1091 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-53222
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ptp: ocp: fix resource freeing order Commit a60fc3294a37 ptp: rework ptpclockunregister to disable events added a call to ptpdisableallevents which changes the...
CVE-2026-52971
A flaw was found in the Linux kernel's Elastic Network Adapter ENA driver, specifically within the Precision Time Protocol Hardware Clock PHC timestamp retrieval function. A race condition exists where the gettimestamp function could attempt to access memory that has already been freed by the...
CVE-2026-53222
In the Linux kernel, CVE-2026-53222 relates to the ptp: ocp driver. The root cause was use-after-free during driver removal caused by freeing resources in ptp_ocp_detach() before ptp_clock_unregister(), after a change that disables events via ptp_disable_all_events(). The fix changes the free/unr...
CVE-2026-53222
In the Linux kernel, the following vulnerability has been resolved: ptp: ocp: fix resource freeing order Commit a60fc3294a37 "ptp: rework ptpclockunregister to disable events" added a call to ptpdisableallevents which changes the configuration of pins if they support EXTTS events. In ptpocpdetach...
PT-2026-52317
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists during driver removal in the Precision Time Protocol PTP OCP implementation. The ptp ocp detach function frees pin resources before calling ptp clock...
EUVD-2026-38839
In the Linux kernel, the following vulnerability has been resolved: net: ena: PHC: Fix potential use-after-free in gettimestamp Move the phc-active check and resp pointer assignment to after acquiring the spinlock. Previously, phc-active was checked without holding the lock, and resp was cached...
CVE-2026-52971
In the Linux kernel, the following vulnerability has been resolved: net: ena: PHC: Fix potential use-after-free in gettimestamp Move the phc-active check and resp pointer assignment to after acquiring the spinlock. Previously, phc-active was checked without holding the lock, and resp was cached...
CVE-2026-52971 net: ena: PHC: Fix potential use-after-free in get_timestamp
In the Linux kernel, the following vulnerability has been resolved: net: ena: PHC: Fix potential use-after-free in gettimestamp Move the phc-active check and resp pointer assignment to after acquiring the spinlock. Previously, phc-active was checked without holding the lock, and resp was cached...
CVE-2026-52971
In the Linux kernel, the following vulnerability has been resolved: net: ena: PHC: Fix potential use-after-free in gettimestamp Move the phc-active check and resp pointer assignment to after acquiring the spinlock. Previously, phc-active was checked without holding the lock, and resp was cached...
CVE-2026-52971 net: ena: PHC: Fix potential use-after-free in get_timestamp
In the Linux kernel, the following vulnerability has been resolved: net: ena: PHC: Fix potential use-after-free in gettimestamp Move the phc-active check and resp pointer assignment to after acquiring the spinlock. Previously, phc-active was checked without holding the lock, and resp was cached...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: net: stmmac – ensure that ptprate is not set to 0 before configuring EST. If the value of ptprate, which was previously recorded in the driver, happens to be 0, this invalid value will be propagated up to the EST configuration,...
Oracle Linux 9 : kernel (ELSA-2026-19225)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-19225 advisory. - xfrm: esp: avoid in-place decrypt on shared skb frags Sabrina Dubroca RHEL-174563 CVE-2026-43284 - crypto: authencesn - Do not place hiseq at end of...
CVE-2026-49762
A flaw was found in the Elixir standard library's Version module. A remote attacker can exploit this uncontrolled resource consumption vulnerability by providing a specially crafted, excessively long version string. This malicious input forces the system to perform a super-linear,...
Can Open-Source LLM Agents Replace Static Application Security Testing Tools? an Empirical Assessment
This paper explores the value of agentic AI tools for cybersecurity purposes. We evaluate the efficacy of a general-purpose GenAI Large Language Model- GenAI- based agent when powered by three different Ollama-hosted general-purpose open source models. We assess each agent's performance using...
AlmaLinux 10 : kernel (ALSA-2026:18134)
The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:18134 advisory. kernel: tcpbpf: Fix the skmemuncharge logic in tcpbpfsendmsg CVE-2024-56633 kernel: KVM: x86: Load DR6 with guest value only before entering .vcpurun lo...
CVE-2020-25900
HelloTalk through 3.4.1 stores full-precision GPS coordinates even when the user had intended to share only a country or city. Furthermore, these coordinates are placed into a database on the client of other users. The client side was changed in 2019 to encrypt that database...
kernel: Linux kernel: Denial of Service in ice driver due to race condition during VSI rebuild
A flaw was found in the Linux kernel's ice network driver. A local attacker could exploit a race condition during the Virtual Station Interface VSI rebuild process. This flaw occurs when the Precision Time Protocol PTP periodic work attempts to access uninitialized memory, leading to a NULL point...
High-Precision APT Malware Attribution with Out-Of-Scope Resilience
Early attribution of Advanced Persistent Threat APT activity can help defenders prioritise investigation, select countermeasures, and reduce the impact of an intrusion. Malware provides useful attribution evidence, but automated APT malware attribution remains difficult in practice. Existing...
kernel: Linux kernel: Denial of Service in ice driver due to race condition during VSI rebuild
A flaw was found in the Linux kernel's ice network driver. A local attacker could exploit a race condition during the Virtual Station Interface VSI rebuild process. This flaw occurs when the Precision Time Protocol PTP periodic work attempts to access uninitialized memory, leading to a NULL point...
CVE-2026-5072
A bitwise shift vulnerability in Zephyr's PTP subsystem allows a remote attacker to cause undefined behavior and potential system crashes. An attacker sends a crafted PTPMSGMANAGEMENT message to set an unvalidated negative logannounceinterval value in the port's data set. When a subsequent...