Lucene search
K

427 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-53247

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: ethernet: mtkethsoc: Fix use-after-free in metadata dst teardown mtkfreedev calls metadatadstfree which frees the metadatadst with kfree immediately,...

9.8CVSS6.1AI score0.00507EPSS
Exploits0References2
NVD
NVD
added 2026/06/25 9:16 a.m.7 views

CVE-2026-53247

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtkethsoc: Fix use-after-free in metadata dst teardown mtkfreedev calls metadatadstfree which frees the metadatadst with kfree immediately, bypassing the RCU grace period. In the RX path, skbdstsetnoref sets a...

9.8CVSS0.00507EPSS
Exploits0References5
OSV
OSV
added 2026/06/25 9:16 a.m.3 views

UBUNTU-CVE-2026-53247

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtkethsoc: Fix use-after-free in metadata dst teardown mtkfreedev calls metadatadstfree which frees the metadatadst with kfree immediately, bypassing the RCU grace period. In the RX path, skbdstsetnoref sets a...

9.8CVSS5.7AI score0.00507EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/06/25 8:39 a.m.3 views

CVE-2026-53247

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtkethsoc: Fix use-after-free in metadata dst teardown mtkfreedev calls metadatadstfree which frees the metadatadst with kfree immediately, bypassing the RCU grace period. In the RX path, skbdstsetnoref sets a...

5.7AI score0.00507EPSS
Exploits0References6Affected Software1
Debian CVE
Debian CVE
added 2026/06/25 8:39 a.m.5 views

CVE-2026-53247

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtkethsoc: Fix use-after-free in metadata dst teardown mtkfreedev calls metadatadstfree which frees the metadatadst with kfree immediately, bypassing the RCU grace period. In the RX path, skbdstsetnoref sets a...

9.8CVSS5.7AI score0.00507EPSS
Exploits0
EUVD
EUVD
added 2026/06/25 8:39 a.m.7 views

EUVD-2026-39198

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtkethsoc: Fix use-after-free in metadata dst teardown mtkfreedev calls metadatadstfree which frees the metadatadst with kfree immediately, bypassing the RCU grace period. In the RX path, skbdstsetnoref sets a...

5.7AI score0.00507EPSS
Exploits0References5
OSV
OSV
added 2026/06/25 8:39 a.m.2 views

CVE-2026-53247 net: ethernet: mtk_eth_soc: Fix use-after-free in metadata dst teardown

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtkethsoc: Fix use-after-free in metadata dst teardown mtkfreedev calls metadatadstfree which frees the metadatadst with kfree immediately, bypassing the RCU grace period. In the RX path, skbdstsetnoref sets a...

9.8CVSS5.8AI score0.00507EPSS
Exploits0References8
CVE
CVE
added 2026/06/25 8:39 a.m.18 views

CVE-2026-53247

CVE-2026-53247: Linux kernel MTK ethernet driver (mtk_eth_soc) fix for use-after-free in metadata_dst teardown. mtk_free_dev() previously called metadata_dst_free() (kfree’d immediately, bypassing RCU). In RX, skb_dst_set_noref() kept non-refcounted pointers to metadata_dst; freed memory could ra...

9.8CVSS5.7AI score0.00507EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.12 views

PT-2026-52342

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the mtk eth soc ethernet driver. The mtk free dev function calls metadata dst free, which uses kfree to immediately release metadata dst memory, bypassin...

9.8CVSS6.1AI score0.00507EPSS
Exploits0References19
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.10 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: media: mtk-mdp: A reference leak bug was fixed in mtkmdpremove. In mtkmdpprobe, vpugetplatdevice increases the reference count of the returned platform device. Add platformdeviceput to prevent reference leaks...

5.5CVSS5.7AI score0.00114EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/08 2:58 a.m.14 views

CVE-2026-11447

A security flaw has been discovered in GL.iNet GL-MT3000 up to 4.4.5. Impacted is the function iwinfobackend of the file iwinfo.so of the component MTK Backend. The manipulation of the argument device results in command injection. The attack can be executed remotely. The exploit has been released...

6.5CVSS6.2AI score0.01073EPSS
Exploits0References1
NVD
NVD
added 2026/06/07 2:16 a.m.15 views

CVE-2026-11447

A security flaw has been discovered in GL.iNet GL-MT3000 up to 4.4.5. Impacted is the function iwinfobackend of the file iwinfo.so of the component MTK Backend. The manipulation of the argument device results in command injection. The attack can be executed remotely. The exploit has been released...

6.5CVSS0.01073EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/07 1:15 a.m.8 views

CVE-2026-11447

A security flaw has been discovered in GL.iNet GL-MT3000 up to 4.4.5. Impacted is the function iwinfobackend of the file iwinfo.so of the component MTK Backend. The manipulation of the argument device results in command injection. The attack can be executed remotely. The exploit has been released...

6.5CVSS5.1AI score0.01073EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/06/07 1:15 a.m.27 views

CVE-2026-11447

Summary: CVE-2026-11447 affects GL.iNet GL-MT3000 (firmware up to 4.4.5), specifically the MTK Backend component’s file iwinfo.so and the function iwinfo_backend. By manipulating the device argument, an attacker can trigger a remote command injection , with exploitation reportedly public. The iss...

6.5CVSS6.2AI score0.01073EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/05 7:19 p.m.11 views

CVE-2026-49195

Unauthenticated Debug Service. The /sbin/mtkdut binary is exposed on TCP port 9000 without authentication, allowing any LAN-based attacker to execute arbitrary UCC commands...

8.8CVSS5.8AI score0.00215EPSS
Exploits0References1
OSV
OSV
added 2026/06/05 6:24 p.m.11 views

OPENSUSE-SU-2026:20912-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2023-20585: iommu/amd: Use maximum Event log buffer size when SNP is enabled on Family 0x19 bsc1243603. - CVE-2026-3150: bcache: fix cacheddev.sbbio use-after-free and...

9.8CVSS6.9AI score0.005EPSS
Exploits17References83
OSV
OSV
added 2026/06/05 5:10 p.m.4 views

SUSE-SU-2026:22087-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2023-20585: iommu/amd: Use maximum Event log buffer size when SNP is enabled on Family 0x19 bsc1243603. - CVE-2026-3150: bcache: fix cacheddev.sbbio use-after-free and...

9.8CVSS7.1AI score0.005EPSS
Exploits17References84
OSV
OSV
added 2026/06/05 4:14 p.m.4 views

SUSE-SU-2026:22076-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2023-20585: iommu/amd: Use maximum Event log buffer size when SNP is enabled on Family 0x19 bsc1243603. - CVE-2026-3150: bcache: fix cacheddev.sbbio use-after-free and...

9.8CVSS7.1AI score0.005EPSS
Exploits17References84
Tenable Nessus
Tenable Nessus
added 2026/06/03 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-46011

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: mtk-jpeg: fix use-after-free in release path due to uncancelled work The mtkjpegrelease function frees the context structure ctx without first cancelling...

7.8CVSS6.9AI score0.00125EPSS
Exploits0References2
NVD
NVD
added 2026/05/29 9:16 a.m.15 views

CVE-2026-49195

Unauthenticated Debug Service. The /sbin/mtkdut binary is exposed on TCP port 9000 without authentication, allowing any LAN-based attacker to execute arbitrary UCC commands...

8.8CVSS0.00215EPSS
Exploits0References1
Rows per page
Query Builder