8 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-43050
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - atm: lec: fix use-after-free in sockdefreadable A race condition exists between lecatmclose setting priv-lecd to NULL and concurrent access to priv-lecd in...
CVE-2026-43050 atm: lec: fix use-after-free in sock_def_readable()
In the Linux kernel, the following vulnerability has been resolved: atm: lec: fix use-after-free in sockdefreadable A race condition exists between lecatmclose setting priv-lecd to NULL and concurrent access to priv-lecd in sendtolecd, lechandlebridge, and lecatmsend. When the socket is freed via...
PT-2026-36467
In the Linux kernel, the following vulnerability has been resolved: atm: lec: fix use-after-free in sock def readable A race condition exists between lec atm close setting priv-lecd to NULL and concurrent access to priv-lecd in send to lecd, lec handle bridge, and lec atm send. When the socket is...
kernel: mt76: fix use-after-free by removing a non-RCU wcid pointer
A vulnerability was found in the Linux kernel's mt76 wi-fi driver. A concurrency bug causes the mtxq TX queue to maintain a raw pointer to a wcid structure mtxq-wcid that might be freed by the time it is accessed. This issue can lead to a use-after-free scenario, leading to system instability,...
CVE-2022-49328
CVE-2022-49328 is a vulnerability in the Linux kernel mt76 driver where a use-after-free can occur in mt76_txq_schedule due to an unprotected wcid pointer (non-RCU). The issue is addressed by guarding the mtxq->wcid with an rcu_lock between mt76_txq_schedule and sta_info_alloc/free, per the re...
CVE-2024-50127 net: sched: fix use-after-free in taprio_change()
In the Linux kernel, the following vulnerability has been resolved: net: sched: fix use-after-free in tapriochange In 'tapriochange', 'admin' pointer may become dangling due to sched switch / removal caused by 'advancesched', and critical section protected by 'q-currententrylock' is too small to...
kernel: tls: fix missing memory barrier in tls_init
In the Linux kernel, the following vulnerability has been resolved: tls: fix missing memory barrier in tlsinit In tlsinit, a write memory barrier is missing, and store-store reordering may cause NULL dereference in tlssetsockopt,getsockopt. CPU0 CPU1 ----- ----- // In tlsinit // In tlsctxcreate c...
kernel: inet: fully convert sk->sk_rx_dst to RCU rules
A use-after-free vulnerability was found in the TCP IP protocol in the Linux Kernel, where a delete operation of the RCU-protected pointer is supposed to clear the pointer before the callrcu/synchronizercu guarding the actual memory freeing. This flaw allows a local attacker to crash the system o...