Lucene search
K

80 matches found

RedhatCVE
RedhatCVE
added 2026/06/26 9:30 a.m.6 views

CVE-2026-53197

A flaw was found in the iptfs module of the Linux kernel. This issue, an ABBA deadlock, occurs when iptfsdestroystate attempts to cancel a timer while holding a spinlock that the timer's callback also tries to acquire. This circular dependency can cause the system to become unresponsive, leading ...

5.5CVSS5.8AI score0.00097EPSS
Exploits0References4
OSV
OSV
added 2026/06/25 9:16 a.m.4 views

UBUNTU-CVE-2026-53197

In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: fix ABBA deadlock in iptfsdestroystate iptfsdestroystate calls hrtimercancel while holding a spinlock that the timer callback also acquires, leading to an ABBA deadlock on SMP systems. For the output timer iptfstimer...

5.7CVSS5.8AI score0.00097EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/25 8:39 a.m.5 views

EUVD-2026-39288

In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: fix ABBA deadlock in iptfsdestroystate iptfsdestroystate calls hrtimercancel while holding a spinlock that the timer callback also acquires, leading to an ABBA deadlock on SMP systems. For the output timer iptfstimer...

5.8AI score0.00097EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: j1939xtprxrtssessionactive – The session is deactivated upon receiving the second RTS packet. Since j1939tprxtimer calls j1939sessiondeactivateactivatenext only when the timer is enabled, we need to call this...

7.5CVSS5.8AI score0.00424EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/03 3:50 p.m.44 views

CVE-2026-46267 nfc: hci: shdlc: Stop timers and work before freeing context

In the Linux kernel, the following vulnerability has been resolved: nfc: hci: shdlc: Stop timers and work before freeing context llcshdlcdeinit purges SHDLC skb queues and frees the llcshdlc structure while its timers and state machine work may still be active. Timer callbacks can schedule smwork...

0.00121EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/03 3:50 p.m.14 views

EUVD-2026-34129

In the Linux kernel, the following vulnerability has been resolved: nfc: hci: shdlc: Stop timers and work before freeing context llcshdlcdeinit purges SHDLC skb queues and frees the llcshdlc structure while its timers and state machine work may still be active. Timer callbacks can schedule smwork...

5.7AI score0.00121EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.18 views

PT-2026-46030

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Use-After-Free UAF condition exists in the Linux kernel's NFC HCI SHDLC implementation. The function llc shdlc deinit purges SHDLC skb queues and frees the llc shdlc structure while...

7.8CVSS5.8AI score0.00121EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: - dm integrity: Fixed a UAF Use-after-Free in dmintegritydtr. - dmintegrity also has the same UAF problem when dmresume and dmdestroy are executed concurrently. Therefore, the timer is canceled again in dmintegritydtr...

6AI score0.00176EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.13 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: bpf: Defer work in bpftimercancelandfree Currently, the same issue as in the previous patch two timer callbacks trying to cancel each other can also occur when using bpfmapupdateelem. More precisely, freeing elements containing...

7.8CVSS6.1AI score0.00269EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Wifi: brcmfmac – Fixed a use-after-free bug in brcmfcfg80211detach. This is the candidate patch for CVE-2023-47233: https://nvd.nist.gov/vuln/detail/CVE-2023-47233 In the brcm80211 driver, the process starts with the following...

5.5CVSS6.2AI score0.00233EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: - dm cache: Fixed a UAF Use-after-Allocation issue in the destroy function. - Dmcache also has the same UAF problem when dmresume and dmdestroy are executed concurrently. Therefore, the timer is canceled again in the destroy...

7.8CVSS6.3AI score0.00157EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.3 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010803)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010803 advisory. In the Linux kernel, the following vulnerability has been resolved: mrp: introduce active flags to prevent UAF when applicant uninit The caller of deltimersync must...

5.9AI score0.00196EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.12 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-013363)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013363 advisory. In the Linux kernel, the following vulnerability has been resolved: mrp: introduce active flags to prevent UAF when applicant uninit The caller of deltimersync must...

5.9AI score0.00196EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/01/28 2:24 p.m.38 views

CVE-2026-23014 perf: Ensure swevent hrtimer is properly destroyed

In the Linux kernel, the following vulnerability has been resolved: perf: Ensure swevent hrtimer is properly destroyed With the change to hrtimertrytocancel in perfsweventcancelhrtimer it appears possible for the hrtimer to still be active by the time the event gets freed. Make sure the event doe...

7.8CVSS0.00116EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/01/26 12:24 a.m.6 views

SUSE CVE-2026-22997

In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: j1939xtprxrtssessionactive: deactivate session upon receiving the second rts Since j1939sessiondeactivateactivatenext in j1939tprxtimer is called only when the timer is enabled, we need to call...

5.5CVSS5.2AI score0.00424EPSS
Exploits0References20
NVD
NVD
added 2026/01/25 3:15 p.m.12 views

CVE-2026-22997

In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: j1939xtprxrtssessionactive: deactivate session upon receiving the second rts Since j1939sessiondeactivateactivatenext in j1939tprxtimer is called only when the timer is enabled, we need to call...

7.5CVSS0.00424EPSS
Exploits0References7
OSV
OSV
added 2026/01/25 3:15 p.m.3 views

UBUNTU-CVE-2026-22997

In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: j1939xtprxrtssessionactive: deactivate session upon receiving the second rts Since j1939sessiondeactivateactivatenext in j1939tprxtimer is called only when the timer is enabled, we need to call...

7.5CVSS5.9AI score0.00424EPSS
Exploits0References28
ATTACKERKB
ATTACKERKB
added 2026/01/25 2:36 p.m.3 views

CVE-2026-22997

In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: j1939xtprxrtssessionactive: deactivate session upon receiving the second rts Since j1939sessiondeactivateactivatenext in j1939tprxtimer is called only when the timer is enabled, we need to call...

5.8AI score0.00424EPSS
Exploits0References8Affected Software1
EUVD
EUVD
added 2026/01/25 2:36 p.m.6 views

EUVD-2026-4637

In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: j1939xtprxrtssessionactive: deactivate session upon receiving the second rts Since j1939sessiondeactivateactivatenext in j1939tprxtimer is called only when the timer is enabled, we need to call...

5.2AI score0.00424EPSS
Exploits0References4
CVE
CVE
added 2026/01/25 2:36 p.m.55 views

CVE-2026-22997

The CVE-2026-22997 issue affects the Linux kernel CAN/J1939 subsystem. The root cause is that j1939_session_deactivate_activate_next() is only invoked in j1939_tp_rxtimer() when the timer is enabled, allowing a refcount leak if the timer is cancelled without calling the function. This can lead to...

7.5CVSS5.2AI score0.00424EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder