Lucene search
K

71 matches found

NVD
NVD
added 2026/06/25 9:16 a.m.7 views

CVE-2026-53247

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtkethsoc: Fix use-after-free in metadata dst teardown mtkfreedev calls metadatadstfree which frees the metadatadst with kfree immediately, bypassing the RCU grace period. In the RX path, skbdstsetnoref sets a...

9.8CVSS0.00507EPSS
Exploits0References5
CVE
CVE
added 2026/06/25 8:39 a.m.8 views

CVE-2026-53248

In Linux kernel, the airoha net driver has a use-after-free in metadata_dst teardown (CVE-2026-53248). The airoha_metadata_dst_free() function frees the metadata_dst with kfree() immediately, bypassing the RCU grace period, while the RX path may hold a non-refcounted pointer from skb to the dst v...

8.8CVSS5.7AI score0.00391EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath11k – Fix for htt.pktlog locking. The ath11k active PDevs are protected by RCUs, but the code that handles htt.pktlog, namely ath11kmacgetarbypdevid, was not marked as a read-side critical section. Mark the relevant code...

4.4CVSS6AI score0.00227EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Wifi: ath12k – Fixed issues with dfs-radar and temperature event locking. The ath12k active PDevs are protected by RCU, but the code responsible for handling DFS-radar and temperature events, which calls ath12kmacgetarbypdevid...

5.9CVSS5.3AI score0.00707EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.10 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath11k – Fixing the gtk offload status event locking issue The ath11k active PDevs are protected by RCUs, but the code that handles the gtk offload status event and calls ath11kmacgetarvifbyvdevid was not marked as a...

7.8CVSS5.9AI score0.00241EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath11k – Fixing the DFS radar event locking issue The ath11k active PDevs are protected by RCUs. However, the code that handles DFS radar events and calls ath11kmacgetarbypdevid was not marked as a read-side critical sectio...

8.8CVSS5.7AI score0.01EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Tracing: Fixed the issue with copylinklist updates when the “copyTracemarker” option is enabled for an instance. When this option is enabled, any data written to /sys/kernel/tracing/tracemarker is also copied into the buffer o...

7.8CVSS6AI score0.00127EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/08 12:0 a.m.12 views

Node.js Module axios < 1.15.2 Prototype Pollution

The version of the axios Node.js module installed on the remote host is prior to 1.15.2. It is, therefore, affected by the following vulnerability: - Axios has prototype pollution read-side gadgets in the HTTP adapter that allow credential injection and request hijacking. CVE-2026-42264 Note that...

9.1CVSS5.8AI score0.00549EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/05/06 11:28 a.m.34 views

CVE-2026-43214 KVM: x86: Add SRCU protection for reading PDPTRs in __get_sregs2()

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Add SRCU protection for reading PDPTRs in getsregs2 Add SRCU read-side protection when reading PDPTR registers in getsregs2. Reading PDPTRs may trigger access to guest memory: kvmpdptrread - svmcachereg - loadpdptrs -...

7.8CVSS0.00139EPSS
Exploits0References6
CVE
CVE
added 2026/05/06 11:28 a.m.18 views

CVE-2026-43214

The CVE-2026-43214 issue concerns Linux kernel KVM on x86: when reading PDPTRs in __get_sregs2(), SRCU read-side protection was missing. The root cause is that kvm_pdptr_read() may dereference guest memory via a chain (svm_cache_reg -&gt; load_pdptrs -&gt; kvm_vcpu_read_guest_page -&gt; kvm_vcpu_...

7.8CVSS5.7AI score0.00139EPSS
Exploits0References6Affected Software1
SUSE CVE
SUSE CVE
added 2026/04/25 1:36 a.m.9 views

SUSE CVE-2026-31669

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix slab-use-after-free in inetlookupestablished The ehash table lookups are lockless and rely on SLABTYPESAFEBYRCU to guarantee socket memory stability during RCU read-side critical sections. Both tcpprot and tcpv6prot ha...

7CVSS5.6AI score0.004EPSS
Exploits0References25
Debian CVE
Debian CVE
added 2026/04/24 2:45 p.m.8 views

CVE-2026-31657

In the Linux kernel, the following vulnerability has been resolved: batman-adv: hold claim backbone gateways by reference batadvblaaddclaim can replace claim-backbonegw and drop the old gateway's last reference while readers still follow the pointer. The netlink claim dump path dereferences...

9.8CVSS5.2AI score0.00399EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/04/24 2:45 p.m.3 views

CVE-2026-31657

In the Linux kernel, the following vulnerability has been resolved: batman-adv: hold claim backbone gateways by reference batadvblaaddclaim can replace claim-backbonegw and drop the old gateway's last reference while readers still follow the pointer. The netlink claim dump path dereferences...

5.2AI score0.00399EPSS
Exploits0References7Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/24 12:0 a.m.8 views

PT-2026-35009

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description In the batman-adv module, the function batadv bla add claim can replace claim-backbone gw and drop the last reference of the old gateway while readers are still following the pointer. Th...

9.8CVSS5.2AI score0.00399EPSS
Exploits0
EUVD
EUVD
added 2026/04/23 12:31 p.m.8 views

EUVD-2026-25219

In the Linux kernel, the following vulnerability has been resolved: can: raw: fix ro-uniq use-after-free in rawrcv rawrelease unregisters raw CAN receive filters via canrxunregister, but receiver deletion is deferred with callrcu. This leaves a window where rawrcv may still be running in an RCU...

5.7AI score0.00124EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/23 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the reuse of a freed resource after the release of the ro-uniq operation in rawrcv. This could le...

7.8CVSS5.8AI score0.00124EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/02 12:0 a.m.3 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005422)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005422 advisory. In the Linux kernel, the following vulnerability has been resolved: ima: Avoid blocking in RCU read-side critical section A panic happens in imamatchpolicy: BUG:...

5.5CVSS6.8AI score0.0025EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/12/24 12:0 a.m.6 views

PT-2025-53069

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the rtw88 wifi driver related to rate updates. The ieee80211 ops::sta rc update function must be atomic to prevent a context switch within an RCU...

6.3AI score0.00166EPSS
Exploits0References17
Positive Technologies
Positive Technologies
added 2025/12/16 12:0 a.m.4 views

PT-2025-51637

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A regression was introduced in the Linux kernel due to a commit 995412e23bb2 related to SCSI core functionality and tag iterators. This regression is triggered by the scsi host busy...

5.3AI score0.00032EPSS
Exploits0References25
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.3 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-381573)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-381573 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix htt pktlog locking The ath11k active pdevs are protected by RCU but the htt...

4.4CVSS6.3AI score0.00227EPSS
Exploits0References4
Rows per page
Query Builder