Lucene search
K

95 matches found

Amazon
Amazon
added 5 days ago7 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: mm/pagealloc: clear page-private in freepagesprepare CVE-2026-43303 In the Linux kernel, the following vulnerability has been resolved: lib/crypto: mpi: Fix integer underflow in mpireadrawfromsgl CVE-2026-43492 In...

9.8CVSS6.3AI score0.00675EPSS
Exploits1
RedHat Linux
RedHat Linux
added 6 days ago4 views

kernel: xfrm: defensively unhash xfrm_state lists in __xfrm_state_delete

A flaw was found in the Linux kernel's xfrm IPSec framework subsystem. This vulnerability, a use-after-free, occurs when the system incorrectly manages memory related to security policies, specifically during the deletion of xfrmstate lists. An attacker with local access could exploit this flaw b...

7.8CVSS6.5AI score0.00125EPSS
Exploits1References5
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.9 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: xfrm: Always flush the state and policy upon the NETDEVUNREGISTER event. syzbot reports that the refcount of “struct xfrmstate” is leaking. unregisternetdevice: Waiting for netdevsim0 to become free. Usage count = 2. reftracke...

5.5CVSS5.9AI score0.00127EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/29 1:16 a.m.13 views

SUSE CVE-2026-46116

In the Linux kernel, the following vulnerability has been resolved: xfrm: defensively unhash xfrmstate lists in xfrmstatedelete KASAN reproduces a slab-use-after-free in xfrmstatedelete's hlistdelrcu calls under syzkaller load on linux-6.12.y stable reproduced on 6.12.47, also reachable via the...

7.8CVSS5.8AI score0.00125EPSS
Exploits1References9
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.15 views

Linux Distros Unpatched Vulnerability : CVE-2026-46116

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xfrm: defensively unhash xfrmstate lists in xfrmstatedelete KASAN reproduces a slab-use-after-free in xfrmstatedelete's hlistdelrcu calls under syzkaller load ...

7.8CVSS6.7AI score0.00125EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/05/28 6:36 p.m.16 views

CVE-2026-46116

A flaw was found in the Linux kernel's xfrm IPSec framework subsystem. This vulnerability, a use-after-free, occurs when the system incorrectly manages memory related to security policies, specifically during the deletion of xfrmstate lists. An attacker with local access could exploit this flaw b...

7.8CVSS5.8AI score0.00125EPSS
Exploits1References4
NVD
NVD
added 2026/05/28 10:16 a.m.12 views

CVE-2026-46116

In the Linux kernel, the following vulnerability has been resolved: xfrm: defensively unhash xfrmstate lists in xfrmstatedelete KASAN reproduces a slab-use-after-free in xfrmstatedelete's hlistdelrcu calls under syzkaller load on linux-6.12.y stable reproduced on 6.12.47, also reachable via the...

7.8CVSS0.00125EPSS
Exploits1References11
OSV
OSV
added 2026/05/28 10:16 a.m.7 views

UBUNTU-CVE-2026-46116

In the Linux kernel, the following vulnerability has been resolved: xfrm: defensively unhash xfrmstate lists in xfrmstatedelete KASAN reproduces a slab-use-after-free in xfrmstatedelete's hlistdelrcu calls under syzkaller load on linux-6.12.y stable reproduced on 6.12.47, also reachable via the...

7.8CVSS5.8AI score0.00125EPSS
Exploits1References8
Cvelist
Cvelist
added 2026/05/28 9:35 a.m.35 views

CVE-2026-46116 xfrm: defensively unhash xfrm_state lists in __xfrm_state_delete

In the Linux kernel, the following vulnerability has been resolved: xfrm: defensively unhash xfrmstate lists in xfrmstatedelete KASAN reproduces a slab-use-after-free in xfrmstatedelete's hlistdelrcu calls under syzkaller load on linux-6.12.y stable reproduced on 6.12.47, also reachable via the...

