Lucene search
K
CvelistRecent

363954 matches found

Cvelist
Cvelist
•added 2026/06/24 4:30 p.m.•27 views

CVE-2026-53094 bpf: Fix stale offload->prog pointer after constant blinding

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix stale offload-prog pointer after constant blinding When a dev-bound-only BPF program BPFFXDPDEVBOUNDONLY undergoes JIT compilation with constant blinding enabled bpfjitharden = 2, bpfjitblindconstants clones the program...

7.8CVSS0.00128EPSS
Exploits0References5
Cvelist
Cvelist
•added 2026/06/24 4:30 p.m.•26 views

CVE-2026-53093 wifi: brcmfmac: Fix error pointer dereference

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix error pointer dereference The function brcmfchipaddcore can return an error pointer and is not checked. Add checks for error pointer. Detected by Smatch:...

0.00176EPSS
Exploits0References8
Cvelist
Cvelist
•added 2026/06/24 4:30 p.m.•32 views

CVE-2026-53092 bpf: Fix linked reg delta tracking when src_reg == dst_reg

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix linked reg delta tracking when srcreg == dstreg Consider the case of rX += rX where srcreg and dstreg are pointers to the same bpfregstate in adjustregminmaxvals. The latter first modifies the dstreg in-place, and later ...

7.8CVSS0.00125EPSS
Exploits0References3
Cvelist
Cvelist
•added 2026/06/24 4:30 p.m.•28 views

CVE-2026-53091 net: pull headers in qdisc_pkt_len_segs_init()

In the Linux kernel, the following vulnerability has been resolved: net: pull headers in qdiscpktlensegsinit Most ndostartxmit methods expects headers of gso packets to be already in skb-head. net/core/tso.c users are particularly at risk, because tsobuildhdr does a memcpyhdr, skb-data, hdrlen;...

8.4CVSS0.00123EPSS
Exploits0References2
Cvelist
Cvelist
•added 2026/06/24 4:30 p.m.•27 views

CVE-2026-53090 bpf: Fix ld_{abs,ind} failure path analysis in subprogs

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix ldabs,ind failure path analysis in subprogs Usage of ldabs,ind instructions got extended into subprogs some time ago via commit 09b28d76eac4 "bpf: Add abnormal return checks.". These are only allowed in subprograms when...

7.8CVSS0.00124EPSS
Exploits0References2
Cvelist
Cvelist
•added 2026/06/24 4:30 p.m.•28 views

CVE-2026-53089 bpf: Fix use-after-free in offloaded map/prog info fill

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix use-after-free in offloaded map/prog info fill When querying info for an offloaded BPF map or program, bpfmapoffloadinfofillns and bpfprogoffloadinfofillns obtain the network namespace with getnetdevnetoffmap-netdev...

0.00145EPSS
Exploits0References2
Cvelist
Cvelist
•added 2026/06/24 4:30 p.m.•28 views

CVE-2026-53088 net: bcmgenet: fix off-by-one in bcmgenet_put_txcb

In the Linux kernel, the following vulnerability has been resolved: net: bcmgenet: fix off-by-one in bcmgenetputtxcb The writeptr points to the next open txcb. We want to return the txcb that gets rewinded, so we must rewind the pointer first then return the txcb that it points to. That way the...

9.8CVSS0.00404EPSS
Exploits0References8
Cvelist
Cvelist
•added 2026/06/24 4:30 p.m.•26 views

CVE-2026-53086 net: bcmgenet: fix racing timeout handler

In the Linux kernel, the following vulnerability has been resolved: net: bcmgenet: fix racing timeout handler The bcmgenettimeout handler tries to take down all tx queues when a single queue times out. This is over zealous and causes many race conditions with queues that are still chugging along...

9.8CVSS0.00386EPSS
Exploits0References6
Cvelist
Cvelist
•added 2026/06/24 4:30 p.m.•28 views

CVE-2026-53087 net: bcmgenet: fix leaking free_bds

In the Linux kernel, the following vulnerability has been resolved: net: bcmgenet: fix leaking freebds While reclaiming the tx queue we fast forward the write pointer to drop any data in flight. These dropped frames are not added back to the pool of free bds. We also need to tell the netdev that ...

