Lucene search
+L

261 matches found

astralinux
astralinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux - Vulnerability in linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: net: bonding: fix use-after-free after 802.3ad slave unbind commit 0622cab0341c "bonding: fix 802.3ad aggregator reselection", resolves a case where there are multiple aggregation groups in the same bond. bond3adunbindslave...

7.8CVSS6.2AI score0.00281EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: serial: imx: fix tx statemachine deadlock When using the serial port as a RS485 port, the tx statemachine is used to control the RTS pin to drive the RS485 transceiver’s TXEN pin. When the TTY port is closed mid-transmission e.g....

5.5CVSS5.6AI score0.00175EPSS
Exploits0References2
cnnvd
cnnvd
added 2026/05/20 12:0 a.m.12 views

ISC BIND 9 安全漏洞

ISC BIND 9 is a domain name system software developed by the ISC organization. ISC BIND 9 has a security vulnerability that stems from an unlimited recursive loop within the resolver’s state machine. This vulnerability could allow remote unauthenticated attackers to cause severe resource...

5.3CVSS5.8AI score0.00551EPSS
Exploits1References2
ptsecurity
ptsecurity
added 2026/05/17 12:0 a.m.9 views

PT-2026-42165

Name of the Vulnerable Software and Affected Versions BIND 9 versions 9.18.36 through 9.18.48 BIND 9 versions 9.20.8 through 9.20.22 BIND 9 versions 9.21.7 through 9.21.21 BIND 9 versions 9.18.36-S1 through 9.18.48-S1 BIND 9 versions 9.20.9-S1 through 9.20.22-S1 Description An unbounded resend lo...

5.3CVSS5.8AI score0.00551EPSS
Exploits1References47
mscve
mscve
added 2026/05/07 8:7 a.m.9 views

drm/amd/display: Adjust PHY FSM transition to TX_EN-to-PLL_ON for TMDS on DCN35

...

5.5CVSS5.8AI score0.00112EPSS
Exploits0
redhatcve
redhatcve
added 2026/05/06 8:58 p.m.10 views

CVE-2026-43191

A flaw was found in the Linux kernel's AMD display drm/amd/display component. An issue occurs when the physical layer's finite state machine PHY FSM incorrectly transitions during the disabling of Transition Minimized Differential Signaling TMDS output on DCN35 hardware. This can cause the Output...

5.5CVSS5.8AI score0.00112EPSS
Exploits0References4
nvd
nvd
added 2026/05/06 12:16 p.m.13 views

CVE-2026-43226

In the Linux kernel, the following vulnerability has been resolved: net/rds: No shortcut out of RDSCONNERROR RDS connections carry a state "rdsconnpath::cpstate" and transitions from one state to another and are conditional upon an expected state: "rdsconnpathtransition." There is one exception t...

7.5CVSS0.00523EPSS
Exploits0References8
osv
osv
added 2026/05/06 11:28 a.m.3 views

CVE-2026-43226 net/rds: No shortcut out of RDS_CONN_ERROR

In the Linux kernel, the following vulnerability has been resolved: net/rds: No shortcut out of RDSCONNERROR RDS connections carry a state "rdsconnpath::cpstate" and transitions from one state to another and are conditional upon an expected state: "rdsconnpathtransition." There is one exception t...

7.5CVSS6.5AI score0.00523EPSS
Exploits0References11
attackerkb
attackerkb
added 2026/05/06 11:28 a.m.7 views

CVE-2026-43191

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Adjust PHY FSM transition to TXEN-to-PLLON for TMDS on DCN35 Why A backport of the change made for DCN401 that addresses an issue where we turn off the PHY PLL when disabling TMDS output, which causes the OTG to...

5.8AI score0.00112EPSS
Exploits0References3Affected Software1
debiancve
debiancve
added 2026/05/06 11:28 a.m.5 views

CVE-2026-43191

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Adjust PHY FSM transition to TXEN-to-PLLON for TMDS on DCN35 Why A backport of the change made for DCN401 that addresses an issue where we turn off the PHY PLL when disabling TMDS output, which causes the OTG to...