7.8CVSS0.00125EPSS
Exploits1References7
ATTACKERKB
ATTACKERKB
added 2026/05/28 9:35 a.m.3 views

CVE-2026-46116

In the Linux kernel, the following vulnerability has been resolved: xfrm: defensively unhash xfrmstate lists in xfrmstatedelete KASAN reproduces a slab-use-after-free in xfrmstatedelete's hlistdelrcu calls under syzkaller load on linux-6.12.y stable reproduced on 6.12.47, also reachable via the...

7.8CVSS6.2AI score0.00125EPSS
Exploits1References8Affected Software1
EUVD
EUVD
added 2026/05/28 9:35 a.m.11 views

EUVD-2026-32875

In the Linux kernel, the following vulnerability has been resolved: xfrm: defensively unhash xfrmstate lists in xfrmstatedelete KASAN reproduces a slab-use-after-free in xfrmstatedelete's hlistdelrcu calls under syzkaller load on linux-6.12.y stable reproduced on 6.12.47, also reachable via the...

5.8AI score0.00125EPSS
Exploits1References5
CVE
CVE
added 2026/05/28 9:35 a.m.53 views

CVE-2026-46116

CVE-2026-46116 affects the Linux kernel xfrm subsystem (xfrm_state). The root cause is a local-use-after-free in __xfrm_state_delete due to unsafe deletions from byseq/byspi hash chains. The patch changes deletions to hlist_del_init_rcu and uses hlist_unhashed() checks, preventing writes after LI...

7.8CVSS5.8AI score0.00125EPSS
Exploits1References11Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.16 views

PT-2026-44239

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.12.47 Description A slab-use-after-free and out-of-bounds write issue exists in the Linux kernel's xfrm module. The problem occurs within the xfrm state delete function, where unhashing of byseq and byspi lists...

7.8CVSS5.9AI score0.00125EPSS
Exploits1
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.12 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from xfrm not safely canceling the hash of the xfrmstate list in the xfrmstatedelete function. This...

7.8CVSS5.8AI score0.00125EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2026/05/19 9:4 a.m.10 views

kernel: espintcp: remove encap socket caching to avoid reference leak

In the Linux kernel, the following vulnerability has been resolved: espintcp: remove encap socket caching to avoid reference leak The current scheme for caching the encap socket can lead to reference leaks when we try to delete the netns. The reference chain is: xfrmstate - enacpsk - netns Since...

5.5CVSS6.2AI score0.00157EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/06 12:30 p.m.8 views

EUVD-2026-27728

In the Linux kernel, the following vulnerability has been resolved: xfrm: always flush state and policy upon NETDEVUNREGISTER event syzbot is reporting that "struct xfrmstate" refcount is leaking. unregisternetdevice: waiting for netdevsim0 to become free. Usage count = 2 reftracker:...

5.7AI score0.00127EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/05/06 11:27 a.m.26 views

CVE-2026-43167 xfrm: always flush state and policy upon NETDEV_UNREGISTER event

In the Linux kernel, the following vulnerability has been resolved: xfrm: always flush state and policy upon NETDEVUNREGISTER event syzbot is reporting that "struct xfrmstate" refcount is leaking. unregisternetdevice: waiting for netdevsim0 to become free. Usage count = 2 reftracker:...

0.00127EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.12 views

PT-2026-37507

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A reference count leak occurs in struct xfrm state within the Linux kernel. This issue arises because the xfrm dev unregister function was implemented as a no-op, even though xfrm dev...

5.5CVSS5.4AI score0.00127EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-43167

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xfrm: always flush state and policy upon NETDEVUNREGISTER event syzbot is reporting that struct xfrmstate refcount is leaking. unregisternetdevice: waiting for...

5.5CVSS6.2AI score0.00127EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/03 6:31 p.m.7 views

EUVD-2026-18681

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix race condition during IPSec ESN update In IPSec full offload mode, the device reports an ESN Extended Sequence Number wrap event to the driver. The driver validates this event by querying the IPSec ASO and checking...

5.7AI score0.00206EPSS
Exploits0References6
Rows per page
Query Builder