7.5CVSS0.00376EPSS
Exploits0References6
Cvelist
Cvelist
•added 2026/06/24 4:30 p.m.•28 views

CVE-2026-53085 bpf: fix mm lifecycle in open-coded task_vma iterator

In the Linux kernel, the following vulnerability has been resolved: bpf: fix mm lifecycle in open-coded taskvma iterator The open-coded taskvma iterator reads task-mm locklessly and acquires mmapreadtrylock but never calls mmget. If the task exits concurrently, the mmstruct can be freed as it is...

7.8CVSS0.00113EPSS
Exploits0References4
Cvelist
Cvelist
•added 2026/06/24 4:30 p.m.•26 views

CVE-2026-53084 bpf: return VMA snapshot from task_vma iterator

In the Linux kernel, the following vulnerability has been resolved: bpf: return VMA snapshot from taskvma iterator Holding the per-VMA lock across the BPF program body creates a lock ordering problem when helpers acquire locks that depend on mmaplock: vmlock - irwsem - mmaplock - vmlock Snapshot...

0.00156EPSS
Exploits0References4
Cvelist
Cvelist
•added 2026/06/24 4:30 p.m.•26 views

CVE-2026-53083 bpf: Fix RCU stall in bpf_fd_array_map_clear()

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix RCU stall in bpffdarraymapclear Add a missing condresched in bpffdarraymapclear loop. For PROGARRAY maps with many entries this loop calls progarraymappokerun per entry which can be expensive, and without yielding this c...

0.00156EPSS
Exploits0References5
Cvelist
Cvelist
•added 2026/06/24 4:30 p.m.•25 views

CVE-2026-53082 net: hamradio: 6pack: fix uninit-value in sixpack_receive_buf

In the Linux kernel, the following vulnerability has been resolved: net: hamradio: 6pack: fix uninit-value in sixpackreceivebuf sixpackreceivebuf does not properly skip bytes with TTY error flags. The while loop iterates through the flags buffer but never advances the data pointer cp, and passes...

0.00164EPSS
Exploits0References8
Cvelist
Cvelist
•added 2026/06/24 4:30 p.m.•28 views

CVE-2026-53081 bpf: Enforce regsafe base id consistency for BPF_ADD_CONST scalars

In the Linux kernel, the following vulnerability has been resolved: bpf: Enforce regsafe base id consistency for BPFADDCONST scalars When regsafe compares two scalar registers that both carry BPFADDCONST, checkscalarids maps their full compound id aka base | BPFADDCONST flag as one idmap entry...

7.8CVSS0.00116EPSS
Exploits0References4
Cvelist
Cvelist
•added 2026/06/24 4:30 p.m.•24 views

CVE-2026-53080 net/sched: cls_fw: fix NULL dereference of "old" filters before change()

In the Linux kernel, the following vulnerability has been resolved: net/sched: clsfw: fix NULL dereference of "old" filters before change Like pointed out by Sashiko 1, since commit ed76f5edccc9 "net: sched: protect filterchain list with filterchainlock mutex" TC filters are added to a shared blo...

0.00172EPSS
Exploits0References8
Cvelist
Cvelist
•added 2026/06/24 4:30 p.m.•21 views

CVE-2026-53079 net_sched: fix skb memory leak in deferred qdisc drops

In the Linux kernel, the following vulnerability has been resolved: netsched: fix skb memory leak in deferred qdisc drops When the network stack cleans up the deferred list via qdiscrunend, it operates on the root qdisc. If the root qdisc do not implement the TCQFDEQUEUEDROPS flag the packets que...

0.00145EPSS
Exploits0References2
Cvelist
Cvelist
•added 2026/06/24 4:30 p.m.•26 views

CVE-2026-53078 bpf: Fix same-register dst/src OOB read and pointer leak in sock_ops

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix same-register dst/src OOB read and pointer leak in sockops When a BPF sockops program accesses ctx fields with dstreg == srcreg, the SOCKOPSGETSK and SOCKOPSGETFIELD macros fail to zero the destination register in the...

