31564 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-31728
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: gadget: uether: Fix race between getherdisconnect and ethstop A race condition between getherdisconnect and ethstop leads to a NULL pointer dereference...
CVE-2026-31749
A flaw was found in the niatmio16d driver within the Comedi Comedi is a collection of drivers for data acquisition equipment subsystem of the Linux kernel. This vulnerability occurs when an error during the driver's attach process causes the cleanup function atmio16ddetach to be called with...
CVE-2026-31736
A flaw was found in the Linux kernel's mtkppe Ethernet driver. When the gmac0 interface is disabled, a precheck for a valid ingress device can lead to a NULL pointer dereference. This vulnerability can cause a system crash, resulting in a Denial of Service DoS...
CVE-2026-31727
A flaw was found in the Linux kernel's USB gadget subsystem, specifically within the uether module. A local user can exploit this vulnerability by using a userspace tool to query a USB gadget interface during a specific detached state. This action can trigger a NULL pointer dereference, potential...
CVE-2026-31726
A flaw was found in the Linux kernel's USB Video Class UVC gadget driver. A race condition during power management PM transitions can cause a null pointer dereference. This occurs when the system attempts to access a deallocated gadget pointer, leading to a kernel panic. This vulnerability can be...
CVE-2026-31715
A flaw was found in the Linux kernel's Flash-Friendly File System f2fs. A use-after-free vulnerability exists due to incorrect handling of page counts during concurrent write operations and unmounting. This can lead to a NULL pointer dereference, causing the system to panic and resulting in a...
CVE-2026-43013
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: lag: Check for LAG device before creating debugfs mlx5lagdevaddmdev may return 0 success even when an error occurs that is handled gracefully. Consequently, the initialization flow proceeds to call mlx5ldevadddebugfs ev...
CVE-2026-31728
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uether: Fix race between getherdisconnect and ethstop A race condition between getherdisconnect and ethstop leads to a NULL pointer dereference. Specifically, if ethstop is triggered concurrently while getherdisconne...
CVE-2026-31727
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uether: Fix NULL pointer deref in ethgetdrvinfo Commit ec35c1969650 "usb: gadget: fncm: Fix netdevice lifecycle with devicemove" reparents the gadget device to /sys/devices/virtual during unbind, clearing the gadget...
CVE-2026-31727
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uether: Fix NULL pointer deref in ethgetdrvinfo Commit ec35c1969650 "usb: gadget: fncm: Fix netdevice lifecycle with devicemove" reparents the gadget device to /sys/devices/virtual during unbind, clearing the gadget...
CVE-2026-31715
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix UAF caused by decrementing sbi-nrpages in f2fswriteendio The xfstests case "generic/107" and syzbot have both reported a NULL pointer dereference. The concurrent scenario that triggers the panic is as follows:...
CLSA-2026-1776179858 Fix of 5 CVEs
SECURITY UPDATE: fix vulnerability in MSL coder - debian/patches/CVE-2026-25988.patch: fix vulnerability in MSL coder - CVE-2026-25988 SECURITY UPDATE: fix path traversal via policy bypass - debian/patches/CVE-2026-25965.patch: fix path traversal via policy bypass - CVE-2026-25965 SECURITY UPDATE...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a race condition between gether disconnect and ethstop in uether. This vulnerability may lead to...
CVE-2026-42478
CVE-2026-42478 affects OCCT (Open CASCADE Technology) at V8_0_0_rc5, specifically VrmlData_IndexedFaceSet::TShape. A crafted VRML file can trigger a dereference of a corrupt or unvalidated pointer during shape construction in libTKDEVRML.so, allowing a denial-of-service. Documented impact: high s...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a null pointer dereferencing during the unbinding process, potentially leading to kernel crashes...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the persistent cleaner in ksmbd, which reuses memory after release in ksmbdclosefd, potentially...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure to check the return value of the performance domain ID lookup. This vulnerability may lead ...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the usb cdns3 gadget driver not checking when the ep-desc pointer is null in the epqueue, which could result...
PT-2026-36460
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The AF ALG interface fails to unmark the end of a Scatter/Gather List SGL when chaining a new af alg tsgl structure. If the sendmsg function fills an SGL exactly to MAX SGL ENTS, the las...
CLSA-2026-1777567181 openssl: Fix of CVE-2026-28390
CVE-2026-28390: fix NULL pointer dereference in rsacmsdecrypt when CMS RSA-OAEP pSourceFunc is missing its parameter...