CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 5 days ago•7 views

CVE-2026-46267

In the Linux kernel, the following vulnerability has been resolved: nfc: hci: shdlc: Stop timers and work before freeing context llcshdlcdeinit purges SHDLC skb queues and frees the llcshdlc structure while its timers and state machine work may still be active. Timer callbacks can schedule smwork...

0.00024EPSS

Exploits0References7

Cvelist•added 5 days ago•32 views

CVE-2026-46267 nfc: hci: shdlc: Stop timers and work before freeing context

0.00024EPSS

Exploits0References7

OSV•added 2026/05/30 9:9 a.m.•5 views

CLSA-2026-1780132171 Fix of 25 CVEs

CVE-2025-68724 - crypto: asymmetrickeys - prevent overflow in asymmetrickeygenerateid CVE-2025-68724 CVE-2025-71196 - phy: stm32-usphyc: Fix off by one in probe CVE-2025-71196 CVE-2026-23033 - dmaengine: omap-dma: fix dmapool resource leak in error paths CVE-2026-23033 CVE-2026-23049 -...

9.8CVSS5.9AI score0.00076EPSS

Tenable Nessus•added 2026/05/25 12:0 a.m.•20 views

Ubuntu Pro FIPS-updates 24.04 LTS : Linux kernel (FIPS) vulnerabilities (USN-8296-1)

The remote Ubuntu Pro FIPS-updates 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8296-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...

9.8CVSS6.8AI score0.00146EPSS

Exploits0References190

Tenable Nessus•added 2026/05/25 12:0 a.m.•11 views

Ubuntu 20.04 LTS : Linux kernel (GCP) vulnerabilities (USN-8297-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8297-1 advisory. Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission chec...

9.8CVSS7.1AI score0.9239EPSS

Exploits13References84

AstraLinux•added 2026/05/20 5:53 a.m.•6 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: Fixed use-after-free bugs caused by pn532CmdTimeout. When the pn532 UART device is detached, the pn532uartRemove function is called. However, there are no functions in pn532uartRemove that can delete the cmdTimeout...

7.8CVSS6AI score0.00067EPSS

5.5CVSS6.1AI score0.00012EPSS

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: NFC: st21nfca – A memory leak was fixed in the device probe, and the phy-pendingskb variable was properly freed after allocation. However, it was forgotten to be freed during the error handling and removal processes, resulting in...

7.8CVSS6.2AI score0.00064EPSS

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: nfc: st-nci: Fixed a use-after-free bug in ndlcremove due to a race condition. This bug affects both stncii2cremove and stncispiremove. Take stncii2cremove as an example. In stncii2cprobe, it calls ndlcprobe and binds &ndlc-smwor...

AstraLinux•added 2026/05/20 5:53 a.m.•4 views

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: NFC: port100: fixed a use-after-free in port100sendcomplete. Syzbot reported a UAF in port100sendcomplete. The root cause is the missing calls to usbkillurb in the error handling path of the -probe function. port100sendcomplet...

5.5CVSS6.4AI score0.00021EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•6 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: nfc: virtualncidev: Fixed a memory leak in virtualncisend The skb object should be freed in virtualncisend; otherwise, kmemleak will report a memleak. Steps for reproduction simulated in qemu: cd tools/testing/selftests/nci make...

5.7AI score0.0002EPSS

7.8CVSS6.1AI score0.0002EPSS

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: nfc: nci: added flushworkqueue to prevent UAF. Our detector identified a bug caused by concurrent use-after-free when detaching a NCI device. The main reason for this bug is the unexpected scheduling between the delayed mechanism...

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: Clear nfctarget before being used A slab-out-of-bounds read occurred in nlaput, called from nfcgenlsendtarget. This issue arises when target-sensbreslen is too large; this value is duplicated from an nfctarget in pn53...

5.8AI score0.00061EPSS

5.5CVSS6.4AI score0.00023EPSS

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: nfc: nci: Fixed an uninitialized value in ncidevup and ncintfpacket. syzbot reported the following uninitialized value access issue 12: The function ncirxwork parses and processes received packets. When the payload length is...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: nfc: Fixed potential resource leaks nfcgetdevice now takes a reference to the device and adds it; nfcputdevice is added to release it when no longer needed. Additionally, the warning message was corrected by using the error co...

6AI score0.00029EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•4 views

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: nfc: nci: Added parameter validation for packet data. Syzbot reported a bug involving uninitialized values in nciinitreq. This bug was introduced through the commit 5aca7966d2a7 “Merge tag...

5.8AI score0.00063EPSS

5.5CVSS6.1AI score0.00063EPSS

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: Proper initialization of the struct pn533outarg structure. The struct pn533outarg, which serves as a temporary context for outurb, is not initialized properly. Its uninitialized ‘phy’ field can be dereferenced in erro...

7.1CVSS6.5AI score0.00014EPSS

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: nfc: llcp: fixed unsafe copies in nfcllcpsetsockopt syzbot reported unsafe calls to copyfromsockptr 1 Use copysafefromsockptr instead. 1 BUG: KASAN: out-of-bounds access in copyfromsockptroffset include/linux/sockptr.h:49 inli...

5.5CVSS6.6AI score0.00009EPSS

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel before version 6.5.9, there is a NULL pointer dereferencing in the sendacknowledge function in net/nfc/nci/spi.c...