Lucene search
+L

1119 matches found

Debian CVE
Debian CVE
added 2026/06/25 8:39 a.m.6 views

CVE-2026-53264

In the Linux kernel, the following vulnerability has been resolved: net/sched: actapi: use RCU with deferred freeing for action lifecycle When NEWTFILTER and DELFILTER are run concurrently it is possible to create a race with an associated action. Let's illustrate with CPU0 running NEWTFILTER and...

7.8CVSS5.7AI score0.00129EPSS
Exploits0
EUVD
EUVD
added 2026/06/25 8:39 a.m.8 views

EUVD-2026-39215

In the Linux kernel, the following vulnerability has been resolved: net/sched: actapi: use RCU with deferred freeing for action lifecycle When NEWTFILTER and DELFILTER are run concurrently it is possible to create a race with an associated action. Let's illustrate with CPU0 running NEWTFILTER and...

5.8AI score0.00129EPSS
Exploits0References8
CVE
CVE
added 2026/06/25 8:39 a.m.23 views

CVE-2026-53264

CVE-2026-53264 concerns the Linux kernel’s networking scheduler (net/sched) where a race between simultaneous NEWTFILTER and DELFILTER operations can lead to a use-after-free of an action. The provided description and patches state that final freeing of the action was incorrectly performed withou...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2026/06/25 8:39 a.m.2 views

CVE-2026-53264 net/sched: act_api: use RCU with deferred freeing for action lifecycle

In the Linux kernel, the following vulnerability has been resolved: net/sched: actapi: use RCU with deferred freeing for action lifecycle When NEWTFILTER and DELFILTER are run concurrently it is possible to create a race with an associated action. Let's illustrate with CPU0 running NEWTFILTER and...

7.8CVSS5.9AI score0.00129EPSS
Exploits0References11
OSV
OSV
added 2026/06/25 8:39 a.m.3 views

CVE-2026-53262 l2tp: pppol2tp: hold reference to session in pppol2tp_ioctl()

In the Linux kernel, the following vulnerability has been resolved: l2tp: pppol2tp: hold reference to session in pppol2tpioctl pppol2tpioctl read sock-sk-skuserdata directly without any locks or reference counting. If a controllable sleep was induced during copyfromuser e.g. via a userfaultfd pag...

7.8CVSS5.8AI score0.00125EPSS
Exploits0References7
CVE
CVE
added 2026/06/25 8:39 a.m.17 views

CVE-2026-53259

CVE-2026-53259 (Linux kernel) fixes a race in IPv6 anycast address management. The root cause was a window where inserting an aca into the global inet6_acaddr_lst[] and its hash could be separated from the teardown path (RTNL), causing the ac_addr to be freed while still linked, i.e., a slab-use-...

7.8CVSS5.7AI score0.00123EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/06/25 8:39 a.m.9 views

EUVD-2026-39203

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix memory leak in error path of hciallocdev Early failures in Bluetooth HCI UART configuration leak SRCU percpu memory. When device initialization fails before hciregisterdev completes, the HCIUNREGISTER flag is never...

5.7AI score0.00136EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/06/25 8:39 a.m.33 views

CVE-2026-53247 net: ethernet: mtk_eth_soc: Fix use-after-free in metadata dst teardown

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtkethsoc: Fix use-after-free in metadata dst teardown mtkfreedev calls metadatadstfree which frees the metadatadst with kfree immediately, bypassing the RCU grace period. In the RX path, skbdstsetnoref sets a...

9.8CVSS0.00507EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/25 8:39 a.m.3 views

CVE-2026-53247

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtkethsoc: Fix use-after-free in metadata dst teardown mtkfreedev calls metadatadstfree which frees the metadatadst with kfree immediately, bypassing the RCU grace period. In the RX path, skbdstsetnoref sets a...

