CVE-2026-31408

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: Fix use-after-free in scorecvframe due to missing sockhold scorecvframe reads conn-sk under scoconnlock but immediately releases the lock without holding a reference to the socket. A concurrent close can free the...

PT-2026-30576

Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description The Linux kernel contains a use-after-free issue in the sco recv frame function within the Bluetooth SCO Synchronous Connection-Oriented subsystem. The function reads conn-sk under sco...

Linux Distros Unpatched Vulnerability : CVE-2026-31408

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: SCO: Fix use-after-free in scorecvframe due to missing sockhold scorecvframe reads conn-sk under scoconnlock but immediately releases the lock withou...

Linux Distros Unpatched Vulnerability : CVE-2026-23419

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/rds: Fix circular locking dependency in rdstcptune syzbot reported a circular locking dependency in rdstcptune where sknetrefcntupgrade is called while...

EUVD-2018-21754

Snes9K 0.0.9z contains a buffer overflow vulnerability in the Netplay Socket Port Number field that allows local attackers to trigger a structured exception handler SEH overwrite. Attackers can craft a malicious payload and paste it into the Socket Port Number field via the Netplay Options menu t...

CVE-2018-25251 Snes9K 0.0.9z Buffer Overflow SEH via Netplay Socket

Snes9K 0.0.9z contains a buffer overflow vulnerability in the Netplay Socket Port Number field that allows local attackers to trigger a structured exception handler SEH overwrite. Attackers can craft a malicious payload and paste it into the Socket Port Number field via the Netplay Options menu t...

CVE-2018-25251

The CVE-2018-25251 entry concerns Snes9K 0.0.9z with a buffer overflow in the Netplay Socket Port Number field. The flaw allows local attackers to trigger a structured exception handler (SEH) overwrite by crafting a payload and pasting it into the Socket Port Number field via the Netplay Options ...

CVE-2018-25251 Snes9K 0.0.9z Buffer Overflow SEH via Netplay Socket

Snes9K 0.0.9z contains a buffer overflow vulnerability in the Netplay Socket Port Number field that allows local attackers to trigger a structured exception handler SEH overwrite. Attackers can craft a malicious payload and paste it into the Socket Port Number field via the Netplay Options menu t...

CVE-2018-25251

Snes9K 0.0.9z contains a buffer overflow vulnerability in the Netplay Socket Port Number field that allows local attackers to trigger a structured exception handler SEH overwrite. Attackers can craft a malicious payload and paste it into the Socket Port Number field via the Netplay Options menu t...

SUSE CVE-2026-23419

In the Linux kernel, the following vulnerability has been resolved: net/rds: Fix circular locking dependency in rdstcptune syzbot reported a circular locking dependency in rdstcptune where sknetrefcntupgrade is called while holding the socket lock:...

SUSE CVE-2026-23444

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: always free skb on ieee80211txprepareskb failure ieee80211txprepareskb has three error paths, but only two of them free the skb. The first error path ieee80211txprepare returning TXDROP does not free it, while...

SUSE CVE-2026-23445

In the Linux kernel, the following vulnerability has been resolved: igc: fix page fault in XDP TX timestamps handling If an XDP application that requested TX timestamping is shutting down while the link of the interface in use is still up the following kernel splat is reported: 883.803618 T1554...

CVE-2026-34824 Mesop: Unbounded Thread Creation in WebSocket Handler Leads to Denial of Service

Mesop is a Python-based UI framework that allows users to build web applications. From version 1.2.3 to before version 1.2.5, an uncontrolled resource consumption vulnerability exists in the WebSocket implementation of the Mesop framework. An unauthenticated attacker can send a rapid succession o...

CVE-2026-23450

A flaw was found in the Linux kernel's net/smc component. A remote attacker could exploit a race condition during the concurrent closing of an SMC listen socket. This could lead to a NULL pointer dereference or a use-after-free vulnerability in the smctcpsynrecvsock function, potentially causing ...

CVE-2026-23473

A flaw was found in the Linux kernel's iouring/poll subsystem. A race condition can occur when a socket performs send and shutdown operations in quick succession. This can cause a multishot receive operation to hang indefinitely, leading to a Denial of Service DoS for affected systems...

EUVD-2026-18746

In the Linux kernel, the following vulnerability has been resolved: iouring/poll: fix multishot recv missing EOF on wakeup race When a socket send and shutdown happen back-to-back, both fire wake-ups before the receiver's taskwork has a chance to run. The first wake gets poll ownership pollrefs=1...

EUVD-2026-18700

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix NULL dereference and UAF in smctcpsynrecvsock Syzkaller reported a panic in smctcpsynrecvsock 1. smctcpsynrecvsock is called in the TCP receive path softirq via icskafops-synrecvsock on the clcsock TCP listening...

CVE-2026-23444

A flaw was found in the Linux kernel's mac80211 Wi-Fi subsystem. This vulnerability occurs because a specific error path within the ieee80211txprepareskb function fails to properly release a network buffer, known as a socket buffer skb. This inconsistency can lead to a double-free condition, wher...

CVE-2026-23473

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2026-23439

In the Linux kernel, the following vulnerability has been resolved: udptunnel: fix NULL deref caused by udpsockcreate6 when CONFIGIPV6=n When CONFIGIPV6 is disabled, the udpsockcreate6 function returns 0 success without actually creating a socket. Callers such as foucreate then proceed to...