Linux Distros Unpatched Vulnerability : CVE-2026-23473

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iouring/poll: fix multishot recv missing EOF on wakeup race When a socket send and shutdown happen back-to-back, both fire wake-ups before the receiver's taskwo...

CVE-2026-23450

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix NULL dereference and UAF in smctcpsynrecvsock Syzkaller reported a panic in smctcpsynrecvsock 1. smctcpsynrecvsock is called in the TCP receive path softirq via icskafops-synrecvsock on the clcsock TCP listening...

CVE-2026-23473

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2026-23473

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

PT-2026-30167

In the Linux kernel, the following vulnerability has been resolved: io uring/poll: fix multishot recv missing EOF on wakeup race When a socket send and shutdown happen back-to-back, both fire wake-ups before the receiver's task work has a chance to run. The first wake gets poll ownership poll...

PT-2026-30145

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the net/smc module within the smc tcp syn recv sock function. This issue involves a potential NULL pointer dereference and a use-after-free condition...

CVE-2026-5244

A vulnerability has been found in Cesanta Mongoose up to 7.20. This affects the function mgtlsrecvcert of the file mongoose.c of the component TLS 1.3 Handler. Such manipulation of the argument pubkey leads to heap-based buffer overflow. The attack may be launched remotely. The exploit has been...

kernel: smb: client: let recv_done verify data_offset, data_length and remaining_data_length

In the Linux kernel, the following vulnerability has been resolved: smb: client: let recvdone verify dataoffset, datalength and remainingdatalength This is inspired by the related server fixes...

kernel: smb: client: let recv_done verify data_offset, data_length and remaining_data_length

In the Linux kernel, the following vulnerability has been resolved: smb: client: let recvdone verify dataoffset, datalength and remainingdatalength This is inspired by the related server fixes...

kernel: smb: client: let recv_done verify data_offset, data_length and remaining_data_length

In the Linux kernel, the following vulnerability has been resolved: smb: client: let recvdone verify dataoffset, datalength and remainingdatalength This is inspired by the related server fixes...

kernel: smb: client: let recv_done verify data_offset, data_length and remaining_data_length

In the Linux kernel, the following vulnerability has been resolved: smb: client: let recvdone verify dataoffset, datalength and remainingdatalength This is inspired by the related server fixes...

UBUNTU-CVE-2026-23178

In the Linux kernel, the following vulnerability has been resolved: HID: i2c-hid: fix potential buffer overflow in i2chidgetreport i2chidxfer is used to read recvlen + sizeofle16 bytes of data into ihid-rawbuf. The former can come from the userspace in the hidraw driver and is only bounded by...

CVE-2026-23178 HID: i2c-hid: fix potential buffer overflow in i2c_hid_get_report()

In the Linux kernel, the following vulnerability has been resolved: HID: i2c-hid: fix potential buffer overflow in i2chidgetreport i2chidxfer is used to read recvlen + sizeofle16 bytes of data into ihid-rawbuf. The former can come from the userspace in the hidraw driver and is only bounded by...

CVE-2026-23178

CVE-2026-23178 — Linux kernel HID i2c-hid buffer overflow . The vulnerability occurs in i2c_hid_get_report() where i2c_hid_xfer reads recv_len + 2 bytes into ihid->rawbuf. recv_len can be as large as HID_MAX_BUFFER_SIZE (16384) and not necessarily bounded by the actual destination buffer, risk...

Linux Distros Unpatched Vulnerability : CVE-2026-23178

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HID: i2c-hid: fix potential buffer overflow in i2chidgetreport i2chidxfer is used to read recvlen + sizeofle16 bytes of data into ihid-rawbuf. The former can co...

SUSE CVE-2026-23083

In the Linux kernel, the following vulnerability has been resolved: fou: Don't allow 0 for FOUATTRIPPROTO. fouudprecv has the same problem mentioned in the previous patch. If FOUATTRIPPROTO is set to 0, skb is not freed by fouudprecv nor "resubmit"-ted in ipprotocoldeliverrcu. Let's forbid 0 for...

CVE-2026-23083

In the Linux kernel, the following vulnerability has been resolved: fou: Don't allow 0 for FOUATTRIPPROTO. fouudprecv has the same problem mentioned in the previous patch. If FOUATTRIPPROTO is set to 0, skb is not freed by fouudprecv nor "resubmit"-ted in ipprotocoldeliverrcu. Let's forbid 0 for...

CVE-2026-23083

In the Linux kernel, the following vulnerability has been resolved: fou: Don't allow 0 for FOUATTRIPPROTO. fouudprecv has the same problem mentioned in the previous patch. If FOUATTRIPPROTO is set to 0, skb is not freed by fouudprecv nor "resubmit"-ted in ipprotocoldeliverrcu. Let's forbid 0 for...

CVE-2026-22977

In the Linux kernel, the following vulnerability has been resolved: net: sock: fix hardened usercopy panic in sockrecverrqueue skbufffclonecache was created without defining a usercopy region, 1 unlike skbuffheadcache which properly whitelists the cb field. 2 This causes a usercopy BUG when...

EUVD-2026-3682

In the Linux kernel, the following vulnerability has been resolved: net: sock: fix hardened usercopy panic in sockrecverrqueue skbufffclonecache was created without defining a usercopy region, 1 unlike skbuffheadcache which properly whitelists the cb field. 2 This causes a usercopy BUG when...