5.7AI score0.00507EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2026/06/25 8:39 a.m.22 views

CVE-2026-53247

CVE-2026-53247: Linux kernel MTK ethernet driver (mtk_eth_soc) fix for use-after-free in metadata_dst teardown. mtk_free_dev() previously called metadata_dst_free() (kfree’d immediately, bypassing RCU). In RX, skb_dst_set_noref() kept non-refcounted pointers to metadata_dst; freed memory could ra...

9.8CVSS5.7AI score0.00507EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/25 8:38 a.m.4 views

CVE-2026-53157

In the Linux kernel, the following vulnerability has been resolved: net: phonet: free phonetdevice after RCU grace period phonetdevicedestroy removes a phonetdevice from the per-net device list with listdelrcu, but frees it immediately. RCU readers walking the same list can still hold a pointer t...

5.8AI score0.00135EPSS
Exploits0References9Affected Software1
EUVD
EUVD
added 2026/06/25 8:38 a.m.7 views

EUVD-2026-39248

In the Linux kernel, the following vulnerability has been resolved: net: phonet: free phonetdevice after RCU grace period phonetdevicedestroy removes a phonetdevice from the per-net device list with listdelrcu, but frees it immediately. RCU readers walking the same list can still hold a pointer t...

5.7AI score0.00135EPSS
Exploits0References3
CVE
CVE
added 2026/06/25 8:38 a.m.15 views

CVE-2026-53157

The CVE-2026-53157 issue affects the Linux kernel’s phonet code: phonet_device is removed from the per-net device list with list_del_rcu(), but freed immediately, creating a use-after-free for readers that still hold pointers. The root cause is mismatched lifetime management; the fix switches to ...

7.8CVSS5.7AI score0.00135EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2026/06/25 8:38 a.m.34 views

CVE-2026-53157 net: phonet: free phonet_device after RCU grace period

In the Linux kernel, the following vulnerability has been resolved: net: phonet: free phonetdevice after RCU grace period phonetdevicedestroy removes a phonetdevice from the per-net device list with listdelrcu, but frees it immediately. RCU readers walking the same list can still hold a pointer t...

0.00135EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.6 views

PT-2026-52365

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the IP Virtual Server IPVS where the ip vs edit service function clears the svc-scheduler pointer after the scheduler module has already initiated Read-Copy-Update RCU...

7.8CVSS6AI score0.00129EPSS
Exploits0References22
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.8 views

PT-2026-52253

In the Linux kernel, the following vulnerability has been resolved: net: phonet: free phonet device after RCU grace period phonet device destroy removes a phonet device from the per-net device list with list del rcu, but frees it immediately. RCU readers walking the same list can still hold a...

5.7AI score0.00135EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.7 views

PT-2026-52359

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the net/sched component when NEWTFILTER and DELFILTER operations are executed concurrently. This occurs because an action can be freed immediately via kfree...

7.8CVSS6AI score0.00129EPSS
Exploits0References22
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.13 views

PT-2026-52342

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the mtk eth soc ethernet driver. The mtk free dev function calls metadata dst free, which uses kfree to immediately release metadata dst memory, bypassin...

9.8CVSS6.1AI score0.00507EPSS
Exploits0References19
EUVD
EUVD
added 2026/06/24 6:32 p.m.7 views

EUVD-2026-38815

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: fix refcount saturation and potential UAF in qrtrportremove In qrtrportremove, the socket reference count is decremented via sockput before the port is removed from the qrtrports XArray and before the RCU grace period...

5.7AI score0.00135EPSS
Exploits0References9
NVD
NVD
added 2026/06/24 5:17 p.m.12 views

CVE-2026-53128

In the Linux kernel, the following vulnerability has been resolved: drbd: Balance RCU calls in drbdadmdumpdevices Make drbdadmdumpdevices call rcureadlock before rcureadunlock is called. This has been detected by the Clang thread-safety analyzer...

5.5CVSS0.00117EPSS
Exploits0References8
Rows per page
Query Builder