2900 matches found
CVE-2026-25271
The CVE describes a TOCTOU race condition in Qualcomm DSP Service causing memory corruption when processing asynchronous input parameters due to improper handling of modified values between check and use. Affected component: DSP Service (Qualcomm). Root cause: TOCTOU under asynchronous input para...
EUVD-2026-25017
kill: 'kill -1' parsed as PID -1, sending SIGTERM to all processes system crash / DoS...
OESA-2026-2842 qt5-qtbase security update
This package provides base tools, such as string, xml, and network handling. Security Fixes: An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.7, and 6.6.x through 6.7.x before 6.7.3. Code to make security-relevant decisions about an...
OESA-2026-2841 qt5-qtbase security update
This package provides base tools, such as string, xml, and network handling. Security Fixes: An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.7, and 6.6.x through 6.7.x before 6.7.3. Code to make security-relevant decisions about an...
UBUNTU-CVE-2026-53352
In the Linux kernel, the following vulnerability has been resolved: signal: clear JOBCTLPENDINGMASK for caller in zapotherthreads When a multi-threaded process receives a stop signal e.g., SIGSTOP, dosignalstop sets JOBCTLSTOPPENDING and JOBCTLSTOPCONSUME on all threads and sets...
CVE-2026-53352
A flaw was found in the Linux kernel. A race condition exists in the zapotherthreads function where job control flags are not properly cleared for the calling thread. This can occur when a multi-threaded process receives a stop signal, and one of its threads concurrently calls execve. The...
CVE-2026-45259
sigqueue2 was marked as permitted in capability mode with the introduction of Capsicum in 2011, but the implementation of kernsigqueue did not include a capability mode check restricting signal delivery to the calling process's own PID. A process in capability mode can use sigqueue2 to send signa...
CVE-2026-45259 sigqueue(2) missing capability mode restriction
sigqueue2 was marked as permitted in capability mode with the introduction of Capsicum in 2011, but the implementation of kernsigqueue did not include a capability mode check restricting signal delivery to the calling process's own PID. A process in capability mode can use sigqueue2 to send signa...
CVE-2026-45259
CVE-2026-45259 affects FreeBSD where sigqueue(2) was allowed in capability mode but kern_sigqueue lacked a capability-mode check to restrict signal delivery to the caller’s own PID. The issue enables a capability-mode sandboxed process to signal other processes (including SIGKILL/SIGSTOP) within ...
PT-2026-53061
Name of the Vulnerable Software and Affected Versions FreeBSD affected versions not specified Description The implementation of the kern sigqueue function failed to include a capability mode check. This allows a process operating in Capsicum capability mode—a security framework that restricts...
EUVD-2026-39776
When used to deliver a signal to a specific thread, thrkill22 called pcansignal to determine whether the operation was permitted but did not check the result before delivering the signal. The signal was sent even when the permission check failed. The system call returned the resulting error to th...
CVE-2026-45256
When used to deliver a signal to a specific thread, thrkill22 called pcansignal to determine whether the operation was permitted but did not check the result before delivering the signal. The signal was sent even when the permission check failed. The system call returned the resulting error to th...
CVE-2026-52946
A flaw was found in the Linux kernel. A lock order deadlock can occur in the sendsigio and sendsigurg functions when a process group receives a signal. This vulnerability, caused by an unsafe lock order during software interrupts SOFTIRQ in asynchronous I/O fasync signaling, could allow a remote...
CVE-2026-45256 Missing permission check in thr_kill2(2)
When used to deliver a signal to a specific thread, thrkill22 called pcansignal to determine whether the operation was permitted but did not check the result before delivering the signal. The signal was sent even when the permission check failed. The system call returned the resulting error to th...
CVE-2026-45256
CVE-2026-45256 affects FreeBSD thr_kill2(2). The kernel failed to verify the result of p_cansignal() before delivering a signal, allowing unprivileged local users who know target PIDs to signal processes they normally could not, including root-owned ones. This can lead to stopping or terminating ...
CVE-2026-53158
A flaw was found in the Linux kernel's fastrpc component. This vulnerability occurs due to a NULL pointer dereference when the Digital Signal Processor DSP sends a glink message before the fastrpc driver is fully initialized. This can lead to system instability or a denial of service DoS conditio...
CVE-2026-53161
A flaw was found in the Linux kernel's fastrpc module. A race condition between closing a file descriptor and processing Digital Signal Processor DSP responses can lead to a use-after-free vulnerability. This allows a local attacker to potentially cause a system crash or, in some cases, execute...
CVE-2026-53159
A flaw was found in the Linux kernel's fastrpc module. The fastrpcgetargs function incorrectly calculates a Direct Memory Access DMA address offset for user-provided pointers. This can lead to an underflow, corrupting the DMA address sent to the Digital Signal Processor DSP. This corruption could...
The vulnerability of the dwc3_remove_requests() function in Linux operating system kernels allows a attacker to cause a service failure or execute arbitrary code.
The vulnerability of the dwc3removerequests function in Linux operating system kernels is related to the situation of signal handling. Exploiting this vulnerability can allow an attacker to cause service failures or execute arbitrary code...
EUVD-2026-38845
In the Linux kernel, the following vulnerability has been resolved: futex: Prevent lockup in requeue-PI during signal/ timeout wakeup During wait-requeue-pi task A and requeue-PI task B the following race can happen: Task A Task B futexwaitrequeuepi futexsetuptimer futexdowait futexrequeue CLASSh...