Lucene search
K

3946 matches found

EUVD
EUVD
added 2026/06/24 6:32 p.m.4 views

EUVD-2026-38892

In the Linux kernel, the following vulnerability has been resolved: greybus: raw: fix use-after-free if write is called after disconnect If a user writes to the chardev after disconnect has been called, the kernel panics with the following trace with CONFIGINITONFREEDEFAULTON=y: BUG: kernel NULL...

5.7AI score0.00129EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/24 6:32 p.m.3 views

EUVD-2026-38888

In the Linux kernel, the following vulnerability has been resolved: um: Fix potential race condition in TLB sync During the TLB sync, we need to traverse and modify the page table, so we should hold the page table lock. Since full SMP support for threads within the same process is still missing,...

5.8AI score0.0012EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/24 5:52 p.m.12 views

CVE-2026-49980

Rclone is a command-line program to sync files and directories to and from different cloud storage providers. From 1.46.0 until 1.74.3, rclone rcd --rc-serve accepts unauthenticated GET and HEAD requests to paths of the form: /remote:path/object. The remote value is parsed from the URL and passed...

9.8CVSS6AI score0.00701EPSS
Exploits0
NVD
NVD
added 2026/06/24 5:17 p.m.7 views

CVE-2026-54906

concurrent-ruby is a modern concurrency tools for Ruby. Prior to 1.3.7, Concurrent::ReadWriteLockreleasewritelock does not verify that the calling thread acquired the write lock. Any thread with access to the lock object can release an active write lock held by another thread. A second writer can...

9.8CVSS0.0016EPSS
Exploits0References1
NVD
NVD
added 2026/06/24 5:17 p.m.6 views

CVE-2026-53024

In the Linux kernel, the following vulnerability has been resolved: greybus: raw: fix use-after-free if write is called after disconnect If a user writes to the chardev after disconnect has been called, the kernel panics with the following trace with CONFIGINITONFREEDEFAULTON=y: BUG: kernel NULL...

7.8CVSS0.00129EPSS
Exploits0References2
CVE
CVE
added 2026/06/24 4:29 p.m.7 views

CVE-2026-53024

Summary: CVE-2026-53024 affects the Linux kernel Greybus raw subsystem. A use-after-free can occur when a user writes to a chardev after disconnect, because gb_connection_destroy frees the connection object during disconnect and a subsequent write may access that freed object, potentially trigger...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 4:29 p.m.26 views

CVE-2026-53020 um: Fix potential race condition in TLB sync

In the Linux kernel, the following vulnerability has been resolved: um: Fix potential race condition in TLB sync During the TLB sync, we need to traverse and modify the page table, so we should hold the page table lock. Since full SMP support for threads within the same process is still missing,...

7.8CVSS0.0012EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.1 views

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net: stmmac – ensure that ptprate is not set to 0 before configuring EST. If the value of ptprate, which was previously recorded in the driver, happens to be 0, this invalid value will be propagated up to the EST configuration,...

5.5CVSS5.7AI score0.00158EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: bpf: There is a race condition where irqwork can be queued in bpfringbufcommit, but the ring buffer is freed before the work executes. In the syzbot reproducer, a BPF program attached to schedswitch triggers bpfringbufcommit, whi...

6AI score0.00161EPSS
Exploits0References3
NVD
NVD
added 2026/06/24 8:16 a.m.7 views

CVE-2026-52918

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: serialize acceptq access btsockpoll walks the accept queue without synchronization, while child teardown can unlink the same socket and drop its last reference. The unsynchronized accept queue walk has existed since th...

8.8CVSS0.00266EPSS
Exploits0References8
OSV
OSV
added 2026/06/24 8:16 a.m.4 views

UBUNTU-CVE-2026-52925

In the Linux kernel, the following vulnerability has been resolved: vrf: Fix a potential NPD when removing a port from a VRF RCU readers that identified a net device as a VRF port using netifisl3slave assume that a subsequent call to netdevmasterupperdevgetrcu will return a VRF device. They then...

5.7AI score0.00164EPSS
Exploits0References11
CVE
CVE
added 2026/06/24 7:14 a.m.9 views

CVE-2026-52925

The CVE-2026-52925 entry relates to the Linux kernel VRF handling. The vulnerability arose from a race where an RCU reader identifying a net device as a VRF port could dereference l3mdev operations of a master device (e.g., a bridge) after netdev_master_upper_dev_get_rcu() returned it as a VRF de...

5.8AI score0.00164EPSS
Exploits0References8
CVE
CVE
added 2026/06/24 7:14 a.m.7 views

CVE-2026-52918

The CVE-2026-52918 entry concerns a race in the Linux kernel Bluetooth subsystem. Specifically, bt_sock_poll() traverses the accept_q without proper synchronization, allowing a race between normal polling and child socket teardown which can drop the last reference on the same socket. The advisory...

8.8CVSS5.7AI score0.00266EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.6 views

PT-2026-51885

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists between the pressure write operation and the cgroup file release process. This occurs because the priv member of the struct kernfs open file is not sufficiently...

7.8CVSS5.9AI score0.00104EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.13 views

PT-2026-51711

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Bluetooth subsystem where the bt sock poll function iterates through the accept q accept queue without proper synchronization. This lack of synchronization can lea...

8.8CVSS5.7AI score0.00266EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.10 views

PT-2026-51914

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists during Translation Lookaside Buffer TLB synchronization, which is a process used to maintain consistency between the CPU cache and the main memory page tables. Th...

7.8CVSS5.8AI score0.0012EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-52925

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vrf: Fix a potential NPD when removing a port from a VRF RCU readers that identified a net device as a VRF port using netifisl3slave assume that a subsequent ca...

5.8AI score0.00164EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/23 7:44 a.m.6 views

CVE-2026-48163

A flaw was found in MariaDB server. During the State Snapshot Transfer SST process, a malicious joiner node could exploit improper parameter validation on the donor node. This vulnerability, specifically within the rsync SST method, allows the malicious joiner to execute arbitrary shell commands ...

9.1CVSS6.1AI score0.00694EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: mptcp: Use OPTIONMPTCPMPJSYNACK in subflowfinishconnect subflowfinishconnect uses four fields backup, joinid, thmac, none that may contain garbage unless OPTIONMPTCPMPJSYNACK has been set in mptcpparseoption...

5.5CVSS6.1AI score0.00219EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Avoid consuming a stale esr value when an SError occurs When any exception other than an IRQ occurs, the CPU updates the ESREL2 register with the exception syndrome. An SError may also become pending, and will be...

5.5CVSS5AI score0.00225EPSS
Exploits0References2
Rows per page
Query Builder