Lucene search
K

11700 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/07/01 1:54 p.m.3 views

Security Bulletin: Vulnerability in nghttp2 library (CVE-2026-27135) affects Power HMC.

Summary The nghttp2 library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2026-27135 DESCRIPTION: nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. Prior to version 1.68.1, the nghttp2 library...

7.5CVSS7.1AI score0.00775EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/07/01 1:52 p.m.3 views

Security Bulletin: Vulnerabilities in kernel library (CVE-2025-68724, CVE-2026-31431) affect Power HMC.

Summary The kernel library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2025-68724 DESCRIPTION: In the Linux kernel, the following vulnerability has been resolved: crypto: asymmetrickeys - prevent overflow in...

7.8CVSS6.8AI score0.96267EPSS
Exploits230Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/01 1:32 p.m.6 views

CVE-2026-53340

In the Linux kernel, the following vulnerability has been resolved: i2c: imx: fix clock and pinctrl state inconsistency in runtime PM In i2cimxruntimesuspend, the clock is disabled before switching the pinctrl state to sleep. If pinctrlpmselectsleepstate fails, the runtime suspend is aborted but...

5.8AI score0.00154EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2026/07/01 1:32 p.m.8 views

CVE-2026-53340

In the Linux kernel, the following vulnerability has been resolved: i2c: imx: fix clock and pinctrl state inconsistency in runtime PM In i2cimxruntimesuspend, the clock is disabled before switching the pinctrl state to sleep. If pinctrlpmselectsleepstate fails, the runtime suspend is aborted but...

5.7AI score0.00154EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-53308

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - power: supply: max77705: Free allocated workqueue and fix removal order Use devm interface for allocating workqueue to fix two bugs at the same time: 1. Driver...

5.5CVSS6AI score0.001EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/29 9:39 p.m.28 views

CVE-2026-10647 Deadlock denial of service in USB CDC-NCM device class on TX enqueue failure

The USB CDC-NCM device class subsys/usb/devicenext/class/usbdcdcncm.c ignores the return value of usbdepenqueue in its ethernet transmit callback cdcncmsend. When the enqueue fails, the function still calls ksemtake&data-syncsem, KFOREVER, blocking on a completion semaphore that is only ever...

5.3CVSS0.00134EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/06/29 8:6 a.m.6 views

CVE-2026-53297

A flaw was found in the Linux kernel's mana network driver. This vulnerability occurs when the manaremove function is invoked a second time without proper checks after a power management PM resume failure and subsequent driver unbinding. A local attacker could exploit this double invocation to...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/06/28 1:9 a.m.8 views

SUSE CVE-2026-53297

In the Linux kernel, the following vulnerability has been resolved: net: mana: Guard manaremove against double invocation If PM resume fails e.g., manaattach returns an error, manaprobe calls manaremove, which tears down the device and sets gd-gdmacontext = NULL and gd-driverdata = NULL. However,...

5.8AI score0.00121EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/28 1:8 a.m.8 views

SUSE CVE-2026-53308

In the Linux kernel, the following vulnerability has been resolved: power: supply: max77705: Free allocated workqueue and fix removal order Use devm interface for allocating workqueue to fix two bugs at the same time: 1. Driver leaks the memory on remove, because the workqueue is not destroyed. 2...

5.8AI score0.001EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-53051

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PCI: tegra194: Fix CBB timeout caused by DBI access before core power-on When PERST is deasserted twice assert - deassert - assert - deassert, a CBB Control...

6.1AI score0.00175EPSS
Exploits0References3
NVD
NVD
added 2026/06/26 8:17 p.m.7 views

CVE-2026-53308

In the Linux kernel, the following vulnerability has been resolved: power: supply: max77705: Free allocated workqueue and fix removal order Use devm interface for allocating workqueue to fix two bugs at the same time: 1. Driver leaks the memory on remove, because the workqueue is not destroyed. 2...

5.5CVSS0.001EPSS
Exploits0References2
OSV
OSV
added 2026/06/26 8:17 p.m.4 views

UBUNTU-CVE-2026-53308

In the Linux kernel, the following vulnerability has been resolved: power: supply: max77705: Free allocated workqueue and fix removal order Use devm interface for allocating workqueue to fix two bugs at the same time: 1. Driver leaks the memory on remove, because the workqueue is not destroyed. 2...

5.5CVSS5.8AI score0.001EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/26 7:41 p.m.7 views

EUVD-2026-39843

In the Linux kernel, the following vulnerability has been resolved: power: supply: max77705: Free allocated workqueue and fix removal order Use devm interface for allocating workqueue to fix two bugs at the same time: 1. Driver leaks the memory on remove, because the workqueue is not destroyed. 2...

5.8AI score0.001EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/26 7:41 p.m.9 views

CVE-2026-53308

In the Linux kernel, the following vulnerability has been resolved: power: supply: max77705: Free allocated workqueue and fix removal order Use devm interface for allocating workqueue to fix two bugs at the same time: 1. Driver leaks the memory on remove, because the workqueue is not destroyed. 2...

5.5CVSS5.8AI score0.001EPSS
Exploits0
CVE
CVE
added 2026/06/26 7:41 p.m.14 views

CVE-2026-53308

The CVE-2026-53308 issue concerns the Linux kernel max77705 power supply driver. The root cause is improper management of a workqueue and interrupt handlers during device removal, which could lead to use-after-free of memory after the workqueue is destroyed but before the interrupt is freed via t...

5.5CVSS5.8AI score0.001EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/26 7:41 p.m.4 views

CVE-2026-53308 power: supply: max77705: Free allocated workqueue and fix removal order

In the Linux kernel, the following vulnerability has been resolved: power: supply: max77705: Free allocated workqueue and fix removal order Use devm interface for allocating workqueue to fix two bugs at the same time: 1. Driver leaks the memory on remove, because the workqueue is not destroyed. 2...

5.5CVSS5.8AI score0.001EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/26 11:50 a.m.8 views

CVE-2026-53056

A flaw was found in the Linux kernel's Display Processing Unit DPU driver. During DPU runtime suspend, a mismatch can occur between the power rail voltage and the core clock frequency. This happens when the power management attempts to drop the voltage while the clock remains at its highest rate...

5.8AI score0.0018EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.11 views

PT-2026-52947

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak and a use-after-free issue exist in the max77705 power supply driver. The driver fails to destroy the allocated workqueue during the remove process, leading to memory...

5.5CVSS5.8AI score0.001EPSS
Exploits0References16
NVD
NVD
added 2026/06/25 7:16 p.m.10 views

CVE-2026-4930

SYMCRYPTO is the SiXG301's host side hardware engine accessed by PSA crypto library that accelerates symmetric cryptographic operations AES encryption/decryption and hashing. DPA Countermeasures on SYMCRYPTO can be weakened reduced entropy by forcing certain seed values if an attacker gains code...

7.1CVSS0.00101EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/25 6:39 p.m.35 views

CVE-2026-4930 DPA Countermeasures weakening on Series 3 devices

SYMCRYPTO is the SiXG301's host side hardware engine accessed by PSA crypto library that accelerates symmetric cryptographic operations AES encryption/decryption and hashing. DPA Countermeasures on SYMCRYPTO can be weakened reduced entropy by forcing certain seed values if an attacker gains code...

7.1CVSS0.00101EPSS
Exploits0References1
Rows per page
Query Builder