Lucene search
+L

63 matches found

redhat
redhat
added 2026/07/07 2:14 p.m.6 views

kernel: tcp: fix potential race in tcp_v6_syn_recv_sock()

A flaw was found in the Linux kernel. A race condition exists in the TCP Transmission Control Protocol IPv6 Internet Protocol version 6 socket handling, specifically within the tcpv6synrecvsock function. This occurs because a child socket becomes visible in the TCP hash table before its...

9.8CVSS6.6AI score0.00298EPSS
Exploits0References5
redhat
redhat
added 2026/07/07 5:55 a.m.15 views

kernel: tcp: fix potential race in tcp_v6_syn_recv_sock()

A flaw was found in the Linux kernel. A race condition exists in the TCP Transmission Control Protocol IPv6 Internet Protocol version 6 socket handling, specifically within the tcpv6synrecvsock function. This occurs because a child socket becomes visible in the TCP hash table before its...

9.8CVSS6.6AI score0.00298EPSS
Exploits0References5
redhat
redhat
added 2026/07/06 2:31 p.m.11 views

kernel: tcp: fix potential race in tcp_v6_syn_recv_sock()

A flaw was found in the Linux kernel. A race condition exists in the TCP Transmission Control Protocol IPv6 Internet Protocol version 6 socket handling, specifically within the tcpv6synrecvsock function. This occurs because a child socket becomes visible in the TCP hash table before its...

9.8CVSS6.6AI score0.00298EPSS
Exploits0References5
nvd
nvd
added 2026/06/30 5:16 p.m.10 views

CVE-2026-10655

The asynchronous SNTP client in Zephyr subsys/net/lib/sntp/sntp.c, sntpcloseasync closed the UDP socket file descriptor directly from the calling thread immediately after detaching it from the network socket service, without synchronizing with the socket-service poll thread. The socket service...

6.5CVSS0.00254EPSS
Exploits1References2
cve
cve
added 2026/06/30 4:33 p.m.18 views

CVE-2026-10655

Concrete details found: Zephyr’s asynchronous SNTP client (sntp_close_async) can race with the socket service poll thread. Closing the UDP socket descriptor from a different thread (SNTP timeout path) may free and reuse net_context while the poll thread holds a poller node, causing a use-after-fr...

6.5CVSS5.8AI score0.00254EPSS
Exploits1References2Affected Software1
osv
osv
added 2026/06/30 4:33 p.m.2 views

CVE-2026-10655 Use-after-free race in SNTP async client when closing the socket while the socket service is still polling it

The asynchronous SNTP client in Zephyr subsys/net/lib/sntp/sntp.c, sntpcloseasync closed the UDP socket file descriptor directly from the calling thread immediately after detaching it from the network socket service, without synchronizing with the socket-service poll thread. The socket service...

6.5CVSS6AI score0.00254EPSS
Exploits1References5
redhat
redhat
added 2026/06/29 7:50 p.m.5 views

kernel: tcp: fix potential race in tcp_v6_syn_recv_sock()

A flaw was found in the Linux kernel. A race condition exists in the TCP Transmission Control Protocol IPv6 Internet Protocol version 6 socket handling, specifically within the tcpv6synrecvsock function. This occurs because a child socket becomes visible in the TCP hash table before its...

9.8CVSS6.5AI score0.00298EPSS
Exploits0References5
nessus
nessus
added 2026/06/28 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-53256

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: RFCOMM: hold listener socket in rfcommconnectind rfcommgetsockbychannel scans rfcommsklist under the list lock, but returns the selected listener aft...

8CVSS5.9AI score0.00266EPSS
Exploits0References3
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: - UDP: Fixed a race condition between close and udpabort. - Kaustubh reported and diagnosed a panic condition in udpliblookup. The root cause is that udpabort is racing with close. Both functions attempt to acquire the socket...

4.7CVSS6.4AI score0.00179EPSS
Exploits0References2
redhatcve
redhatcve
added 2026/05/06 9:8 p.m.32 views

CVE-2026-43198

A flaw was found in the Linux kernel. A race condition exists in the TCP Transmission Control Protocol IPv6 Internet Protocol version 6 socket handling, specifically within the tcpv6synrecvsock function. This occurs because a child socket becomes visible in the TCP hash table before its...

9.8CVSS5.8AI score0.00298EPSS
Exploits0References4
nvd
nvd
added 2026/05/06 12:16 p.m.44 views

CVE-2026-43198

In the Linux kernel, the following vulnerability has been resolved: tcp: fix potential race in tcpv6synrecvsock Code in tcpv6synrecvsock after the call to tcpv4synrecvsock is done too late. After tcpv4synrecvsock, the child socket is already visible from TCP ehash table and other cpus might use i...

9.8CVSS0.00298EPSS
Exploits0References19
osv
osv
added 2026/05/01 2:15 p.m.1 views

CVE-2026-43023 Bluetooth: SCO: fix race conditions in sco_sock_connect()

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: fix race conditions in scosockconnect scosockconnect checks skstate and sktype without holding the socket lock. Two concurrent connect syscalls on the same socket can both pass the check and enter scoconnect,...

7.8CVSS6.5AI score0.00097EPSS
Exploits0References9
ptsecurity
ptsecurity
added 2026/03/26 12:0 a.m.6 views

PT-2026-36440

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the Bluetooth SCO component. The function sco sock connect performs checks on sk state and sk type without holding the socket lock. This allows two concurrent...

7.8CVSS7AI score0.00097EPSS
Exploits0
osv
osv
added 2026/02/05 9:10 a.m.11 views

RLSA-2026:1143 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: Use-after-free in device mapper due to race condition in zone reporting CVE-2025-38141 kernel: Linux kernel use-after-free in eventpoll CVE-2025-38349 kernel: drm/xe: Fix...

7.8CVSS5.4AI score0.00203EPSS
Exploits0References9
nessus
nessus
added 2026/02/05 12:0 a.m.8 views

MiracleLinux 9 : kernel-5.14.0-611.26.1.el9_7 (AXSA:2026-144:08)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-144:08 advisory. kernel: Linux kernel: Use-after-free in device mapper due to race condition in zone reporting CVE-2025-38141 kernel: Linux kernel use-after-free in...

7.8CVSS8AI score0.00203EPSS
Exploits0References9
redhat
redhat
added 2026/01/26 2:47 p.m.3 views

kernel: Bluetooth: hci_sock: Prevent race in socket write iter and sock bind

A use-after-free vulnerability was found in the Linux kernel's Bluetooth HCI socket implementation. A race condition between socket bind and write operations allows mgmtpending to free a command structure while writeiter is still attempting to send it, resulting in use-after-free when the freed...

5.8AI score0.00162EPSS
Exploits0References5
redhat
redhat
added 2026/01/26 2:47 p.m.24 views

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

7.8CVSS6.9AI score0.00203EPSS
Exploits0References9
osv
osv
added 2026/01/26 12:0 a.m.7 views

ALSA-2026:1143 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: Use-after-free in device mapper due to race condition in zone reporting CVE-2025-38141 kernel: Linux kernel use-after-free in eventpoll CVE-2025-38349 kernel: drm/xe: Fix...

7.8CVSS6.9AI score0.00203EPSS
Exploits0References18
nessus
nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004253)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004253 advisory. A use-after-free flaw was found in the Linux Kernel due to a race problem in the unix garbage collector's deletion of SKB races with unixstreamreadgeneric on the...

7CVSS6.7AI score0.00224EPSS
Exploits0References3
nessus
nessus
added 2026/01/16 12:0 a.m.2 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001454)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001454 advisory. A race condition in Linux kernel SCTP sockets net/sctp/socket.c before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an...

7CVSS6.7AI score0.00482EPSS
Exploits1References4
Rows per page
Query Builder