Lucene search
K

1556 matches found

NVD
NVD
added 2 days ago7 views

CVE-2026-10667

Zephyr's dynamic kernel-object tracking kernel/userspace/userspace.c, formerly kernel/userspace.c maintains a doubly-linked list objlist of dynamically allocated kernel objects. Iteration over this list in kobjectwordlistforeach was performed under listslock using the SAFE iterator which caches t...

7.8CVSS0.00103EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago28 views

CVE-2026-10667 SMP use-after-free in Zephyr `CONFIG_USERSPACE` dynamic kernel-object tracking, reachable from unprivileged user threads

Zephyr's dynamic kernel-object tracking kernel/userspace/userspace.c, formerly kernel/userspace.c maintains a doubly-linked list objlist of dynamically allocated kernel objects. Iteration over this list in kobjectwordlistforeach was performed under listslock using the SAFE iterator which caches t...

7.8CVSS0.00103EPSS
Exploits0References2
CVE
CVE
added 2 days ago15 views

CVE-2026-10667

Zephyr CVE-2026-10667 affects SMP builds with CONFIG_USERSPACE and dynamic objects (CONFIG_DYNAMIC_OBJECTS). The bug is a use-after-free in the dynamic kernel-object tracker: k_object_wordlist_foreach() iterates obj_list under lists_lock while removals and frees occur under objfree_lock/obj_lock,...

7.8CVSS6.1AI score0.00103EPSS
Exploits0References2
Fedora
Fedora
added 2026/07/07 1:11 a.m.7 views

[SECURITY] Fedora 43 Update: kernel-headers-7.1.3-100.fc43

Kernel-headers includes the C header files that specify the interface between the Linux kernel and userspace libraries and programs. The header files define structures and constants that are needed for building most standard programs and are also needed for rebuilding the glibc package...

6.2AI score0.00176EPSS
Exploits3
Fedora
Fedora
added 2026/07/07 12:51 a.m.7 views

[SECURITY] Fedora 44 Update: kernel-headers-7.1.3-200.fc44

Kernel-headers includes the C header files that specify the interface between the Linux kernel and userspace libraries and programs. The header files define structures and constants that are needed for building most standard programs and are also needed for rebuilding the glibc package...

6.2AI score0.00176EPSS
Exploits3
NVD
NVD
added 2026/07/06 9:16 p.m.6 views

CVE-2026-21369

Memory Corruption when handling flash commands due to outdated LED count values being used after userspace modification...

5.3CVSS0.0006EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/06 8:9 p.m.5 views

EUVD-2026-41927

Memory Corruption when handling flash commands due to outdated LED count values being used after userspace modification...

5.3CVSS6AI score0.0006EPSS
Exploits0References1
CVE
CVE
added 2026/07/06 8:9 p.m.8 views

CVE-2026-21369

CVE-2026-21369 describes a memory corruption in the camera driver when handling flash commands. The root cause is outdated LED count values being used after userspace modification, leading to out-of-bounds/write conditions. The weakness is limited to local attack vector with high complexity and l...

5.3CVSS6AI score0.0006EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/06 8:9 p.m.6 views

CVE-2026-21369

Memory Corruption when handling flash commands due to outdated LED count values being used after userspace modification...

5.3CVSS6AI score0.0006EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/07/06 8:9 p.m.36 views

CVE-2026-21369 Out-of-bounds Write in Camera Driver

Memory Corruption when handling flash commands due to outdated LED count values being used after userspace modification...

5.3CVSS0.0006EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/07/06 8:9 p.m.9 views

CVE-2026-21369 Out-of-bounds Write in Camera Driver

Memory Corruption when handling flash commands due to outdated LED count values being used after userspace modification...

5.3CVSS6AI score0.0006EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/07/06 12:0 a.m.9 views

PT-2026-55989

Name of the Vulnerable Software and Affected Versions Qualcomm Snapdragon Auto affected versions not specified Description Memory corruption occurs when handling flash commands. This issue is caused by the use of outdated LED count values following modifications made in userspace. Recommendations...

5.3CVSS6.1AI score0.0006EPSS
Exploits0References5
OSV
OSV
added 2026/07/02 3:24 p.m.8 views

USN-8492-2 linux-aws-6.8, linux-gcp-6.8, linux-gke, linux-gkeop, linux-ibm-6.8, linux-nvidia-lowlatency, linux-oracle-6.8 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; -...

9.8CVSS6.4AI score0.00686EPSS
Exploits4References300
RedhatCVE
RedhatCVE
added 2026/06/29 1:50 p.m.6 views

CVE-2026-53250

In the Linux kernel, the following vulnerability has been resolved: xsk: cache csumstart/csumoffset to fix TOCTOU in xskskbmetadata The TX metadata area resides in the UMEM buffer which is memory-mapped and concurrently writable by userspace. In xskskbmetadata, csumstart and csumoffset are read...

7.8CVSS5.8AI score0.00112EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-53169

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - accel/ethosu: reject NPUOPRESIZE commands from userspace NPUOPRESIZE is a U85-only command that the driver does not yet implement. The existing WARNON1...

5.5CVSS6AI score0.00107EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/26 10:56 a.m.9 views

CVE-2026-53168

A flaw was found in the Linux kernel's Filesystem in Userspace FUSE component. The fusenotify function, specifically the FUSENOTIFYSTORE and FUSENOTIFYRETRIEVE operations, allows the FUSE daemon to write or read pagecache contents. When these operations are performed on directories configured wit...

7CVSS5.8AI score0.00122EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/06/26 2:11 a.m.7 views

SUSE CVE-2026-53168

In the Linux kernel, the following vulnerability has been resolved: fuse: reject fusenotify pagecache ops on directories The operations FUSENOTIFYSTORE and FUSENOTIFYRETRIEVE allow the FUSE daemon to actively write/read pagecache contents. For directories with FOPENCACHEDIR, the pagecache is used...

5.8AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/26 2:10 a.m.7 views

SUSE CVE-2026-53193

In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Forcibly close timer instances at closing When sndtimer object is freed via sndtimerfree and still pending sndtimerinstance objects are assigned to the timer object, it tries to unlink all instances and just set NULL...

7.8CVSS5.8AI score0.00141EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/26 12:18 a.m.6 views

CVE-2026-53172

A flaw was found in the Linux kernel's accel/ethosu component. An incorrect mask used when processing the NPUSETIFMREGION command allows a local userspace caller to provide an out-of-bounds region index. This can lead to an out-of-bounds write, corrupting adjacent kernel heap data...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/25 11:53 p.m.6 views

CVE-2026-53219

A flaw was found in the Linux kernel's netfilter xtables component. This vulnerability allows for information disclosure due to improper handling of percpu counter pointers during the copying of rule entry headers to userspace. A local attacker could exploit this by causing a fault in a userspace...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References4
Rows per page
Query Builder