Lucene search
K

1046 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/26 7:40 p.m.9 views

CVE-2026-53290

In the Linux kernel, the following vulnerability has been resolved: drm/xe/eustall: Fix drmdevput called before stream disable in close In xeeustallstreamclose, drmdevput is called before the stream is disabled and its resources are freed. If this drops the last reference, the device structures...

7.8CVSS5.8AI score0.00124EPSS
Exploits0References4Affected Software1
SUSE CVE
SUSE CVE
added 2026/06/26 2:12 a.m.9 views

SUSE CVE-2026-53141

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix global performance monitor reference counting In the SETGLOBAL ioctl, v3dperfmonfind bumps the reference count on the perfmon it returns, but v3dperfmonsetglobalioctl and v3dperfmondelete fail to release that referen...

5.8AI score0.00121EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/26 2:8 a.m.6 views

SUSE CVE-2026-53256

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: hold listener socket in rfcommconnectind rfcommgetsockbychannel scans rfcommsklist under the list lock, but returns the selected listener after dropping that lock without taking a reference. rfcommconnectind th...

8CVSS5.8AI score0.00266EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/26 2:8 a.m.7 views

SUSE CVE-2026-53262

In the Linux kernel, the following vulnerability has been resolved: l2tp: pppol2tp: hold reference to session in pppol2tpioctl pppol2tpioctl read sock-sk-skuserdata directly without any locks or reference counting. If a controllable sleep was induced during copyfromuser e.g. via a userfaultfd pag...

7.8CVSS5.8AI score0.00125EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.9 views

PT-2026-52918

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the drm/gma500/oaktrail lvds component where the LVDS initialization code fails to distinguish between I2C adapters retrieved via i2c get adapter and those allocated a...

5.5CVSS6.1AI score0.00122EPSS
Exploits0References17
NVD
NVD
added 2026/06/25 9:16 a.m.8 views

CVE-2026-53251

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix not releasing hdev reference on isoconnbigsync hcigetroute returns a reference-counted hcidev pointer via hcidevhold. The function exits normally or with an error without ever releasing it...

5.5CVSS0.00127EPSS
Exploits0References4
NVD
NVD
added 2026/06/25 9:16 a.m.6 views

CVE-2026-53212

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfttunnel: fix use-after-free on object destroy nfttunnelobjdestroy calls metadatadstfree which directly kfrees the metadatadst, ignoring the dstentry refcount. Packets that took a reference via dsthold in...

7.8CVSS0.00125EPSS
Exploits0References8
NVD
NVD
added 2026/06/25 9:16 a.m.6 views

CVE-2026-53160

In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: fix use-after-free race in fastrpcmapcreate fastrpcmaplookup returns a raw pointer after releasing fl-lock. The caller fastrpcmapcreate then calls fastrpcmapget krefgetunlesszero on this unprotected pointer. A...

7.8CVSS0.00125EPSS
Exploits0References6
NVD
NVD
added 2026/06/25 9:16 a.m.7 views

CVE-2026-53141

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix global performance monitor reference counting In the SETGLOBAL ioctl, v3dperfmonfind bumps the reference count on the perfmon it returns, but v3dperfmonsetglobalioctl and v3dperfmondelete fail to release that referen...

5.5CVSS0.00121EPSS
Exploits0References3
OSV
OSV
added 2026/06/25 9:16 a.m.3 views

UBUNTU-CVE-2026-53251

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix not releasing hdev reference on isoconnbigsync hcigetroute returns a reference-counted hcidev pointer via hcidevhold. The function exits normally or with an error without ever releasing it...

