Lucene search
+L

22 matches found

osv
osv
added 3 days ago2 views

CVE-2026-10671 User thread can re-initialize an in-use `k_pipe`, corrupting kernel wait queues (`CONFIG_USERSPACE`)

In Zephyr's kernel pipe implementation, the userspace syscall verifier zvrfykpipeinit in kernel/pipe.c used KSYSCALLOBJ which requires the kernel object to already be initialized instead of KSYSCALLOBJNEVERINIT which rejects an already-initialized object. As a result, on CONFIGUSERSPACE builds an...

7.1CVSS6.1AI score0.00103EPSS
Exploits0References5
nessus
nessus
added 2026/06/28 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-53265

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dm cache policy smq: check allocation under invalidate lock commit 2d1f7b65f5de dm cache policy smq: fix missing locks in invalidating cache blocks added mq-loc...

7.8CVSS6.2AI score0.00129EPSS
Exploits0References4
cve
cve
added 2026/06/25 8:39 a.m.19 views

CVE-2026-53242

CVE-2026-53242 affects the Linux kernel ALSA PCM path (snd_pcm_drain) on linked streams. The bug arises from wait queue handling: init_waitqueue_entry does not clear prev/next and add_wait_queue/remove_wait_queue sequencing can leave an orphaned wait entry on an old sleep queue after UNLINK, caus...

7.8CVSS5.8AI score0.00138EPSS
Exploits0References7Affected Software1
osv
osv
added 2026/06/25 8:39 a.m.3 views

CVE-2026-53242 ALSA: PCM: Fix wait queue list corruption in snd_pcm_drain() on linked streams

In the Linux kernel, the following vulnerability has been resolved: ALSA: PCM: Fix wait queue list corruption in sndpcmdrain on linked streams sndpcmdrain uses initwaitqueueentry which does not clear entry.prev/next, and addwaitqueue with a conditional removewaitqueue that is skipped when tocheck...

7.8CVSS5.9AI score0.00138EPSS
Exploits0References10
astralinux
astralinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: The corruption of the workqueue list was fixed by removing the worklist. The commit e1168f0 “RDMA/iwcm: Simplify cmeventhandler” changed the logic for submitting work to call queuework unconditionally. This was done wi...

9.8CVSS6.3AI score0.00465EPSS
Exploits0References2
redhatcve
redhatcve
added 2026/03/27 5:9 p.m.4 views

CVE-2026-26073

EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race leading to possible std::queue/std::deque corruption. The trigger is powermeter public key update and EV session/error events while OCPP not started. This results in a TSAN data race report and an ASAN/UBSAN...

5.9CVSS5.9AI score0.00304EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/03/26 4:19 p.m.2 views

CVE-2026-26074 EVerest: OCPP201 startup event_queue lock mismatch leads to std::map/std::queue data race

EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race leading to possible std::map corruption. The trigger is CSMS GetLog/UpdateFirmware request network with an EVSE fault event physical. This results in TSAN reports concurrent access data race to eventqueue...

7CVSS5.8AI score0.0014EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/03/26 4:15 p.m.2 views

CVE-2026-26073

EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race leading to possible std::queue/std::deque corruption. The trigger is powermeter public key update and EV session/error events while OCPP not started. This results in a TSAN data race report and an ASAN/UBSAN...

5.9CVSS5.8AI score0.00304EPSS
Exploits0References2Affected Software1
cnnvd
cnnvd
added 2026/03/26 12:0 a.m.10 views

EVerest 竞争条件问题漏洞

EVerest is an open-source firmware for electric vehicle charging stations developed by EVerest. Versions prior to EVerest 2026.02.0 contained a race condition vulnerability, which was caused by data competition and could lead to mapping or queue corruption...

7CVSS5.8AI score0.0014EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/03/26 12:0 a.m.10 views

EVerest 安全漏洞

EVerest is an open-source firmware for electric vehicle charging stations developed by EVerest. Versions prior to EVerest 2026.02.0 contain security vulnerabilities; these vulnerabilities stem from data competition and could lead to queue or double-ended queue corruption...

5.9CVSS5.8AI score0.00304EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/03/26 12:0 a.m.5 views

PT-2026-28351

Name of the Vulnerable Software and Affected Versions EVerest versions prior to 2026.02.0 Description EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race condition that can lead to potential corruption of std::queue and std::deque. The issue is triggered by a...

5.9CVSS5.9AI score0.00304EPSS
Exploits0References3
susecve
susecve
added 2026/02/05 12:25 a.m.7 views

SUSE CVE-2026-23066

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix recvmsg unconditional requeue If rxrpcrecvmsg fails because MSGDONTWAIT was specified but the call at the front of the recvmsg queue already has its mutex locked, it requeues the call - whether or not the call is alrea...

7CVSS5.2AI score0.00129EPSS
Exploits0References8
nvd
nvd
added 2026/02/04 5:16 p.m.5 views

CVE-2026-23066

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix recvmsg unconditional requeue If rxrpcrecvmsg fails because MSGDONTWAIT was specified but the call at the front of the recvmsg queue already has its mutex locked, it requeues the call - whether or not the call is alrea...

7.8CVSS0.00129EPSS
Exploits0References7
osv
osv
added 2026/02/04 5:16 p.m.11 views

AZL-77250 CVE-2026-23066 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix recvmsg unconditional requeue If rxrpcrecvmsg fails because MSGDONTWAIT was specified but the call at the front of the recvmsg queue already has its mutex locked, it requeues the call - whether or not the call is alrea...

7.8CVSS5.5AI score0.00129EPSS
Exploits0References1
ubuntucve
ubuntucve
added 2026/02/04 5:16 p.m.5 views

CVE-2026-23066

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix recvmsg unconditional requeue If rxrpcrecvmsg fails because MSGDONTWAIT was specified but the call at the front of the recvmsg queue already has its mutex locked, it requeues the call - whether or not the call is alrea...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References4
attackerkb
attackerkb
added 2026/02/04 4:7 p.m.5 views

CVE-2026-23066

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix recvmsg unconditional requeue If rxrpcrecvmsg fails because MSGDONTWAIT was specified but the call at the front of the recvmsg queue already has its mutex locked, it requeues the call - whether or not the call is alrea...

5.2AI score0.00129EPSS
Exploits0References3Affected Software1
cvelist
cvelist
added 2026/02/04 4:7 p.m.31 views

CVE-2026-23066 rxrpc: Fix recvmsg() unconditional requeue

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix recvmsg unconditional requeue If rxrpcrecvmsg fails because MSGDONTWAIT was specified but the call at the front of the recvmsg queue already has its mutex locked, it requeues the call - whether or not the call is alrea...

7.8CVSS0.00129EPSS
Exploits0References7
cnnvd
cnnvd
added 2026/02/04 12:0 a.m.6 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from unconditional requeuing and may lead to queue corruption...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References2
nessus
nessus
added 2026/02/04 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-23066

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rxrpc: Fix recvmsg unconditional requeue If rxrpcrecvmsg fails because MSGDONTWAIT was specified but the call at the front of the recvmsg queue already has its...

7.8CVSS5.9AI score0.00129EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/01/01 12:0 a.m.6 views

PT-2026-6136

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the rxrpc subsystem related to the handling of recvmsg calls. Specifically, an unconditional requeue of calls can occur if MSG DONTWAIT is specifi...

8.5CVSS6.5AI score0.00129EPSS
Exploits0References411
Rows per page
Query Builder