1245 matches found
CVE-2026-23248 perf/core: Fix refcount bug and potential UAF in perf_mmap
In the Linux kernel, the following vulnerability has been resolved: perf/core: Fix refcount bug and potential UAF in perfmmap Syzkaller reported a refcountt: addition on 0; use-after-free warning in perfmmap. The issue is caused by a race condition between a failing mmap setup and a concurrent mm...
CVE-2026-23248
CVE-2026-23248 affects the Linux kernel perf/core component, specifically the perf_mmap path that initializes a ring_buffer. The issue is a race between a failing mmap() setup and a concurrent mmap() on a dependent event (e.g., due to output redirection). The ring_buffer pointer (event->rb) is...
CVE-2026-23248
In the Linux kernel, the following vulnerability has been resolved: perf/core: Fix refcount bug and potential UAF in perfmmap Syzkaller reported a refcountt: addition on 0; use-after-free warning in perfmmap. The issue is caused by a race condition between a failing mmap setup and a concurrent mm...
CVE-2026-23248
In the Linux kernel, the following vulnerability has been resolved: perf/core: Fix refcount bug and potential UAF in perfmmap Syzkaller reported a refcountt: addition on 0; use-after-free warning in perfmmap. The issue is caused by a race condition between a failing mmap setup and a concurrent mm...
CVE-2026-23248 perf/core: Fix refcount bug and potential UAF in perf_mmap
In the Linux kernel, the following vulnerability has been resolved: perf/core: Fix refcount bug and potential UAF in perfmmap Syzkaller reported a refcountt: addition on 0; use-after-free warning in perfmmap. The issue is caused by a race condition between a failing mmap setup and a concurrent mm...
Linux Distros Unpatched Vulnerability : CVE-2026-23248
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - perf/core: Fix refcount bug and potential UAF in perfmmap Syzkaller reported a refcountt: addition on 0; use-after-free warning in perfmmap. The issue is caused...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a race condition in the perfmmap function. This condition may lead to improper reuse after...
kernel: Linux kernel: Denial of Service due to a deadlock in hugetlb folio migration
A flaw was found in the Linux kernel. A local attacker could exploit a deadlock vulnerability due to incorrect lock ordering between foliolock and immaprwsem when migrating hugetlb file-backed folios. This could lead to hung tasks and potential system-wide stalls, resulting in a Denial of Service...
SUSE CVE-2026-23127
In the Linux kernel, the following vulnerability has been resolved: perf: Fix refcount warning on event-mmapcount increment When calling refcountinc&event-mmapcount inside perfmmaprb, the following warning is triggered: refcountt: addition on 0; use-after-free. WARNING: lib/refcount.c:25 PoC:...
CVE-2025-71201
A race condition flaw was found in the Linux kernel's netfs subsystem. In the netfsreadunlockfolios function, a folio memory page may be unlocked prematurely before the ZERO subrequest completes clearing the tail portion of the page beyond the end-of-file. This allows an application using mmap to...
SUSE CVE-2026-23199
In the Linux kernel, the following vulnerability has been resolved: procfs: avoid fetching build ID while holding VMA lock Fix PROCMAPQUERY to fetch optional build ID only after dropping mmaplock or per-VMA lock, whichever was used to lock VMA under question, to avoid deadlock reported by syzbot:...
Linux Distros Unpatched Vulnerability : CVE-2026-23127
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: perf: Fix refcount warning on event-mmapcount increment When calling...
CVE-2026-23199
In the Linux kernel, the following vulnerability has been resolved: procfs: avoid fetching build ID while holding VMA lock Fix PROCMAPQUERY to fetch optional build ID only after dropping mmaplock or per-VMA lock, whichever was used to lock VMA under question, to avoid deadlock reported by syzbot:...
CVE-2026-23199
In the Linux kernel, the following vulnerability has been resolved: procfs: avoid fetching build ID while holding VMA lock Fix PROCMAPQUERY to fetch optional build ID only after dropping mmaplock or per-VMA lock, whichever was used to lock VMA under question, to avoid deadlock reported by syzbot:...
UBUNTU-CVE-2026-23199
In the Linux kernel, the following vulnerability has been resolved: procfs: avoid fetching build ID while holding VMA lock Fix PROCMAPQUERY to fetch optional build ID only after dropping mmaplock or per-VMA lock, whichever was used to lock VMA under question, to avoid deadlock reported by syzbot:...
CVE-2026-23199
In the Linux kernel, the following vulnerability has been resolved: procfs: avoid fetching build ID while holding VMA lock Fix PROCMAPQUERY to fetch optional build ID only after dropping mmaplock or per-VMA lock, whichever was used to lock VMA under question, to avoid deadlock reported by syzbot:...
EUVD-2026-5848
In the Linux kernel, the following vulnerability has been resolved: procfs: avoid fetching build ID while holding VMA lock Fix PROCMAPQUERY to fetch optional build ID only after dropping mmaplock or per-VMA lock, whichever was used to lock VMA under question, to avoid deadlock reported by syzbot:...
CVE-2026-23199 procfs: avoid fetching build ID while holding VMA lock
In the Linux kernel, the following vulnerability has been resolved: procfs: avoid fetching build ID while holding VMA lock Fix PROCMAPQUERY to fetch optional build ID only after dropping mmaplock or per-VMA lock, whichever was used to lock VMA under question, to avoid deadlock reported by syzbot:...
UBUNTU-CVE-2025-71201
In the Linux kernel, the following vulnerability has been resolved: netfs: Fix early read unlock of page with EOF in middle The read result collection for buffered reads seems to run ahead of the completion of subrequests under some circumstances, as can be seen in the following log snippet:...
CVE-2025-71201
CVE-2025-71201 concerns the Linux kernel netfs subsystem, specifically a race/logic issue in buffered reads where read results could be collected beyond the intended EOF due to an end-check that used the file end rather than the folio end. The vulnerability manifests during asynchronous subreques...