Lucene search
+L

154 matches found

Microsoft CVE
Microsoft CVE
added 2026/06/27 8:18 a.m.8 views

net: qrtr: fix refcount saturation and potential UAF in qrtr_port_remove

...

9.8CVSS5.8AI score0.00135EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/25 11:28 p.m.6 views

CVE-2026-52947

A flaw was found in the Linux kernel's qrtr network subsystem. A race condition exists in the qrtrportremove function where the socket reference count is decremented prematurely. This allows a concurrent reader to access a socket whose reference count has dropped to zero, potentially leading to a...

7.8CVSS5.8AI score0.00135EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.15 views

Linux Distros Unpatched Vulnerability : CVE-2026-52947

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: qrtr: fix refcount saturation and potential UAF in qrtrportremove In qrtrportremove, the socket reference count is decremented via sockput before the port ...

7.8CVSS6AI score0.00135EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2026/06/25 12:0 a.m.3 views

The vulnerability of the __radix_tree_create() function in the net/qrtr/af_qrtr.c module of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the radixtreecreate function in the net/qrtr/afqrtr.c module of the Linux operating system is related to the failure to release resources after the expiration of their useful life. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References13Affected Software3
EUVD
EUVD
added 2026/06/24 6:32 p.m.6 views

EUVD-2026-38815

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: fix refcount saturation and potential UAF in qrtrportremove In qrtrportremove, the socket reference count is decremented via sockput before the port is removed from the qrtrports XArray and before the RCU grace period...

5.7AI score0.00135EPSS
Exploits0References9
NVD
NVD
added 2026/06/24 5:17 p.m.9 views

CVE-2026-52947

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: fix refcount saturation and potential UAF in qrtrportremove In qrtrportremove, the socket reference count is decremented via sockput before the port is removed from the qrtrports XArray and before the RCU grace period...

7.8CVSS0.00135EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/06/24 4:26 p.m.36 views

CVE-2026-52947 net: qrtr: fix refcount saturation and potential UAF in qrtr_port_remove

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: fix refcount saturation and potential UAF in qrtrportremove In qrtrportremove, the socket reference count is decremented via sockput before the port is removed from the qrtrports XArray and before the RCU grace period...

7.8CVSS0.00135EPSS
Exploits0References8
OSV
OSV
added 2026/06/24 4:26 p.m.2 views

CVE-2026-52947 net: qrtr: fix refcount saturation and potential UAF in qrtr_port_remove

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: fix refcount saturation and potential UAF in qrtrportremove In qrtrportremove, the socket reference count is decremented via sockput before the port is removed from the qrtrports XArray and before the RCU grace period...

7.8CVSS5.8AI score0.00135EPSS
Exploits0References11
CVE
CVE
added 2026/06/24 4:26 p.m.18 views

CVE-2026-52947

The CVE-2026-52947 issue affects the Linux kernel qrtr subsystem, specifically in qrtr_port_remove(), where the socket reference count is decremented via __sock_put() before the port is removed from the qrtr_ports XArray and before the RCU grace period elapses. This creates a race window where a ...

7.8CVSS5.7AI score0.00135EPSS
Exploits0References8Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.10 views

PT-2026-51841

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the qrtr port remove function where the socket reference count is decremented using sock put before the port is removed from the qrtr ports XArray and before the RCU...

7.8CVSS5.7AI score0.00135EPSS
Exploits0References10
Microsoft CVE
Microsoft CVE
added 2026/05/28 8:7 a.m.12 views

net: qrtr: ns: Free the node during ctrl_cmd_bye()

...

5.5CVSS5.4AI score0.00123EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/28 3:54 a.m.18 views

SUSE CVE-2026-46003

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Limit the total number of nodes Currently, the nameserver doesn't limit the number of nodes it handles. This can be an attack vector if a malicious client starts registering random nodes, leading to memory...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/28 3:54 a.m.11 views

SUSE CVE-2026-46026

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Limit the maximum number of lookups Current code does no bound checking on the number of lookups a client can perform. Though the code restricts the lookups to local clients, there is still a possibility of a...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/28 3:53 a.m.11 views

SUSE CVE-2026-46038

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Free the node during ctrlcmdbye A node sends the BYE packet when it is about to go down. So the nameserver should advertise the removal of the node to all remote and local observers and free the node finally. But...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/28 3:53 a.m.10 views

SUSE CVE-2026-46047

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Fix use-after-free in driver remove In the remove callback, if a packet arrives after destroyworkqueue is called, but before sockrelease, the qrtrnsdataready callback will try to queue the work, causing...

6.4CVSS5.7AI score0.00126EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/27 9:18 p.m.13 views

CVE-2026-46003

A flaw was found in the Linux kernel's qrtr nameserver. A malicious client can exploit this vulnerability by registering an excessive number of random nodes. This uncontrolled resource consumption leads to memory exhaustion, resulting in a Denial of Service DoS for the system...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/27 8:21 p.m.9 views

CVE-2026-46026

A flaw was found in the Linux kernel's QRTR Qualcomm IPC Router nameserver. A malicious local client can exploit this by sending an unbounded number of NEWLOOKUP messages. This can lead to resource exhaustion, causing a Denial of Service DoS for the system. The vulnerability is addressed by...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/27 8:11 p.m.10 views

CVE-2026-46038

A flaw was found in the Linux kernel's qrtr nameserver component. When a node sends a BYE packet, the nameserver fails to free the associated node memory, leading to a memory leak. This vulnerability can result in resource exhaustion over time, potentially impacting system stability and...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/27 7:40 p.m.11 views

CVE-2026-46047

A flaw was found in the Linux kernel's qrtr networking driver. During the driver's removal process, a timing issue can occur if a packet arrives after the work queue is destroyed but before the socket is released. This can cause the system to attempt to access memory that has already been freed,...

7.8CVSS5.8AI score0.00126EPSS
Exploits0References4
NVD
NVD
added 2026/05/27 2:17 p.m.14 views

CVE-2026-46047

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Fix use-after-free in driver remove In the remove callback, if a packet arrives after destroyworkqueue is called, but before sockrelease, the qrtrnsdataready callback will try to queue the work, causing...

7.8CVSS0.00126EPSS
Exploits0References8
Rows per page
Query Builder