Lucene search
K
RedhatRecent

114828 matches found

RedHat Linux
RedHat Linux
•added 2026/06/22 10:59 a.m.•14 views

kernel: xen/privcmd: fix double free via VMA splitting

A flaw was found in the Linux kernel's xen/privcmd module. A local user could exploit this by performing a partial unmapping of a privcmd memory region. This action causes a Virtual Memory Area VMA to split, leading to duplicated internal memory pointers. As a result, the same memory can be freed...

7.8CVSS5.7AI score0.00183EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/22 10:59 a.m.•21 views

kernel: wifi: mac80211: remove station if connection prep fails

A flaw was found in the Linux kernel's mac80211 Wi-Fi subsystem. When Multi-Link Operation MLO connection preparation fails, the system may not correctly remove the associated station. This can lead to a use-after-free or double-free vulnerability in the debugfs component, potentially causing...

8.8CVSS5.8AI score0.00302EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/22 10:59 a.m.•5 views

kernel: exit: prevent preemption of oopsing TASK_DEAD task

A flaw was found in the Linux kernel. During the exit process of a task that has encountered an error, the system can incorrectly allow the task to be interrupted. This can lead to improper management of the task's memory, potentially causing memory corruption. Such an issue could allow a local...

7.8CVSS5.8AI score0.00126EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/22 10:59 a.m.•29 views

kernel: wifi: mac80211: use safe list iteration in radar detect work

A flaw was found in the Linux kernel's mac80211 wireless subsystem. This vulnerability arises from unsafe list iteration during radar detection work, where a channel context can be freed while still being processed. This can lead to a use-after-free memory error. A successful exploit could result...

8.8CVSS5.8AI score0.00203EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/22 10:59 a.m.•4 views

kernel: wifi: mac80211: drop stray 'static' from fast-RX rx_result

A flaw was found in the Linux kernel's Wi-Fi mac80211 subsystem. The ieee80211invokefastrx function uses a static variable for rxresult, which is shared across concurrent calls. This can lead to incorrect processing of Wi-Fi packets, where a packet might be mishandled or its status incorrectly...

8.8CVSS5.8AI score0.00161EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/22 10:59 a.m.•6 views

kernel: RDMA/mana: Validate rx_hash_key_len

A flaw was found in the Linux kernel's RDMA/mana component. A local user could exploit this vulnerability by providing an invalid rxhashkeylen value through a user-space API uAPI structure. This invalid value is then used in a memcpy operation without proper bounds checking, allowing the user to...

7.8CVSS5.8AI score0.00142EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/22 10:59 a.m.•4 views

kernel: mptcp: fix slab-use-after-free in __inet_lookup_established

A flaw was found in the Linux kernel's Multipath TCP MPTCP implementation. Due to incorrect memory allocation for IPv6 subflow child sockets, a use-after-free vulnerability exists. A remote attacker could exploit this by triggering concurrent lookups in the kernel's hash table, potentially leadin...

9.8CVSS6.5AI score0.004EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/22 10:33 a.m.•4 views

kernel: selinux: fix overlayfs mmap() and mprotect() access checks

A flaw was found in the Linux kernel's SELinux security module when handling overlayfs. The existing security model for overlayfs does not properly enforce access controls for mmap and mprotect operations. This oversight could allow a local attacker to bypass intended security policies, potential...

7.1CVSS5.8AI score0.00115EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/22 10:33 a.m.•57 views

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

7.1CVSS5.9AI score0.00115EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 2026/06/22 9:59 a.m.•5 views

kernel: selinux: fix overlayfs mmap() and mprotect() access checks

A flaw was found in the Linux kernel's SELinux security module when handling overlayfs. The existing security model for overlayfs does not properly enforce access controls for mmap and mprotect operations. This oversight could allow a local attacker to bypass intended security policies, potential...

7.1CVSS5.8AI score0.00115EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/22 9:59 a.m.•25 views

Important: Red Hat Security Advisory: kernel-rt security update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

7.1CVSS5.9AI score0.00115EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 2026/06/22 9:27 a.m.•6 views

webkitgtk: An app may be able to access sensitive user data

A flaw was found in WebKitGTK. Processing or loading malicious web content can allow an app to access sensitive user data due to improper data protection...

5.5CVSS5.8AI score0.0014EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/22 9:27 a.m.•2 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

8.8CVSS6.5AI score0.00693EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/22 9:27 a.m.•4 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash

A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash...

8.8CVSS6AI score0.00393EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/22 9:27 a.m.•5 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

8.8CVSS6AI score0.00411EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/22 9:27 a.m.•5 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

8.8CVSS6AI score0.00411EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/22 9:27 a.m.•5 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash

A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash...

8.8CVSS6AI score0.00378EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/22 9:27 a.m.•6 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash...

8.8CVSS6AI score0.00399EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/22 9:27 a.m.•5 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

8.8CVSS6.6AI score0.00602EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/22 9:27 a.m.•4 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

8.8CVSS6AI score0.00411EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/22 9:27 a.m.•5 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

8.8CVSS6AI score0.00389EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/22 9:27 a.m.•7 views

Important: Red Hat Security Advisory: webkit2gtk3 security update

An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring...

