Lucene search
K

28 matches found

EUVD
EUVD
added 2026/06/24 6:32 p.m.5 views

EUVD-2026-38856

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: join hook list via splicelistrcu in commit phase Publish new hooks in the list into the basechain/flowtable using splicelistrcu to ensure netlink dump list traversal via rcu is safe while concurrent ruleset...

5.7AI score0.00122EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/24 4:30 p.m.6 views

EUVD-2026-38964

In the Linux kernel, the following vulnerability has been resolved: bpf: Use RCU-safe iteration in devmapredirectmulti SKB path The DEVMAPHASH branch in devmapredirectmulti uses hlistforeachentrysafe to iterate hash buckets, but this function runs under RCU protection called from...

5.7AI score0.00132EPSS
Exploits0References7
OSV
OSV
added 2026/05/28 12:58 p.m.10 views

OPENSUSE-SU-2026:20826-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2023-2058: x86/CPU: Fix FPDSS on Zen1 bsc1243603. - CVE-2024-14027: xattr: switch to CLASSfd bsc1259420. - CVE-2025-40181: x86/kvm: Force legacy PCI hole to UC when...

9.8CVSS6.6AI score0.0138EPSS
Exploits19References454
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm: fixed a UAF Use-After-Free issue when vma-mm is freed after vma-vmrefcnt has been dropped. By introducing delays in the appropriate places, Jann Horn created a scenario where a UAF issue could occur—a problem that became...

7.8CVSS5.8AI score0.00162EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/08 2:21 p.m.38 views

CVE-2026-43376 ksmbd: fix use-after-free by using call_rcu() for oplock_info

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free by using callrcu for oplockinfo ksmbd currently frees oplockinfo immediately using kfree, even though it is accessed under RCU read-side critical sections in places like opinfoget and procshowfiles. Sinc...

9.8CVSS0.00444EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/24 2:42 p.m.6 views

EUVD-2026-25472

In the Linux kernel, the following vulnerability has been resolved: wireguard: device: use exitrtnl callback instead of manual rtnllock in preexit wgnetnspreexit manually acquires rtnllock inside the pernet .preexit callback. This causes a hung task when another thread holds rtnlmutex - the...

5.4AI score0.00122EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.5 views

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-006965)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006965 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf: reject unhashed sockets in bpfskassign The semantics for bpfskassign are as follows: sk =...

5.5CVSS6.3AI score0.00147EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/03/20 12:0 a.m.6 views

CVE-2026-23272

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: unconditionally bump set-nelems before insertion In case that the set is full, a new element gets published then removed without waiting for the RCU grace period, while RCU reader can be walking over it...

7.8CVSS5.7AI score0.00123EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/27 12:0 a.m.4 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005139)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005139 advisory. In the Linux kernel, the following vulnerability has been resolved: net/xen-netback: prevent UAF in xenvifflushhash During the listforeachentryrcu iteration call of...

7.8CVSS6.4AI score0.00273EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/01/13 2:1 p.m.5 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: mptcp: Use skdstget and dstdevrcu in mptcpactiveenable. mptcpactiveenable is called from subflowfinishconnect, which is icsk-icskafops-skrxdstset. It isn’t always under a RCU context. Using skdstgetsk.dev could trigger a...

6.3AI score0.00194EPSS
Exploits0References3
EUVD
EUVD
added 2025/11/12 12:30 p.m.2 views

EUVD-2025-124915

In the Linux kernel, the following vulnerability has been resolved: smc: Use skdstget and dstdevrcu in smcclcprfxmatch. smcclcprfxmatch is called from smclistenwork and not under RCU nor RTNL. Using skdstgetsk-dev could trigger UAF. Let's use skdstget and dstdevrcu. Note that the returned value o...

5.7AI score0.0017EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/11/12 10:46 a.m.13 views

CVE-2025-40168 smc: Use __sk_dst_get() and dst_dev_rcu() in smc_clc_prfx_match().

In the Linux kernel, the following vulnerability has been resolved: smc: Use skdstget and dstdevrcu in smcclcprfxmatch. smcclcprfxmatch is called from smclistenwork and not under RCU nor RTNL. Using skdstgetsk-dev could trigger UAF. Let's use skdstget and dstdevrcu. Note that the returned value o...

0.0017EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/11/12 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-40133

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mptcp: Use skdstget and dstdevrcu in mptcpactiveenable. mptcpactiveenable is called from subflowfinishconnect, which is icsk-icskafops-skrxdstset and it's not...

6.6AI score0.00194EPSS
Exploits0References2
OSV
OSV
added 2025/10/15 8:15 a.m.3 views

UBUNTU-CVE-2025-39978

In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fix potential use after free in otx2tcaddflow This code calls kfreercunewnode, rcu and then dereferences "newnode" and then dereferences it on the next line. Two lines later, we take a mutex so I don't think this is...

6.6AI score0.00182EPSS
Exploits0References18
RedHat Linux
RedHat Linux
added 2025/10/01 12:24 a.m.5 views

kernel: smb: client: fix use-after-free in cifs_oplock_break

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in cifsoplockbreak A race condition can occur in cifsoplockbreak leading to a use-after-free of the cinode structure when unmounting: cifsoplockbreak cifsFileInfoputcfile cifsFileInfoputfinal...

7.8CVSS6.8AI score0.0015EPSS
Exploits0References5
OSV
OSV
added 2025/08/08 11:15 a.m.5 views

OESA-2025-1960 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: xfrm: state: fix out-of-bounds read during lookup lookup and resize can run in parallel. The xfrmstatehashgeneration seqlock ensures a retry, but the hash...

7.8CVSS6.3AI score0.00221EPSS
Exploits0References40
Cvelist
Cvelist
added 2025/07/25 3:27 p.m.9 views

CVE-2025-38453 io_uring/msg_ring: ensure io_kiocb freeing is deferred for RCU

In the Linux kernel, the following vulnerability has been resolved: iouring/msgring: ensure iokiocb freeing is deferred for RCU syzbot reports that defer/local taskwork adding via msgring can hit a request that has been freed: CPU: 1 UID: 0 PID: 19356 Comm: iou-wrk-19354 Not tainted...

0.00145EPSS
Exploits0References3
CVE
CVE
added 2025/07/25 3:27 p.m.78 views

CVE-2025-38453

CVE-2025-38453 affects the Linux kernel: the io_uring/msg_ring path can free an io_kiocb at an unsafe time, leading to use-after-free scenarios. The documented fix defers freeing via RC/RCU mechanics by adding an rcU head and switching to kfree_rcu() in both the freeing paths (io_msg_tw_complete(...

5.5CVSS6.3AI score0.00145EPSS
Exploits0References3Affected Software1
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.4 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: dm thin: Make getfirstthin use rcu-safe list first function. The documentation in rculist.h explains the absence of listemptyrcu and warns programmers against relying on a sequence of listempty - listfirst in RCU-safe code. This ...

5.5CVSS6.2AI score0.00216EPSS
Exploits0References3
NVD
NVD
added 2025/05/01 2:15 p.m.21 views

CVE-2025-37790

In the Linux kernel, the following vulnerability has been resolved: net: mctp: Set SOCKRCUFREE Bind lookup runs under RCU, so ensure that a socket doesn't go away in the middle of a lookup...

5.5CVSS0.00156EPSS
Exploits0References7
Rows per page
Query Builder