Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2026/06/25 6:1 p.m.6 views

CVE-2026-53115

A flaw was found in the Linux kernel's fsl-mc bus driver. During the driver probing process, a Use-After-Free UAF vulnerability can occur because the match callback accesses the driveroverride field without proper locking. This can lead to system instability or potentially allow an attacker to...

5.5CVSS6.1AI score0.00157EPSS
Exploits0References4
OSV
OSV
added 2026/06/24 4:30 p.m.3 views

CVE-2026-53119 platform/wmi: use generic driver_override infrastructure

In the Linux kernel, the following vulnerability has been resolved: platform/wmi: use generic driveroverride infrastructure When a driver is probed through driverattach, the bus' match callback is called without the device lock held, thus accessing the driveroverride field without a lock, which c...

5.8AI score0.00157EPSS
Exploits0References7
OSV
OSV
added 2026/06/24 4:30 p.m.4 views

CVE-2026-53115 bus: fsl-mc: use generic driver_override infrastructure

In the Linux kernel, the following vulnerability has been resolved: bus: fsl-mc: use generic driveroverride infrastructure When a driver is probed through driverattach, the bus' match callback is called without the device lock held, thus accessing the driveroverride field without a lock, which ca...

5.8AI score0.00157EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.8 views

PT-2026-52014

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Use-After-Free UAF issue exists in the PCI subsystem. When a driver is probed via the driver attach function, the bus match callback is executed without holding the device lock. This...

5.9AI score0.00157EPSS
Exploits0References15
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.9 views

PT-2026-52013

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Use-After-Free UAF issue exists in the platform/wmi component. When a driver is probed via the driver attach function, the bus match callback is executed without holding the device loc...

5.9AI score0.00157EPSS
Exploits0References16
NVD
NVD
added 2026/04/22 2:16 p.m.6 views

CVE-2026-31527

In the Linux kernel, the following vulnerability has been resolved: driver core: platform: use generic driveroverride infrastructure When a driver is probed through driverattach, the bus' match callback is called without the device lock held, thus accessing the driveroverride field without a lock...

7.8CVSS0.00129EPSS
Exploits0References5
OSV
OSV
added 2026/04/22 1:54 p.m.1 views

CVE-2026-31527 driver core: platform: use generic driver_override infrastructure

In the Linux kernel, the following vulnerability has been resolved: driver core: platform: use generic driveroverride infrastructure When a driver is probed through driverattach, the bus' match callback is called without the device lock held, thus accessing the driveroverride field without a lock...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References8
CVE
CVE
added 2026/04/22 1:54 p.m.18 views

CVE-2026-31487

The CVE concerns the Linux kernel SPI subsystem. A flaw arises when a driver is probed via __driver_attach(): the bus match() callback is invoked without holding the device lock, allowing access to the driver_override field without proper synchronization, creating a use-after-free (UAF) risk. The...

5.5CVSS5.6AI score0.00094EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.13 views

PT-2026-34392

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Use-After-Free UAF issue exists in the SPI subsystem. When a driver is probed via the driver attach function, the bus match callback is executed without holding the device lock. This...

7.8CVSS5.7AI score0.00132EPSS
Exploits0References119
Positive Technologies
Positive Technologies
added 2017/06/06 12:0 a.m.16 views

PT-2017-18938

Name of the Vulnerable Software and Affected Versions YARA version 3.6.1 Description The issue allows remote attackers to cause a denial of service or obtain sensitive information from process memory via a crafted file. This is due to the mishandling of the file in the yr re fast exec function in...

9.1CVSS6.9AI score0.02996EPSS
Exploits12References27
Rows per page
Query Builder