8.8CVSS6.6AI score0.00693EPSS
Exploits0References17
RedHat Linux
RedHat Linux
•added 2026/06/22 9:27 a.m.•4 views

webkitgtk: Processing maliciously crafted web content may prevent Content Security Policy from being enforced

A flaw was found in WebKitGTK. Processing malicious web content may prevent Content Security Policy from being enforced due to a validation issue with improper logic...

7.5CVSS6AI score0.0027EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/22 9:27 a.m.•5 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

8.8CVSS6AI score0.00318EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/22 9:27 a.m.•3 views

webkitgtk: Processing maliciously crafted web content may prevent Content Security Policy from being enforced

A flaw was found in WebKitGTK. Processing malicious web content may prevent Content Security Policy from being enforced due to improper input validation...

8.1CVSS6AI score0.00304EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/22 9:27 a.m.•5 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash

A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash...

8.8CVSS5.8AI score0.00462EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/22 9:27 a.m.•5 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

8.8CVSS5.8AI score0.00389EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/22 9:27 a.m.•5 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

8.8CVSS6AI score0.00389EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/22 6:44 a.m.•9 views

kernel: xfs: fix freemap adjustments when adding xattrs to leaf blocks

A flaw was found in the Linux kernel's XFS filesystem. When adding extended attributes xattrs, which are metadata associated with files, to leaf blocks, incorrect adjustments to the freemap can occur. This inconsistency allows the entries array and free space to overlap, leading to an assertion...

8.8CVSS5.8AI score0.00469EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/22 6:44 a.m.•5 views

kernel: wifi: mac80211: remove station if connection prep fails

A flaw was found in the Linux kernel's mac80211 Wi-Fi subsystem. When Multi-Link Operation MLO connection preparation fails, the system may not correctly remove the associated station. This can lead to a use-after-free or double-free vulnerability in the debugfs component, potentially causing...

8.8CVSS5.8AI score0.00302EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/22 6:44 a.m.•6 views

kernel: Linux kernel: Denial of Service in libceph OSD client due to unreset sparse-read state

A flaw was found in the Linux kernel's libceph OSD client. When a connection fault occurs during a sparse read, the sparse-read state is not properly reset. This allows a misbehaving or compromised Ceph OSD server, or a network adversary, to disrupt traffic. As a result, the client can misinterpr...

7.5CVSS5.8AI score0.0028EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/22 6:44 a.m.•4 views

kernel: smc: Use __sk_dst_get() and dst_dev_rcu() in smc_clc_prfx_match()

A flaw was found in the Linux kernel’s SMC Shared Memory Communication module: in smcclcprfxmatch, the function is called from smclistenwork without proper RCU or RTNL protection. The code previously used skdstgetsk-dev, which can lead to a use-after-free UAF condition if the sk’s destination is...

5.8AI score0.00154EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/22 6:44 a.m.•5 views

kernel: Linux kernel: Use-After-Free in net/gro due to improper handling of zerocopy skbs

A flaw was found in the Linux kernel's Generic Receive Offload GRO networking subsystem. This vulnerability occurs when skbgroreceive attempts to merge zerocopy socket buffers skbs without properly managing page reference counts, specifically when the SKBFLMANAGEDFRAGREFS flag is set. An attacker...

7.8CVSS6.1AI score0.00129EPSS
Exploits0References11
RedHat Linux
RedHat Linux
•added 2026/06/22 6:44 a.m.•5 views

kernel: Linux kernel: smb: client: reject userspace cifs.spnego descriptions

A privilege escalation vulnerability was found in the Linux kernel's CIFS client implementation. This could allow a local attacker to impersonate other users, bypass authentication in SMB mount operations, and potentially gain unauthorized access to network file shares or escalate privileges...

7.8CVSS5.8AI score0.00353EPSS
Exploits4References7
RedHat Linux
RedHat Linux
•added 2026/06/22 6:44 a.m.•5 views

kernel: RDMA/iwcm: Fix workqueue list corruption by removing work_list

A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA Internet Wide Area RDMA Protocol iWARP subsystem. Incorrect work submission logic in the iwcm component can lead to multiple queueing of work items. This allows a work item to be processed and freed while still present in the...

9.8CVSS5.7AI score0.00465EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/22 6:44 a.m.•4 views

kernel: netfilter: ctnetlink: ensure safe access to master conntrack

A flaw was found in the netfilter: ctnetlink component of the Linux kernel. This vulnerability occurs due to insufficient locking when accessing the master conntrack object, allowing it to become invalid while still being referenced. A local attacker could potentially exploit this race condition,...

7.8CVSS5.8AI score0.00096EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/22 6:44 a.m.•4 views

kernel: mm/page_alloc: clear page->private in free_pages_prepare()

A flaw was found in the Linux kernel's memory management subsystem. When pages are freed, the page-private field is not properly cleared. If these pages are later reallocated as high-order pages and split, the tail pages can retain stale page-private values. This can lead to a use-after-free...

