path' files in DAMON sysfs interface could race with their...

7.8CVSS5.8AI score0.00125EPSS
Exploits0
cvelist
cvelist
added 2026/05/28 9:35 a.m.39 views

CVE-2026-46121 mm/damon/sysfs-schemes: protect memcg_path kfree() with damon_sysfs_lock

In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs-schemes: protect memcgpath kfree with damonsysfslock Patch series "mm/damon/sysfs-schemes: fix use-after-free for memcgpath". Reads of 'memcgpath' and 'path' files in DAMON sysfs interface could race with their...

0.00125EPSS
Exploits0References5
redhatcve
redhatcve
added 2026/05/28 5:3 a.m.11 views

CVE-2026-45849

A flaw was found in the Linux kernel's network component, specifically within the mscc: ocelot driver. The system failed to properly secure access to shared resources during network packet injection, leading to a missing lock protection vulnerability. This oversight could allow a local attacker t...

5.5CVSS5.8AI score0.00136EPSS
Exploits0References4
susecve
susecve
added 2026/05/28 3:57 a.m.16 views

SUSE CVE-2026-45849

In the Linux kernel, the following vulnerability has been resolved: net: mscc: ocelot: add missing lock protection in ocelotportxmitinj ocelotportxmitinj calls ocelotcaninject and ocelotportinjectframe without holding the injection group lock. Both functions contain lockdepassertheld for the...

5.8AI score0.00136EPSS
Exploits0References3
euvd
euvd
added 2026/05/27 3:33 p.m.13 views

EUVD-2026-32315

In the Linux kernel, the following vulnerability has been resolved: net: mscc: ocelot: add missing lock protection in ocelotportxmitinj ocelotportxmitinj calls ocelotcaninject and ocelotportinjectframe without holding the injection group lock. Both functions contain lockdepassertheld for the...

5.8AI score0.00136EPSS
Exploits0References7
nvd
nvd
added 2026/05/27 2:16 p.m.11 views

CVE-2026-45849

In the Linux kernel, the following vulnerability has been resolved: net: mscc: ocelot: add missing lock protection in ocelotportxmitinj ocelotportxmitinj calls ocelotcaninject and ocelotportinjectframe without holding the injection group lock. Both functions contain lockdepassertheld for the...

5.5CVSS0.00136EPSS
Exploits0References6
euvd
euvd
added 2026/05/27 12:57 p.m.15 views

EUVD-2026-32438

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: fix potential UAF in SSP passkey handlers hciconn lookup and field access must be covered by hdev lock in hciuserpasskeynotifyevt and hcikeypressnotifyevt, otherwise the connection can be freed concurrently...

5.8AI score0.00262EPSS
Exploits0References5
cve
cve
added 2026/05/27 12:15 p.m.26 views

CVE-2026-45849

The CVE-2026-45849 issue affects the Linux kernel’s mscc: ocelot network driver. The vulnerability occurred because ocelot_port_xmit_inj() invoked ocelot_can_inject() and ocelot_port_inject_frame() without holding the injection group lock, despite lockdep_assert_held() checks in those functions. ...

5.5CVSS5.8AI score0.00136EPSS
Exploits0References6Affected Software1
cvelist
cvelist
added 2026/05/27 12:15 p.m.42 views

CVE-2026-45849 net: mscc: ocelot: add missing lock protection in ocelot_port_xmit_inj()

In the Linux kernel, the following vulnerability has been resolved: net: mscc: ocelot: add missing lock protection in ocelotportxmitinj ocelotportxmitinj calls ocelotcaninject and ocelotportinjectframe without holding the injection group lock. Both functions contain lockdepassertheld for the...

0.00136EPSS
Exploits0References6
debiancve
debiancve
added 2026/05/27 12:15 p.m.14 views

CVE-2026-45849

In the Linux kernel, the following vulnerability has been resolved: net: mscc: ocelot: add missing lock protection in ocelotportxmitinj ocelotportxmitinj calls ocelotcaninject and ocelotportinjectframe without holding the injection group lock. Both functions contain lockdepassertheld for the...

5.5CVSS5.7AI score0.00136EPSS
Exploits0
osv
osv
added 2026/05/27 12:15 p.m.3 views

CVE-2026-45849 net: mscc: ocelot: add missing lock protection in ocelot_port_xmit_inj()

In the Linux kernel, the following vulnerability has been resolved: net: mscc: ocelot: add missing lock protection in ocelotportxmitinj ocelotportxmitinj calls ocelotcaninject and ocelotportinjectframe without holding the injection group lock. Both functions contain lockdepassertheld for the...

5.5CVSS5.9AI score0.00136EPSS
Exploits0References9
Rows per page
Query Builder