5.7CVSS5.7AI score0.00127EPSS
Exploits0References7
OSV
OSV
added 2026/06/25 9:16 a.m.4 views

UBUNTU-CVE-2026-53141

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix global performance monitor reference counting In the SETGLOBAL ioctl, v3dperfmonfind bumps the reference count on the perfmon it returns, but v3dperfmonsetglobalioctl and v3dperfmondelete fail to release that referen...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References6
OSV
OSV
added 2026/06/25 9:16 a.m.3 views

UBUNTU-CVE-2026-53247

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtkethsoc: Fix use-after-free in metadata dst teardown mtkfreedev calls metadatadstfree which frees the metadatadst with kfree immediately, bypassing the RCU grace period. In the RX path, skbdstsetnoref sets a...

9.8CVSS5.7AI score0.00507EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/25 8:39 a.m.7 views

EUVD-2026-39220

In the Linux kernel, the following vulnerability has been resolved: netfilter: synproxy: add mutex to guard hook reference counting As the synproxy infrastructure register netfilter hooks on-demand when a user adds the first iptables target or nftables expression, if done concurrently they can ra...

5.7AI score0.00119EPSS
Exploits0References8
CVE
CVE
added 2026/06/25 8:39 a.m.58 views

CVE-2026-53269

The CVE-2026-53269 issue exists in the Linux kernel’s netfilter synproxy path, where concurrent registration of hooks could race, affecting refcount blocks. A mutex was added to serialize access to refcount control blocks in frontends, mitigating the race. Connected OSV entries report patches for...

5.5CVSS5.7AI score0.00119EPSS
Exploits0References8Affected Software1
Debian CVE
Debian CVE
added 2026/06/25 8:39 a.m.5 views

CVE-2026-53269

In the Linux kernel, the following vulnerability has been resolved: netfilter: synproxy: add mutex to guard hook reference counting As the synproxy infrastructure register netfilter hooks on-demand when a user adds the first iptables target or nftables expression, if done concurrently they can ra...

5.5CVSS5.6AI score0.00119EPSS
Exploits0
OSV
OSV
added 2026/06/25 8:39 a.m.2 views

CVE-2026-53269 netfilter: synproxy: add mutex to guard hook reference counting

In the Linux kernel, the following vulnerability has been resolved: netfilter: synproxy: add mutex to guard hook reference counting As the synproxy infrastructure register netfilter hooks on-demand when a user adds the first iptables target or nftables expression, if done concurrently they can ra...

5.5CVSS5.8AI score0.00119EPSS
Exploits0References11
CVE
CVE
added 2026/06/25 8:39 a.m.12 views

CVE-2026-53262

CVE-2026-53262 affects the Linux kernel ioctl path for the pppol2tp module (l2tp) where pppol2tp_ioctl() dereferenced sock->sk->sk_user_data without proper locking while a sleep could occur during copy_from_user(). If a concurrent socket close happened, l2tp_session_close() could free the s...

7.8CVSS5.8AI score0.00125EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/06/25 8:39 a.m.3 views

CVE-2026-53262 l2tp: pppol2tp: hold reference to session in pppol2tp_ioctl()

In the Linux kernel, the following vulnerability has been resolved: l2tp: pppol2tp: hold reference to session in pppol2tpioctl pppol2tpioctl read sock-sk-skuserdata directly without any locks or reference counting. If a controllable sleep was induced during copyfromuser e.g. via a userfaultfd pag...

7.8CVSS5.8AI score0.00125EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/06/25 8:39 a.m.7 views

CVE-2026-53256

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: hold listener socket in rfcommconnectind rfcommgetsockbychannel scans rfcommsklist under the list lock, but returns the selected listener after dropping that lock without taking a reference. rfcommconnectind th...

5.7AI score0.00266EPSS
Exploits0References9Affected Software1
OSV
OSV
added 2026/06/25 8:39 a.m.1 views

CVE-2026-53256 Bluetooth: RFCOMM: hold listener socket in rfcomm_connect_ind()

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: hold listener socket in rfcommconnectind rfcommgetsockbychannel scans rfcommsklist under the list lock, but returns the selected listener after dropping that lock without taking a reference. rfcommconnectind th...

8CVSS5.8AI score0.00266EPSS
Exploits0References11
Rows per page
Query Builder