7.8CVSS0.00112EPSS
Exploits0References2
Cvelist
Cvelist
•added 2026/06/24 4:30 p.m.•25 views

CVE-2026-53076 bpf: Fix OOB in pcpu_init_value

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix OOB in pcpuinitvalue An out-of-bounds read occurs when copying element from a BPFMAPTYPECGROUPSTORAGE map to another pcpu map with the same valuesize that is not rounded up to 8 bytes. The issue happens when: 1. A...

7.1CVSS0.00116EPSS
Exploits0References5
Cvelist
Cvelist
•added 2026/06/24 4:30 p.m.•24 views

CVE-2026-53077 net/rds: Restrict use of RDS/IB to the initial network namespace

In the Linux kernel, the following vulnerability has been resolved: net/rds: Restrict use of RDS/IB to the initial network namespace Prevent using RDS/IB in network namespaces other than the initial one. The existing RDS/IB code will not work properly in non-initial network namespaces...

7.8CVSS0.0012EPSS
Exploits0References8
Cvelist
Cvelist
•added 2026/06/24 4:30 p.m.•27 views

CVE-2026-53075 ppp: require CAP_NET_ADMIN in target netns for unattached ioctls

In the Linux kernel, the following vulnerability has been resolved: ppp: require CAPNETADMIN in target netns for unattached ioctls /dev/ppp open is currently authorized against file-fcred-userns, while unattached administrative ioctls operate on current-nsproxy-netns. As a result, a local...

8.8CVSS0.00182EPSS
Exploits1References8
Cvelist
Cvelist
•added 2026/06/24 4:30 p.m.•25 views

CVE-2026-53074 bpf: reject short IPv4/IPv6 inputs in bpf_prog_test_run_skb

In the Linux kernel, the following vulnerability has been resolved: bpf: reject short IPv4/IPv6 inputs in bpfprogtestrunskb bpfprogtestrunskb calls ethtypetrans first and then uses skb-protocol to initialize sk family and address fields for the test run. For IPv4 and IPv6 packets, it may access...

0.00164EPSS
Exploits0References8
Cvelist
Cvelist
•added 2026/06/24 4:30 p.m.•27 views

CVE-2026-53073 Bluetooth: hci_ldisc: Clear HCI_UART_PROTO_INIT on error

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcildisc: Clear HCIUARTPROTOINIT on error When hciregisterdev fails in hciuartregisterdev HCIUARTPROTOINIT is not cleared before calling hu-proto-closehu and setting hu-hdev to NULL. This means incoming UART data will...

0.00172EPSS
Exploits0References8
Cvelist
Cvelist
•added 2026/06/24 4:30 p.m.•26 views

CVE-2026-53072 Bluetooth: fix locking in hci_conn_request_evt() with HCI_PROTO_DEFER

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix locking in hciconnrequestevt with HCIPROTODEFER When protocol sets HCIPROTODEFER, hciconnrequestevt calls hciconnectcfmconn without hdev-lock. Generally hciconnectcfm assumes it is held, and if conn is deleted...

8.8CVSS0.00247EPSS
Exploits0References8
Cvelist
Cvelist
•added 2026/06/24 4:30 p.m.•25 views

CVE-2026-53071 Bluetooth: l2cap: Add missing chan lock in l2cap_ecred_reconf_rsp

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: l2cap: Add missing chan lock in l2capecredreconfrsp l2capecredreconfrsp calls l2capchandel without holding l2capchanlock. Every other l2capchandel caller in the file acquires the lock first. A remote BLE device can sen...

8.8CVSS0.00146EPSS
Exploits0References8
Cvelist
Cvelist
•added 2026/06/24 4:30 p.m.•29 views

CVE-2026-53070 sctp: disable BH before calling udp_tunnel_xmit_skb()

In the Linux kernel, the following vulnerability has been resolved: sctp: disable BH before calling udptunnelxmitskb udptunnelxmitskb / udptunnel6xmitskb are expected to run with BH disabled. After commit 6f1a9140ecda "add xmit recursion limit to tunnel xmit functions", on the path:...

