45 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: gpio: virtuser: fix UAF in configfs release path The gpio-virtuser configfs release path uses a guard mutex to protect the device structure. However, the device is freed before the mutex cleanup runs, causing mutexunlock to opera...
Linux Distros Unpatched Vulnerability : CVE-2026-48842
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1 has Pre-authentication SQL injection in the virtuserquery plugin via a pregreplace backslash escape...
DEBIAN-CVE-2026-48842
Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1 has Pre-authentication SQL injection in the virtuserquery plugin via a pregreplace backslash escape bypass...
CVE-2026-48842
Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1 has Pre-authentication SQL injection in the virtuserquery plugin via a pregreplace backslash escape bypass...
CVE-2026-48842
The CVE affects Roundcube Webmail 1.6.x ≤1.6.15 and 1.7.x ≤1.7.0, via the virtuser_query plugin, where a pre-authentication SQL injection is triggered by a backslash-escaped preg_replace() bypass. Root cause: input crafted to bypass escapes leads to SQL injection before authentication. Impact is ...
Roundcube Webmail SQL注入漏洞
Roundcube Webmail is Roundcube open source a browser-based open source IMAP client, which supports address book management, message search, spell checking and so on. Roundcube Webmail 1.6.x versions prior to 1.6.16 and 1.7.x versions prior to 1.7.1 SQL injection vulnerability , the vulnerability...
PT-2026-43105
Name of the Vulnerable Software and Affected Versions Roundcube Webmail versions 1.6.x prior to 1.6.16 Roundcube Webmail versions 1.7.x prior to 1.7.1 Description A pre-authentication SQL injection exists in the virtuser query plugin. The issue stems from a backslash escape bypass within the preg...
SUSE CVE-2026-23158
In the Linux kernel, the following vulnerability has been resolved: gpio: virtuser: fix UAF in configfs release path The gpio-virtuser configfs release path uses guardmutex to protect the device structure. However, the device is freed before the guard cleanup runs, causing mutexunlock to operate ...
CVE-2026-23158
In the Linux kernel, the following vulnerability has been resolved: gpio: virtuser: fix UAF in configfs release path The gpio-virtuser configfs release path uses guardmutex to protect the device structure. However, the device is freed before the guard cleanup runs, causing mutexunlock to operate ...
UBUNTU-CVE-2026-23158
In the Linux kernel, the following vulnerability has been resolved: gpio: virtuser: fix UAF in configfs release path The gpio-virtuser configfs release path uses guardmutex to protect the device structure. However, the device is freed before the guard cleanup runs, causing mutexunlock to operate ...
CVE-2026-23158
In the Linux kernel, the following vulnerability has been resolved: gpio: virtuser: fix UAF in configfs release path The gpio-virtuser configfs release path uses guardmutex to protect the device structure. However, the device is freed before the guard cleanup runs, causing mutexunlock to operate ...
CVE-2026-23158
In the Linux kernel, the following vulnerability has been resolved: gpio: virtuser: fix UAF in configfs release path The gpio-virtuser configfs release path uses guardmutex to protect the device structure. However, the device is freed before the guard cleanup runs, causing mutexunlock to operate ...
CVE-2026-23158 gpio: virtuser: fix UAF in configfs release path
In the Linux kernel, the following vulnerability has been resolved: gpio: virtuser: fix UAF in configfs release path The gpio-virtuser configfs release path uses guardmutex to protect the device structure. However, the device is freed before the guard cleanup runs, causing mutexunlock to operate ...
CVE-2026-23158
CVE-2026-23158 (Linux kernel) affects gpio-virtuser: the configfs release path frees the device inside a guard(mutex) region, leading to a use-after-free when mutex_unlock() runs after the guard. The issue is caused by destroying the mutex and freeing the device while still within the lock’s guar...
CVE-2026-23158 gpio: virtuser: fix UAF in configfs release path
In the Linux kernel, the following vulnerability has been resolved: gpio: virtuser: fix UAF in configfs release path The gpio-virtuser configfs release path uses guardmutex to protect the device structure. However, the device is freed before the guard cleanup runs, causing mutexunlock to operate ...
EUVD-2026-5880
In the Linux kernel, the following vulnerability has been resolved: gpio: virtuser: fix UAF in configfs release path The gpio-virtuser configfs release path uses guardmutex to protect the device structure. However, the device is freed before the guard cleanup runs, causing mutexunlock to operate ...
CVE-2026-23158
In the Linux kernel, the following vulnerability has been resolved: gpio: virtuser: fix UAF in configfs release path The gpio-virtuser configfs release path uses guardmutex to protect the device structure. However, the device is freed before the guard cleanup runs, causing mutexunlock to operate ...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the reuse of the release path after the gpio-virtuser configuration is released, potentially leading to...
PT-2026-8153
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the gpio-virtuser configfs release path. The device structure is freed before the guard cleanup runs, causing mutex unlock to operate on freed memory...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: gpio: virtuser: fix missing lookup table cleanups When a virtuser device is created via configfs and the probe fails due to an incorrect lookup table, the table is not removed. This prevents subsequent probe attempts from...