Lucene search
K

29 matches found

SUSE CVE
SUSE CVE
added 2026/05/28 3:54 a.m.18 views

SUSE CVE-2026-46003

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Limit the total number of nodes Currently, the nameserver doesn't limit the number of nodes it handles. This can be an attack vector if a malicious client starts registering random nodes, leading to memory...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/28 3:53 a.m.10 views

SUSE CVE-2026-46047

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Fix use-after-free in driver remove In the remove callback, if a packet arrives after destroyworkqueue is called, but before sockrelease, the qrtrnsdataready callback will try to queue the work, causing...

6.4CVSS5.7AI score0.00126EPSS
Exploits0References3
NVD
NVD
added 2026/05/27 2:17 p.m.14 views

CVE-2026-46047

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Fix use-after-free in driver remove In the remove callback, if a packet arrives after destroyworkqueue is called, but before sockrelease, the qrtrnsdataready callback will try to queue the work, causing...

7.8CVSS0.00126EPSS
Exploits0References8
NVD
NVD
added 2026/05/27 2:17 p.m.13 views

CVE-2026-46026

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Limit the maximum number of lookups Current code does no bound checking on the number of lookups a client can perform. Though the code restricts the lookups to local clients, there is still a possibility of a...

5.5CVSS0.00128EPSS
Exploits0References8
NVD
NVD
added 2026/05/27 2:17 p.m.11 views

CVE-2026-46003

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Limit the total number of nodes Currently, the nameserver doesn't limit the number of nodes it handles. This can be an attack vector if a malicious client starts registering random nodes, leading to memory...

5.5CVSS0.00123EPSS
Exploits0References8
OSV
OSV
added 2026/05/27 2:17 p.m.6 views

UBUNTU-CVE-2026-46003

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Limit the total number of nodes Currently, the nameserver doesn't limit the number of nodes it handles. This can be an attack vector if a malicious client starts registering random nodes, leading to memory...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References7
OSV
OSV
added 2026/05/27 2:17 p.m.7 views

UBUNTU-CVE-2026-46047

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Fix use-after-free in driver remove In the remove callback, if a packet arrives after destroyworkqueue is called, but before sockrelease, the qrtrnsdataready callback will try to queue the work, causing...

7.8CVSS5.7AI score0.00126EPSS
Exploits0References7
OSV
OSV
added 2026/05/27 2:17 p.m.5 views

UBUNTU-CVE-2026-46026

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Limit the maximum number of lookups Current code does no bound checking on the number of lookups a client can perform. Though the code restricts the lookups to local clients, there is still a possibility of a...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2026/05/27 12:57 p.m.9 views

CVE-2026-46047

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Fix use-after-free in driver remove In the remove callback, if a packet arrives after destroyworkqueue is called, but before sockrelease, the qrtrnsdataready callback will try to queue the work, causing...

7.8CVSS5.7AI score0.00126EPSS
Exploits0
CVE
CVE
added 2026/05/27 12:57 p.m.26 views

CVE-2026-46047

CVE-2026-46047: In the Linux kernel, net: qrtr: ns use-after-free in driver remove is fixed. The vulnerability arises if a packet arrives after destroy_workqueue() but before sock_release(), causing qrtr_ns_data_ready() to queue a work item that dereferences freed memory. Root and distro advisori...

7.8CVSS5.7AI score0.00126EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2026/05/27 12:57 p.m.44 views

CVE-2026-46047 net: qrtr: ns: Fix use-after-free in driver remove()

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Fix use-after-free in driver remove In the remove callback, if a packet arrives after destroyworkqueue is called, but before sockrelease, the qrtrnsdataready callback will try to queue the work, causing...

0.00126EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2026/05/27 12:56 p.m.8 views

CVE-2026-46038

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Free the node during ctrlcmdbye A node sends the BYE packet when it is about to go down. So the nameserver should advertise the removal of the node to all remote and local observers and free the node finally. But...

5.5CVSS5.8AI score0.00123EPSS
Exploits0
Cvelist
Cvelist
added 2026/05/27 12:56 p.m.41 views

CVE-2026-46026 net: qrtr: ns: Limit the maximum number of lookups

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Limit the maximum number of lookups Current code does no bound checking on the number of lookups a client can perform. Though the code restricts the lookups to local clients, there is still a possibility of a...

0.00128EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2026/05/27 12:55 p.m.8 views

CVE-2026-46003

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Limit the total number of nodes Currently, the nameserver doesn't limit the number of nodes it handles. This can be an attack vector if a malicious client starts registering random nodes, leading to memory...

5.5CVSS5.7AI score0.00123EPSS
Exploits0
EUVD
EUVD
added 2026/05/27 12:55 p.m.12 views

EUVD-2026-32299

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Limit the total number of nodes Currently, the nameserver doesn't limit the number of nodes it handles. This can be an attack vector if a malicious client starts registering random nodes, leading to memory...

5.8AI score0.00123EPSS
Exploits0References5
CVE
CVE
added 2026/05/27 12:55 p.m.25 views

CVE-2026-46003

CVE-2026-46003 affects the Linux kernel net: qrtr: ns by failing to limit the total number of nodes a nameserver may handle, enabling memory exhaustion via a malicious client registering many nodes. Official fixes exist in multiple OS advisories: Debian 11/12 roots patched via rootio-linux, Ubunt...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References8Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.21 views

PT-2026-43914

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the QRTR nameservice driver during the remove process. If a packet arrives after destroy workqueue is called but before sock release, the qrtr ns data...

7.8CVSS5.7AI score0.00126EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-46003

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: qrtr: ns: Limit the total number of nodes Currently, the nameserver doesn't limit the number of nodes it handles. This can be an attack vector if a malicio...

5.5CVSS5.9AI score0.00123EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.19 views

PT-2026-43870

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description The nameserver in the Qualcomm Router qrtr network subsystem does not limit the number of nodes it handles. A malicious clie...

5.5CVSS6AI score0.00123EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2026/05/27 12:0 a.m.13 views

CVE-2026-46038

net: qrtr: ns: Free the node during ctrlcmdbye...

5.8AI score0.00123EPSS
Exploits0References2
Rows per page
Query Builder