7.5CVSS0.0035EPSS
Exploits0References4
Cvelist
Cvelist
•added 2026/06/24 4:30 p.m.•23 views

CVE-2026-53069 net, bpf: fix null-ptr-deref in xdp_master_redirect() for down master

In the Linux kernel, the following vulnerability has been resolved: net, bpf: fix null-ptr-deref in xdpmasterredirect for down master syzkaller reported a kernel panic in bondrrgenslaveid reached via xdpmasterredirect. Full decoded trace: https://syzkaller.appspot.com/bug?extid=80e046b8da2820b6ba...

7.5CVSS0.00385EPSS
Exploits0References7
Cvelist
Cvelist
•added 2026/06/24 4:30 p.m.•26 views

CVE-2026-53068 drm/komeda: fix integer overflow in AFBC framebuffer size check

In the Linux kernel, the following vulnerability has been resolved: drm/komeda: fix integer overflow in AFBC framebuffer size check The AFBC framebuffer size validation calculates the minimum required buffer size by adding the AFBC payload size to the framebuffer offset. This addition is performe...

7.1CVSS0.00117EPSS
Exploits0References8
Cvelist
Cvelist
•added 2026/06/24 4:30 p.m.•25 views

CVE-2026-53067 PCI: endpoint: pci-ep-msi: Fix error unwind and prevent double alloc

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-ep-msi: Fix error unwind and prevent double alloc pciepfallocdoorbell stores the allocated doorbell message array in epf-dbmsg/epf-numdb before requesting MSI vectors. If MSI allocation fails, the array is free...

0.00154EPSS
Exploits0References3
Cvelist
Cvelist
•added 2026/06/24 4:30 p.m.•24 views

CVE-2026-53066 drm/sun4i: backend: fix error pointer dereference

In the Linux kernel, the following vulnerability has been resolved: drm/sun4i: backend: fix error pointer dereference The function drmatomicgetplanestate can return an error pointer and is not checked for it. Add error pointer check. Detected by Smatch: drivers/gpu/drm/sun4i/sun4ibackend.c:496...

0.00161EPSS
Exploits0References6
Cvelist
Cvelist
•added 2026/06/24 4:30 p.m.•29 views

CVE-2026-53065 ASoC: sti: use managed regmap_field allocations

In the Linux kernel, the following vulnerability has been resolved: ASoC: sti: use managed regmapfield allocations The regmapfield objects allocated at player init are never freed and may leak resources if the driver is removed. Switch to devmregmapfieldalloc to automatically limit the lifetime o...

0.00172EPSS
Exploits0References8
Cvelist
Cvelist
•added 2026/06/24 4:30 p.m.•38 views

CVE-2026-53064 dm cache: fix null-deref with concurrent writes in passthrough mode

In the Linux kernel, the following vulnerability has been resolved: dm cache: fix null-deref with concurrent writes in passthrough mode In passthrough mode, when dm-cache starts to invalidate a cache entry and bio prison cell lock fails due to concurrent write to the same cached block, mg-cell...

0.00176EPSS
Exploits0References8
Cvelist
Cvelist
•added 2026/06/24 4:30 p.m.•26 views

CVE-2026-53062 dm cache policy smq: fix missing locks in invalidating cache blocks

In the Linux kernel, the following vulnerability has been resolved: dm cache policy smq: fix missing locks in invalidating cache blocks In passthrough mode, the policy invalidatemapping operation is called simultaneously from multiple workers, thus it should be protected by a lock. Otherwise, we...

7.8CVSS0.00125EPSS
Exploits0References8
Cvelist
Cvelist
•added 2026/06/24 4:30 p.m.•25 views

CVE-2026-53063 dm cache: fix write hang in passthrough mode

In the Linux kernel, the following vulnerability has been resolved: dm cache: fix write hang in passthrough mode The invalidateremove function has incomplete logic for handling write hit bios after cache invalidation. It sets up the remapping for the overwritebio but then drops it immediately...

0.0018EPSS
Exploits0References6
Cvelist
Cvelist
•added 2026/06/24 4:30 p.m.•26 views

CVE-2026-53061 dm cache: fix dirty mapping checking in passthrough mode switching

In the Linux kernel, the following vulnerability has been resolved: dm cache: fix dirty mapping checking in passthrough mode switching As mentioned in commit 9b1cc9f251af "dm cache: share cache-metadata object across inactive and active DM tables", dm-cache assumed table reload occurs after...

0.00176EPSS
Exploits0References8
Cvelist
Cvelist
•added 2026/06/24 4:30 p.m.•26 views

CVE-2026-53059 dm log: fix out-of-bounds write due to region_count overflow

In the Linux kernel, the following vulnerability has been resolved: dm log: fix out-of-bounds write due to regioncount overflow The local variable regioncount in createlogcontext is declared as unsigned int 32-bit, but dmsectordivup returns sectort 64-bit. When a device-mapper target has a...

0.00127EPSS
Exploits0References8
Cvelist
Cvelist
•added 2026/06/24 4:30 p.m.•25 views

CVE-2026-53060 dm cache metadata: fix memory leak on metadata abort retry

In the Linux kernel, the following vulnerability has been resolved: dm cache metadata: fix memory leak on metadata abort retry When failing to acquire the rootlock in dmcachemetadataabort because the blockmanager is read-only, the temporary blockmanager created outside the rootlock is not properl...

0.00184EPSS
Exploits0References8
Cvelist
Cvelist
•added 2026/06/24 4:30 p.m.•24 views

CVE-2026-53058 drm/bridge: cadence: cdns-mhdp8546-core: Set the mhdp connector earlier in atomic_enable()

In the Linux kernel, the following vulnerability has been resolved: drm/bridge: cadence: cdns-mhdp8546-core: Set the mhdp connector earlier in atomicenable In case if we get errors in cdnsmhdplinkup or cdnsmhdpregread in atomicenable, we will go to cdnsmhdpmodesetretryfn and will hit NULL pointer...

0.00168EPSS
Exploits0References5
Cvelist
Cvelist
•added 2026/06/24 4:30 p.m.•31 views

CVE-2026-53057 iommu/riscv: Add IOTINVAL after updating DDT/PDT entries

In the Linux kernel, the following vulnerability has been resolved: iommu/riscv: Add IOTINVAL after updating DDT/PDT entries Add riscviommuiodiriotinval to perform required TLB and context cache invalidations after updating DDT or PDT entries, as mandated by the RISC-V IOMMU specification Section...

8.8CVSS0.00127EPSS
Exploits0References3
Cvelist
Cvelist
•added 2026/06/24 4:30 p.m.•29 views

CVE-2026-53056 drm/msm/dpu: fix mismatch between power and frequency

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: fix mismatch between power and frequency During DPU runtime suspend, calling devpmoppsetratedev, 0 drops the MMCX rail to MINSVS while the core clock frequency remains at its original highest rate. When runtime resum...

0.0018EPSS
Exploits0References6
Cvelist
Cvelist
•added 2026/06/24 4:30 p.m.•27 views

CVE-2026-53055 crypto: hisilicon/sec2 - prevent req used-after-free for sec

In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/sec2 - prevent req used-after-free for sec During packet transmission, if the system is under heavy load, the hardware might complete processing the packet and free the request memory req before the transmission...

9.8CVSS0.00435EPSS
Exploits0References3
Cvelist
Cvelist
•added 2026/06/24 4:29 p.m.•38 views

CVE-2026-53054 drm/msm: Fix VM_BIND UNMAP locking

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix VMBIND UNMAP locking Wrong argument meant that the objs involved in UNMAP ops were not always getting locked. Since NOSHARE objs share a common resv with the VM which is always locked this would only show up with...

7.8CVSS0.00127EPSS
Exploits0References3
Cvelist
Cvelist
•added 2026/06/24 4:29 p.m.•27 views

CVE-2026-53053 iommu/amd: Fix clone_alias() to use the original device's devid

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix clonealias to use the original device's devid Currently clonealias assumes first argument pdev is always the original device pointer. This function is called by pciforeachdmaalias which based on topology decides to...

