Lucene search
K

482 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: misc: lis3lv02di2c: Fixed the issue where regulators were disabled twice during suspension/resumption. When lis3lv02di2csuspend is not configured for wakeup, it will call lis3lv02dpoweroff, even if the device has already been...

5.5CVSS6.2AI score0.0021EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: mt76: connac: Do not check WED status for non-MMIO devices WED is only supported for MMIO devices. Therefore, do not check it for USB or SDIO devices. This patch fixes the crash reported below: 21.946627 wlp0s3u1i3:...

5.5CVSS6.1AI score0.0014EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: wifi: rtw89: avoid initiating the mgntentry list twice when WoWLAN fails If WoWLAN fails during the resume process, the rtw89opsaddinterface function is triggered without first removing the interface. As a result, the mgntentr...

5.5CVSS6.4AI score0.00168EPSS
Exploits0References2
NVD
NVD
added 2026/05/08 3:16 p.m.8 views

CVE-2026-43363

In the Linux kernel, the following vulnerability has been resolved: x86/apic: Disable x2apic on resume if the kernel expects so When resuming from s2ram, firmware may re-enable x2apic mode, which may have been disabled by the kernel during boot either because it doesn't support IRQ remapping or f...

5.5CVSS0.00123EPSS
Exploits0References8
CVE
CVE
added 2026/05/08 2:21 p.m.15 views

CVE-2026-43363

CVE-2026-43363 concerns the Linux kernel x86 APIC subsystem. If, on resume from s2ram (S2/S3 wake), firmware re-enables x2APIC mode after the kernel has booted with x2APIC disabled, the system can run with x2APIC hardware but the kernel uses the xapic interface, leading to hangs. The issue is cau...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2026/05/08 2:16 p.m.13 views

UBUNTU-CVE-2026-43311

In the Linux kernel, the following vulnerability has been resolved: soc/tegra: pmc: Fix unsafe generichandleirq call Currently, when resuming from system suspend on Tegra platforms, the following warning is observed: WARNING: CPU: 0 PID: 14459 at kernel/irq/irqdesc.c:666 Call trace:...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.10 views

PT-2026-39024

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the x86 APIC Advanced Programmable Interrupt Controller implementation during resume from s2ram Suspend to RAM. Firmware may re-enable x2apic mode upon wake-up, even i...

5.5CVSS6AI score0.00125EPSS
Exploits0References46
SUSE CVE
SUSE CVE
added 2026/05/06 1:43 a.m.19 views

SUSE CVE-2026-31733

In the Linux kernel, the following vulnerability has been resolved: schedext: Fix stale direct dispatch state in ddspdsqid @p-scx.ddspdsqid can be left set non-SCXDSQINVALID triggering a spurious warning in markdirectdispatch when the next wakeup's ops.selectcpu calls scxbpfdsqinsert, such as:...

5.8AI score0.0013EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/06 1:42 a.m.14 views

SUSE CVE-2026-31771

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: move wake reason storage into validated event handlers hcistorewakereason is called from hcieventpacket immediately after stripping the HCI event header but before hcieventfunc enforces the per-event minimum...

8.1CVSS5.8AI score0.00205EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.10 views

PT-2026-37520

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the kaweth set rx mode function, which serves as the ndo set rx mode callback. This function incorrectly calls netif stop queue and netif wake queue, which are TX queu...

7.8CVSS5.5AI score0.00129EPSS
Exploits0
NVD
NVD
added 2026/05/05 12:16 p.m.17 views

CVE-2026-43566

OpenClaw versions 2026.4.7 before 2026.4.14 contain a privilege escalation vulnerability where heartbeat owner downgrade logic skips webhook wake events carrying untrusted content. Attackers can exploit this by sending untrusted webhook wake events to preserve owner-like execution context when th...

9.8CVSS0.00423EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/05 11:25 a.m.43 views

CVE-2026-43566 OpenClaw 2026.4.7 < 2026.4.14 - Privilege Escalation via Untrusted Webhook Wake Events

OpenClaw versions 2026.4.7 before 2026.4.14 contain a privilege escalation vulnerability where heartbeat owner downgrade logic skips webhook wake events carrying untrusted content. Attackers can exploit this by sending untrusted webhook wake events to preserve owner-like execution context when th...

9.1CVSS0.00423EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/05 11:25 a.m.7 views

CVE-2026-43566 OpenClaw 2026.4.7 < 2026.4.14 - Privilege Escalation via Untrusted Webhook Wake Events

OpenClaw versions 2026.4.7 before 2026.4.14 contain a privilege escalation vulnerability where heartbeat owner downgrade logic skips webhook wake events carrying untrusted content. Attackers can exploit this by sending untrusted webhook wake events to preserve owner-like execution context when th...

9.1CVSS5.9AI score0.00423EPSS
Exploits0References3
CVE
CVE
added 2026/05/05 11:25 a.m.17 views

CVE-2026-43566

OpenClaw is affected in versions 2026.4.7 through 2026.4.13 by a privilege escalation vulnerability caused by heartbeat owner downgrade logic that skips webhook wake events carrying untrusted content. An attacker can exploit this by sending untrusted webhook wake events to preserve an owner‑like ...

9.8CVSS5.9AI score0.00423EPSS
Exploits0References3Affected Software1
Oracle linux
Oracle linux
added 2026/05/05 12:0 a.m.18 views

kernel security update

6.12.0-124.55.1 - Add new Oracle Linux Driver Signing key 1 certificate Orabug: 37985782 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list...

9.8CVSS6.2AI score0.96267EPSS
Exploits230
Tenable Nessus
Tenable Nessus
added 2026/05/02 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-31771

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: hcievent: move wake reason storage into validated event handlers hcistorewakereason is called from hcieventpacket immediately after stripping the HCI...

8.1CVSS6AI score0.00205EPSS
Exploits0References4
NVD
NVD
added 2026/05/01 3:16 p.m.7 views

CVE-2026-31771

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: move wake reason storage into validated event handlers hcistorewakereason is called from hcieventpacket immediately after stripping the HCI event header but before hcieventfunc enforces the per-event minimum...

8.1CVSS0.00205EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/01 2:14 p.m.13 views

EUVD-2026-26584

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: move wake reason storage into validated event handlers hcistorewakereason is called from hcieventpacket immediately after stripping the HCI event header but before hcieventfunc enforces the per-event minimum...

5.8AI score0.00205EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/01 2:14 p.m.38 views

CVE-2026-31771 Bluetooth: hci_event: move wake reason storage into validated event handlers

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: move wake reason storage into validated event handlers hcistorewakereason is called from hcieventpacket immediately after stripping the HCI event header but before hcieventfunc enforces the per-event minimum...

8.1CVSS0.00205EPSS
Exploits0References2
CVE
CVE
added 2026/05/01 2:14 p.m.20 views

CVE-2026-31771

CVE-2026-31771 affects the Linux kernel Bluetooth HCI event handling. The vulnerability arose because hci_store_wake_reason() could be invoked before per-event payload length checks, potentially allowing a short HCI event frame to reach bacpy() prior to validation. The fix restructures wake-addre...

8.1CVSS5.8AI score0.00205EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder