CVE-2026-23413

A flaw was found in the Linux kernel's clsact qdisc. This use-after-free vulnerability occurs due to an asymmetry in the initialization and destruction rollback process. When a replacement clsact qdisc instance fails during initialization, the destroy callback is triggered without properly...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the delayed memory release by netfilter BPF, potentially leading to reused memory after release...

ROS-20260323-73-0005

A vulnerability in the pagepoolrecycleinring function of the Linux operating system kernel is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260317-73-0025

A vulnerability in the cryptmessage function in the fs/smb/client/smb2ops.c module of the SMB client support module of the Linux kernel is related to the reuse of previously freed memory. Exploitation of the vulnerability may allow an intruder to affect confidentiality, integrity and availability...

ROS-20260317-73-0017

A vulnerability in the qfqaggregate function of the Linux operating system kernel is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Google Chrome TextEncoding Resource Management Error Vulnerability

Google Chrome is a free web browser developed by Google Inc. A security vulnerability exists in Google Chrome TextEncoding, which originates from re-referencing or using freed memory, and can be exploited by remote attackers to execute arbitrary code...

Use After Free

Overview Affected versions of this package are vulnerable to Use After Free in smb.c, which may reuse already freed memory from a previous SMB connection request. The window of opportunity to exploit this is small, and the region of memory exposed is small and out of the attacker's control...

ImageMagick 资源管理错误漏洞

ImageMagick is a set of open-source image processing software developed by the ImageMagick project. It can read, convert, and write images in various formats. Versions of ImageMagick prior to 7.1.2-16 and 6.9.13-41 contained a resource management vulnerability. This vulnerability stemmed from the...

Google Chrome 资源管理错误漏洞

Google Chrome is a free web browser developed by Google Inc. A security vulnerability exists in Google Chrome Agents, which originates from re-referencing or using freed memory and can be exploited by remote attackers to execute arbitrary code...

Google Chrome 资源管理错误漏洞

Google Chrome is a free web browser developed by Google Inc. A security vulnerability exists in Google Chrome WebMCP, which originates from re-referencing or using freed memory, and can be exploited by remote attackers to execute arbitrary code...

ImageMagick 资源管理错误漏洞

ImageMagick is a set of open-source image processing software developed by the ImageMagick project. It can read, convert, and write images in various formats. Versions of ImageMagick prior to 7.1.2-16 and 6.9.13-41 contained a resource management vulnerability. This vulnerability stemmed from the...

Google Chrome 资源管理错误漏洞

Google Chrome is a free web browser developed by Google Inc. A security vulnerability exists in Google Chrome TextEncoding, which originates from re-referencing or using freed memory, and can be exploited by remote attackers to execute arbitrary code...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the f2fswriteendio function’s issue of reusing memory after it has been released...

Google Android 安全漏洞

Google Android is an open-source operating system based on Linux, developed by Google Inc. There are security vulnerabilities in Google Android, which stem from the smmudetachdev function’s ability to re-use memory after it is released. This can lead to out-of-bound writing and local privilege...

FreeRDP 安全漏洞

FreeRDP is an open-source RDP protocol implementation developed by the FreeRDP team. Versions of FreeRDP prior to 3.23.0 contained security vulnerabilities. These vulnerabilities stemmed from the xfclipboardformatequal function, which allowed reusing of freed memory after it was released...

Mozilla多款产品 安全漏洞

Mozilla Firefox, among others, are products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Firefox ESR is a extended support version of Firefox the web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla...

kernel: Linux kernel: Data corruption and system instability due to improper io_uring/net buffer handling

A flaw was found in the Linux kernel's iouring/net component. This vulnerability arises when ring provided buffers are partially committed during network operations, particularly when MSGWAITALL is enabled or with streaming sockets. A local attacker could exploit this by causing multiple socket...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the iscsitdecsessionusagecount function’s ability to reuse memory after it has been released,...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the reuse of memory after cgroups and dmem are released, potentially leading to memory corruption...

lrzip 资源管理错误漏洞

lrzip is a compression utility personally developed by Con Kolivas. Versions of lrzip prior to 0.651 contained a resource management vulnerability, which stemmed from the use of the lzmadecompressbuf function, where memory was reclaimed and then reused...