5.5CVSS5.8AI score0.00112EPSS
Exploits0
cve
cve
added 2026/05/06 11:28 a.m.17 views

CVE-2026-43191

CVE-2026-43191 concerns the Linux kernel DRM/AMD display path, specifically the PHY FSM transition from TX_EN to PLL_ON for TMDS on DCN35. The issue stems from a backport from DCN401 intended to fix turning off the PHY PLL during TMDS disable, which could cause OTG to hang and affect DCHVM invali...

5.5CVSS5.8AI score0.00112EPSS
Exploits0References2Affected Software1
cnnvd
cnnvd
added 2026/05/06 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the atomicization of the PHY FSM conversion in the DRM and display mechanisms. This vulnerability...

5.5CVSS5.8AI score0.00112EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/05/06 12:0 a.m.15 views

PT-2026-37531

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the drm/amd/display component where disabling TMDS output turns off the PHY PLL Phase-Locked Loop, causing the OTG Output Timing Generator to remain stuck. This state...

5.5CVSS5.8AI score0.00112EPSS
Exploits0References13
hackerone
hackerone
added 2026/04/29 7:44 a.m.30 views

curl: MQTT state machine confusion: PINGRESP/DISCONNECT with non-zero remaining_length dispatches to stale nextstate

Summary: In lib/mqtt.c, the state machine in mqttdoing lines 894-911 in curl 8.20.0 does not validate that PINGRESP 0xD0 and DISCONNECT 0xE0 packets have remaininglength == 0 as required by MQTT 3.1.1 spec sections 3.13.1 and 3.14.1. A malicious broker can send a PINGRESP fixed header with non-ze...

5.8AI score
Exploits0
ptsecurity
ptsecurity
added 2026/04/29 12:0 a.m.11 views

PT-2026-37135

Name of the Vulnerable Software and Affected Versions GoBGP versions prior to 4.4.0 Description A remote Denial of Service DoS issue exists due to a nil pointer dereference. When a malformed BGP UPDATE message contains an unrecognized Path Attribute marked as "Well-known," the daemon fails to...

7.5CVSS5.8AI score0.00503EPSS
Exploits1References5
attackerkb
attackerkb
added 2026/03/26 4:27 p.m.1 views

CVE-2026-27814

EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race C++ UB triggered by an A 1-phase ↔ 3-phase switch request acswitchthreephaseswhilecharging during charging/waiting executes concurrently with the state machine loop. Version 2026.02.0 contains a patch...

4.2CVSS5.8AI score0.00134EPSS
Exploits0References2Affected Software1
euvd
euvd
added 2026/03/26 4:27 p.m.5 views

EUVD-2026-16222

EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race C++ UB triggered by an A 1-phase ↔ 3-phase switch request acswitchthreephaseswhilecharging during charging/waiting executes concurrently with the state machine loop. Version 2026.02.0 contains a patch...

4.2CVSS5.8AI score0.00134EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/03/26 2:59 p.m.6 views

CVE-2026-31814

Yamux is a stream multiplexer over reliable, ordered connections such as TCP/IP. From 0.13.0 to before 0.13.9, a specially crafted WindowUpdate can cause arithmetic overflow in send-window accounting, which triggers a panic in the connection state machine. This is remotely reachable over a normal...

8.7CVSS5.8AI score0.00462EPSS
Exploits1References1
ptsecurity
ptsecurity
added 2026/03/26 12:0 a.m.4 views

PT-2026-28359

Name of the Vulnerable Software and Affected Versions EVerest versions prior to 2026.02.0 Description EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race C++ undefined behavior triggered by a 1-phase ↔ 3-phase switch request ac switch three phases while charging...

4.2CVSS5.9AI score0.00134EPSS
Exploits0References4
ossf
ossf
added 2026/03/24 3:53 p.m.12 views

Malicious code in nf-promise-state-machine (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc012f9411ceaa957f4b364f6b1443d3244155de13f5fc0ccb759ad682bd0ae7 The package nf-promise-state-machine was found to contain malicious code...

5.9AI score
Exploits0
Rows per page
Query Builder