178 matches found
ROS-20260629-73-0024
The vulnerability in giflib is related to a memory reclamation error. Exploiting this vulnerability can allow an attacker to cause a service failure...
CVE-2026-53157 net: phonet: free phonet_device after RCU grace period
In the Linux kernel, the following vulnerability has been resolved: net: phonet: free phonetdevice after RCU grace period phonetdevicedestroy removes a phonetdevice from the per-net device list with listdelrcu, but frees it immediately. RCU readers walking the same list can still hold a pointer t...
CVE-2026-53000
CVE-2026-53000 affects the Linux kernel netfilter NAT path. The root issue is partial exposure of nf_hook_ops during error handling, which can lead to unsafe access to internal hook data via the datapath and nat dispatcher flow. Exploitation details are not provided in the documents, but the desc...
ROS-20260622-73-0032
The vulnerability of the LookupCNAME function in the Go programming language is related to a memory reclamation error when processing CNAME records. Exploiting this vulnerability can allow an attacker to cause service interruptions...
The vulnerability of the LookupCNAME() function in the Go programming language allows a perpetrator to trigger a service failure.
The vulnerability of the LookupCNAME function in the Go programming language is related to a memory reclamation error when processing CNAME records. Exploiting this vulnerability can allow an attacker to cause service interruptions...
FreeRDP 资源管理错误漏洞
FreeRDP is an open-source implementation of the Remote Desktop Protocol RDP by the FreeRDP team. Versions of FreeRDP prior to 3.26.0 contained a resource management vulnerability. This vulnerability stemmed from the RDPEAR NDR parser acceptingNDR pointers with multiple logical pointer fields. It...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure of the connection preparation in the mac80211 module. This failure results in the site not...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fact that the TASKDEAD task that exits can be preempted, potentially leading to reclamation after...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15
In the Linux kernel, the following vulnerability has been resolved: ice: Do not use the WQMEMRECLAIM flag for the workqueue. When both ice and the irdma driver are loaded, a warning is triggered in checkFlushDependency. This occurs because the ice driver’s workqueue is allocated with the...
NLnet Labs Unbound 安全漏洞
NLnet Labs Unbound is a high-performance DNS resolver open-sourced by NLnet Labs. Versions of NLnet Labs Unbound from 1.14.0 to 1.25.0 contain security vulnerabilities. These vulnerabilities stem from inconsistent locking mechanisms, and under certain conditions, they may lead to heap reclamation...
CLSA-2026-1778873714 mod_http2: Fix of CVE-2023-45802
CVE-2023-45802: fix deferred memory reclaim of reset HTTP/2 streams...
The vulnerability of the HTTP/2 protocol implementation in the Apache HTTP Server allows a attacker to execute arbitrary code or cause a service failure.
The vulnerability of the HTTP/2 protocol implementation in the Apache HTTP Server is related to a memory reclamation error. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause a service failure...
CVE-2026-31448
In the Linux kernel, the following vulnerability has been resolved: ext4: avoid infinite loops caused by residual data On the mkdir/mknod path, when mapping logical blocks to physical blocks, if inserting a new extent into the extent tree fails in this example, because the file system disabled th...
CVE-2026-31448 ext4: avoid infinite loops caused by residual data
In the Linux kernel, the following vulnerability has been resolved: ext4: avoid infinite loops caused by residual data On the mkdir/mknod path, when mapping logical blocks to physical blocks, if inserting a new extent into the extent tree fails in this example, because the file system disabled th...
PT-2026-34353
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ext4 file system during the mkdir and mknod paths. When mapping logical blocks to physical blocks, if inserting a new extent into the extent tree fails, the ext4 e...
Linux Distros Unpatched Vulnerability : CVE-2026-31448
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ext4: avoid infinite loops caused by residual data On the mkdir/mknod path, when mapping logical blocks to physical blocks, if inserting a new extent into the...
wasmtime 资源管理错误漏洞
Wasmtime is a lightweight WebAssembly runtime open source by the Bytecode Alliance. Version 43.0.0 of Wastime contains a resource management vulnerability. This vulnerability stems from a flaw in cloning wastim::Linker, which may lead to reuse after reclamation...
CVE-2026-23386
CVE-2026-23386 concerns the Linux kernel gve driver in QPL mode, where gve_tx_clean_pending_packets() could misinterpret the dma_addr_t array as buffer IDs, causing out-of-bounds/unmap errors. The root cause was an improper buffer cleanup path in gve_tx_clean_pending_packets() that could referenc...
CVE-2026-23386 gve: fix incorrect buffer cleanup in gve_tx_clean_pending_packets for QPL
In the Linux kernel, the following vulnerability has been resolved: gve: fix incorrect buffer cleanup in gvetxcleanpendingpackets for QPL In DQ-QPL mode, gvetxcleanpendingpackets incorrectly uses the RDA buffer cleanup path. It iterates numbufs times and attempts to unmap entries in the dma array...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of separation between the stages of garbage collection for pipapo collection...