Lucene search
K

46 matches found

SUSE CVE
SUSE CVE
added 2026/06/26 2:9 a.m.7 views

SUSE CVE-2026-53215

In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: refill RX buffers before XDP or skb use The RX error path returns the current descriptor buffer to the hardware BM pool. That is only valid while the driver still owns the buffer. mvpp2rxrefill can fail after the...

9.8CVSS6AI score0.00546EPSS
Exploits0References3
NVD
NVD
added 2026/06/25 9:16 a.m.6 views

CVE-2026-53215

In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: refill RX buffers before XDP or skb use The RX error path returns the current descriptor buffer to the hardware BM pool. That is only valid while the driver still owns the buffer. mvpp2rxrefill can fail after the...

9.8CVSS0.00546EPSS
Exploits0References7
NVD
NVD
added 2026/06/25 9:16 a.m.4 views

CVE-2026-53162

In the Linux kernel, the following vulnerability has been resolved: memcg: use round-robin victim selection in refillstock Harry Yoo reported that getrandomu32below is not safe to call in the nmi context and memcg charge draining can happen in nmi context. More specifically getrandomu32below is...

7.8CVSS0.00136EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/25 8:39 a.m.4 views

EUVD-2026-39306

In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: refill RX buffers before XDP or skb use The RX error path returns the current descriptor buffer to the hardware BM pool. That is only valid while the driver still owns the buffer. mvpp2rxrefill can fail after the...

6AI score0.00546EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/06/25 8:39 a.m.28 views

CVE-2026-53215 net: mvpp2: refill RX buffers before XDP or skb use

In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: refill RX buffers before XDP or skb use The RX error path returns the current descriptor buffer to the hardware BM pool. That is only valid while the driver still owns the buffer. mvpp2rxrefill can fail after the...

9.8CVSS0.00546EPSS
Exploits0References7
CVE
CVE
added 2026/06/25 8:39 a.m.30 views

CVE-2026-53215

CVE-2026-53215 affects the Linux kernel mvpp2 driver: the RX path could return a descriptor buffer to the hardware Buffer Manager after it had been handed to XDP or an skb, allowing DMA into memory no longer owned by the RX ring. Root cause is improper handling of RX buffers in mvpp2_rx_refill() ...

9.8CVSS6AI score0.00546EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2026/06/25 8:38 a.m.31 views

CVE-2026-53162 memcg: use round-robin victim selection in refill_stock

In the Linux kernel, the following vulnerability has been resolved: memcg: use round-robin victim selection in refillstock Harry Yoo reported that getrandomu32below is not safe to call in the nmi context and memcg charge draining can happen in nmi context. More specifically getrandomu32below is...

7.8CVSS0.00136EPSS
Exploits0References3
CVE
CVE
added 2026/06/25 8:38 a.m.7 views

CVE-2026-53162

Summary (CVE-2026-53162) : In the Linux kernel memcg subsystem, a non-NMI-safe path around random-number generation during NMI handling could corrupt the ChaCha batch state, enabling memcg charge draining. The fix replaces the get_random_u32_below() path with a per-CPU round-robin counter stored ...

7.8CVSS5.8AI score0.00136EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/06/25 8:38 a.m.5 views

EUVD-2026-39253

In the Linux kernel, the following vulnerability has been resolved: memcg: use round-robin victim selection in refillstock Harry Yoo reported that getrandomu32below is not safe to call in the nmi context and memcg charge draining can happen in nmi context. More specifically getrandomu32below is...

5.8AI score0.00136EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/25 8:38 a.m.5 views

CVE-2026-53162

In the Linux kernel, the following vulnerability has been resolved: memcg: use round-robin victim selection in refillstock Harry Yoo reported that getrandomu32below is not safe to call in the nmi context and memcg charge draining can happen in nmi context. More specifically getrandomu32below is...

7.8CVSS5.7AI score0.00136EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.9 views

PT-2026-52310

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the mvpp2 network driver where the RX error path returns the current descriptor buffer to the hardware Buffer Manager BM pool. This action is only valid while the driv...

9.8CVSS6.1AI score0.00546EPSS
Exploits0References16
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: netpoll: Fixed a deadlock in memory allocation under spinlock. A deadlock occurred in the refillskbs function, where memory allocation while holding skbpool-lock could trigger a recursive lock acquisition attempt. This deadlock...

5.8AI score0.00155EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: iouring/zcrx: fixed the race condition between the scrub and refill paths involving userrefs The iozcrxputniovuref function uses a non-atomic check-then-decrement pattern atomicread followed by an atomicdec to manipulate...

4.7CVSS6AI score0.00088EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/05/07 2:17 a.m.11 views

SUSE CVE-2026-43121

In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fix userref race between scrub and refill paths The iozcrxputniovuref function uses a non-atomic check-then-decrement pattern atomicread followed by separate atomicdec to manipulate userrefs. This is serialized...

5.8AI score0.00088EPSS
Exploits0References3
NVD
NVD
added 2026/05/06 12:16 p.m.9 views

CVE-2026-43121

In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fix userref race between scrub and refill paths The iozcrxputniovuref function uses a non-atomic check-then-decrement pattern atomicread followed by separate atomicdec to manipulate userrefs. This is serialized...

4.7CVSS0.00088EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/05/06 11:27 a.m.6 views

CVE-2026-43121

In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fix userref race between scrub and refill paths The iozcrxputniovuref function uses a non-atomic check-then-decrement pattern atomicread followed by separate atomicdec to manipulate userrefs. This is serialized...

4.7CVSS5.7AI score0.00088EPSS
Exploits0
CVE
CVE
added 2026/05/06 11:27 a.m.37 views

CVE-2026-43121

CVE-2026-43121 involves the Linux kernel io_uring/zcrx race between scrub and refill paths. The non-atomic read-then-decrement of the user_refs can race with io_zcrx_scrub() using atomic_xchg, causing a double-free of a niov and an out-of-bounds write past the freelist array. The fix replaces the...

4.7CVSS5.8AI score0.00088EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a race condition between the userref functions in iouring/zcrx during the scrub and refill...

4.7CVSS5.8AI score0.00088EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.5 views

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011047)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011047 advisory. In the Linux kernel, the following vulnerability has been resolved: net: sxgbe: fix potential NULL dereference in sxgberx Currently, when skb is null, the driver...

5.7AI score0.00161EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.5 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013027)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013027 advisory. In the Linux kernel, the following vulnerability has been resolved: net: sxgbe: fix potential NULL dereference in sxgberx Currently, when skb is null, the driver...

5.7AI score0.00161EPSS
Exploits0References4
Rows per page
Query Builder