7.8CVSS5.8AI score0.0013EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/22 6:44 a.m.•6 views

kernel: smc: Fix use-after-free in __pnet_find_base_ndev()

In the Linux kernel, the following vulnerability has been resolved: smc: Fix use-after-free in pnetfindbasendev. syzbot reported use-after-free of netdevice in pnetfindbasendev, which was called during connect. 0 smcpnetfindismresource fetches skdstgetsk-dev and passes down to pnetfindbasendev,...

5.7AI score0.0017EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/22 6:44 a.m.•8 views

kernel: net/sched: act_pedit: extend the writable skb range per key

A flaw was found in the Linux kernel's traffic control packet editing pedit subsystem. In tcfpeditact, the copy-on-write COW range for skbensurewritable is computed once before iterating over edit keys, but the calculation does not account for runtime header offsets added by typed keys. This can...

7.8CVSS5.8AI score0.00259EPSS
Exploits9References6
RedHat Linux
RedHat Linux
•added 2026/06/22 6:44 a.m.•5 views

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

9.8CVSS5.9AI score0.00469EPSS
Exploits13References13
RedHat Linux
RedHat Linux
•added 2026/06/22 6:44 a.m.•15 views

kernel: wifi: mac80211: use safe list iteration in radar detect work

A flaw was found in the Linux kernel's mac80211 wireless subsystem. This vulnerability arises from unsafe list iteration during radar detection work, where a channel context can be freed while still being processed. This can lead to a use-after-free memory error. A successful exploit could result...

8.8CVSS5.8AI score0.00203EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/22 6:34 a.m.•5 views

postgresql: integer overflow can cause an undersized allocation and an out-of-bounds write

A flaw was found in PostgreSQL. An integer overflow in multiple server features allows an unprivileged database user to cause an undersized memory allocation that leads to an out-of-bounds write. This issue allows an attacker to execute arbitrary code as the operating system user running the...

8.8CVSS6.2AI score0.00668EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/22 6:34 a.m.•6 views

postgresql: PostgreSQL libpq: Buffer overflow allows server superuser to overwrite client stack memory

A flaw was found in PostgreSQL libpq. A server superuser can exploit a buffer overflow vulnerability in the PQfn function, which is used by client functions such as loexport, loread, lolseek64, and lotell64. This allows the superuser to send an arbitrarily large response, overwriting the client's...

8.8CVSS6.7AI score0.00464EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/22 6:34 a.m.•6 views

postgresql: PostgreSQL: Operating system account hijack via symlink following in pg_basebackup and pg_rewind

A flaw was found in PostgreSQL. This vulnerability, related to symlink following in pgbasebackup plain format and pgrewind, allows an origin superuser to overwrite local files. By exploiting this, an attacker could potentially hijack the operating system account. This attack has practical...

8.8CVSS6AI score0.00324EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/22 6:34 a.m.•4 views

postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison

A flaw was found in PostgreSQL. This vulnerability, a covert timing channel, exists in the comparison of MD5-hashed passwords during authentication. A remote attacker could exploit this to recover user credentials, gaining unauthorized access to the database. This issue specifically impacts...

8.2CVSS5.9AI score0.00558EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/22 6:34 a.m.•14 views

Important: Red Hat Security Advisory: postgresql security update

An update for postgresql is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

8.8CVSS5.9AI score0.00668EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/22 6:28 a.m.•10 views

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

9.8CVSS5.9AI score0.00469EPSS
Exploits4References11
RedHat Linux
RedHat Linux
•added 2026/06/22 6:28 a.m.•7 views

kernel: sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL

A flaw was found in the Linux kernel's Stream Control Transmission Protocol SCTP implementation. A race condition exists in the SCTPSENDALL path where a cached list entry is not properly revalidated after the socket lock is temporarily released. This allows a local attacker or a remote attacker v...

7.8CVSS6.1AI score0.00104EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/22 6:28 a.m.•8 views

kernel: Linux kernel: Use-After-Free in net/gro due to improper handling of zerocopy skbs

A flaw was found in the Linux kernel's Generic Receive Offload GRO networking subsystem. This vulnerability occurs when skbgroreceive attempts to merge zerocopy socket buffers skbs without properly managing page reference counts, specifically when the SKBFLMANAGEDFRAGREFS flag is set. An attacker...

7.8CVSS6.1AI score0.00129EPSS
Exploits0References11
RedHat Linux
RedHat Linux
•added 2026/06/22 6:28 a.m.•8 views

kernel: wifi: mac80211: remove station if connection prep fails

A flaw was found in the Linux kernel's mac80211 Wi-Fi subsystem. When Multi-Link Operation MLO connection preparation fails, the system may not correctly remove the associated station. This can lead to a use-after-free or double-free vulnerability in the debugfs component, potentially causing...

8.8CVSS5.8AI score0.00302EPSS
Exploits0References5
Total number of security vulnerabilities114828