8.8CVSS0.00128EPSS
Exploits0References4
Cvelist
Cvelist
•added 2026/06/24 4:29 p.m.•23 views

CVE-2026-53052 ASoC: qcom: qdsp6: topology: check widget type before accessing data

In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: qdsp6: topology: check widget type before accessing data Check widget type before accessing the private data, as this could a virtual widget which is no associated with a dsp graph, container and module. Accessing...

0.00172EPSS
Exploits0References6
Cvelist
Cvelist
•added 2026/06/24 4:29 p.m.•28 views

CVE-2026-53051 PCI: tegra194: Fix CBB timeout caused by DBI access before core power-on

In the Linux kernel, the following vulnerability has been resolved: PCI: tegra194: Fix CBB timeout caused by DBI access before core power-on When PERST is deasserted twice assert - deassert - assert - deassert, a CBB Control Backbone timeout occurs at DBI register offset 0x8bc PCIEMISCCONTROL1OFF...

0.00175EPSS
Exploits0References4
Cvelist
Cvelist
•added 2026/06/24 4:29 p.m.•34 views

CVE-2026-53050 quota: Fix race of dquot_scan_active() with quota deactivation

In the Linux kernel, the following vulnerability has been resolved: quota: Fix race of dquotscanactive with quota deactivation dquotscanactive can race with quota deactivation in quotareleaseworkfn like: CPU0 quotareleaseworkfn CPU1 dquotscanactive ==============================...

7.8CVSS0.00129EPSS
Exploits0References8
Cvelist
Cvelist
•added 2026/06/24 4:29 p.m.•26 views

CVE-2026-53049 gfs2: add some missing log locking

In the Linux kernel, the following vulnerability has been resolved: gfs2: add some missing log locking Function gfs2logd calls the log flushing functions gfs2ail1start, gfs2ail1wait, and gfs2ail1empty without holding sdp-sdlogflushlock, but these functions require exclusion against concurrent...

9.8CVSS0.00509EPSS
Exploits0References7
Cvelist
Cvelist
•added 2026/06/24 4:29 p.m.•24 views

CVE-2026-53048 gfs2: prevent NULL pointer dereference during unmount

In the Linux kernel, the following vulnerability has been resolved: gfs2: prevent NULL pointer dereference during unmount When flushing out outstanding glock work during an unmount, gfs2logflush can be called when sdp-sdjdesc has already been deallocated and sdp-sdjdesc is NULL. Commit 35264909e9...

0.00172EPSS
Exploits0References7
Cvelist
Cvelist
•added 2026/06/24 4:29 p.m.•24 views

CVE-2026-53047 efi/capsule-loader: fix incorrect sizeof in phys array reallocation

In the Linux kernel, the following vulnerability has been resolved: efi/capsule-loader: fix incorrect sizeof in phys array reallocation The krealloc call for capinfo-phys in eficapsulesetupinfo uses sizeofphysaddrt instead of sizeofphysaddrt, which might be causing an undersized allocation. The...

0.00195EPSS
Exploits0References8
Cvelist
Cvelist
•added 2026/06/24 4:29 p.m.•28 views

CVE-2026-53046 ksmbd: fix use-after-free from async crypto on Qualcomm crypto engine

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free from async crypto on Qualcomm crypto engine ksmbdcryptmessage sets a NULL completion callback on AEAD requests and does not handle the -EINPROGRESS return code from async hardware crypto engines like the...

9.8CVSS0.00531EPSS
Exploits0References7
Cvelist
Cvelist
•added 2026/06/24 4:29 p.m.•24 views

CVE-2026-53044 soc/tegra: cbb: Fix incorrect ARRAY_SIZE in fabric lookup tables

In the Linux kernel, the following vulnerability has been resolved: soc/tegra: cbb: Fix incorrect ARRAYSIZE in fabric lookup tables Fix incorrect ARRAYSIZE usage in fabric lookup tables which could cause out-of-bounds access during target timeout lookup...

7.1CVSS0.00124EPSS
Exploits0References3
Total number of security vulnerabilities363954