10971 matches found
kernel: xfrm: defensively unhash xfrm_state lists in __xfrm_state_delete
A flaw was found in the Linux kernel's xfrm IPSec framework subsystem. This vulnerability, a use-after-free, occurs when the system incorrectly manages memory related to security policies, specifically during the deletion of xfrmstate lists. An attacker with local access could exploit this flaw b...
USN-8490-2 linux-realtime, linux-realtime-6.17 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Cryptographic API; - DMA engine subsystem; - InfiniBand drivers; -...
USN-8490-2: Linux kernel (Real-time) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Cryptographic API; - DMA engine subsystem; - InfiniBand drivers; -...
USN-8490-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Cryptographic API; - DMA engine subsystem; - InfiniBand drivers; -...
CVE-2026-14890 CVE-2026-14890
SGLang uses an expert-parallel backup subsystem that exposes a ZeroMQ PULL socket on a routable network interface that does not contain authentication or deserialization safeguards, allowing an attacker to provide a malicious pickle file that results in unauthenticated remote code execution when...
CVE-2026-14890
SGLang is vulnerable to unauthenticated remote code execution via its expert-parallel backup subsystem. The issue centers on a ZeroMQ PULL socket exposed on a routable network interface with no authentication or deserialization safeguards, allowing an attacker to send a malicious pickle payload t...
kernel: netfilter: nf_conntrack_helper: pass helper to expect cleanup
A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nfconntrackhelper. When a connection tracking helper is unregistered, its associated expectations are not properly cleaned up. This oversight can lead to a use-after-free vulnerability, where the system attempts t...
USN-8547-1 linux-gcp-5.15, linux-intel-iotg-5.15 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - RISC-V architecture; - Cryptographic API; - InfiniBand drivers; - IOMMU subsystem; - Network drivers; -...
USN-8546-1 linux-raspi vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Cryptographic API; - DMA engine subsystem; - InfiniBand drivers; -...
USN-8545-1 linux-hwe-6.17 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Cryptographic API; - DMA engine subsystem; - InfiniBand drivers; -...
USN-8545-1: Linux kernel (HWE) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Cryptographic API; - DMA engine subsystem; - InfiniBand drivers; -...
CVE-2026-57968
Buffer over-read in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally...
CVE-2026-57973
Time-of-check time-of-use toctou race condition in Windows Subsystem for Linux allows an authorized attacker to perform tampering locally...
CVE-2026-58632 Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
...
CVE-2026-58632
CVE-2026-58632 is a Windows Win32K use-after-free vulnerability in the Win32 Kernel Subsystem that could allow a locally authenticated attacker to escalate privileges. The CVE is described as a local elevation of privilege (no remote code execution). Public sources in the connected set consistent...
CVE-2026-57973
CVE-2026-57973 describes a Time-of-check Time-of-use (TOCTOU) race condition in Windows Subsystem for Linux (WSL2) kernel. The issue allows an authorized attacker to perform local tampering. Affected component is the WSL2 kernel; impact per sources is local, with confidentiality and integrity aff...
CVE-2026-57973 Windows Subsystem for Linux (WSL2) Kernel Tampering Vulnerability
...
CVE-2026-57973 Windows Subsystem for Linux (WSL2) Kernel Tampering Vulnerability
...
CVE-2026-57968 Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability
...
CVE-2026-57968
The CVE-2026-57968 entry describes a Buffer over-read in Windows Subsystem for Linux (WSL2) that can enable local privilege escalation for an authorized attacker. Connected sources corroborate a kernel-level issue affecting WSL2; the base CVSS vector indicates LOCAL attack, LOW complexity, with H...