206291 matches found
CVE-2026-53092
A flaw was found in the Linux kernel's Berkeley Packet Filter BPF subsystem. This vulnerability occurs due to incorrect delta tracking when source and destination registers are the same during register value adjustments. This can lead to a mismatch between the BPF verifier's analysis and the actu...
CVE-2026-42389
This fix provides extra hardening for the 5.4.x branch by doing extra validation of incoming answers from authoritative servers...
CVE-2026-42004
An attacker can send a crafted EDNS OPT record that will be ignored by DNSdist’s filtering rules, but will be rewritten as a valid OPT record when EDNS Client Subnet is inserted, causing the backend to see the EDNS options that DNSdist did not filter...
CVE-2026-40011
An attacker sending a large number of crafted DNS queries might be able to trigger a dynamic block being inserted with a value causing invalid output to be produced in the prometheus endpoint. The prometheus endpoint will then be rejected by the scraper until the dynamic block expires...
CVE-2026-40211
An attacker can send crafted DNS over HTTP/3 queries, triggering an exception that prevents some buffer from being freed right away. The buffer will be freed at the end of the QUIC connection, but on some setups it might be possible to open enough concurrent DoH3 streams to trigger an out-of-memo...
CVE-2026-40210
An out-of-bounds read might happen when SetMacAddrAction is used, potentially resulting in uninitialized memory being sent over the network or a crash...
CVE-2026-40209
An attacker might be able to cause outgoing TCP connections to backend to be stuck until a timeout occurs instead of being released immediately, by sending IXFR queries. This could be used to cause a denial of service if there is a limit to the number of concurrent connections to this backend, or...
CVE-2026-33612
A malicious authoritative server can send a crafted zone via the ZoneToCache function that leads to cache poisoning...
CVE-2026-52949
A flaw was found in the Linux kernel's Direct Rendering Manager DRM subsystem. Specifically, within the ttmboshrink function, a backup failure could lead to an infinite Least Recently Used LRU walk. This issue may allow a local attacker to trigger a Denial of Service DoS, making the system...
CVE-2026-53035
A flaw was found in the Linux kernel's Berkeley Packet Filter BPF sockmap component. A deadlock can occur in the bpfiterunixseqshow function when an iterator program attempts to update a sockmap while a lock is already held. This recursive locking scenario can lead to a system freeze or...
CVE-2026-53103
A flaw was found in the Linux kernel's Wi-Fi subsystem, specifically within the mt7925rocabortsync function. This vulnerability can lead to a deadlock condition when rocabortsync attempts to cancel a work item rocwork while rocwork is already holding a mutex. This situation can occur during Wi-Fi...
CVE-2026-52951
A flaw was found in the Linux kernel's drm/xe/dma-buf subsystem. This vulnerability involves race conditions when handling the invalidatemappings hook, particularly during buffer object initialization and attachment. An attacker, by triggering specific sequences of operations, could exploit these...
CVE-2026-52977
A flaw was found in the Linux kernel's futex Fast Userspace Mutexes subsystem. A race condition between two concurrent futex operations can lead to a system live lock. This occurs when a task attempting to exit early due to a signal or timeout becomes deadlocked while another task continuously...
CVE-2026-52979
A flaw was found in the Linux kernel's Platform Security Processor PSP network driver. This vulnerability occurs when creating a device association, where the system fails to properly check if the device has been unregistered. A race condition exists where the device can be unregistered before a...
CVE-2026-53550
A flaw was found in js-yaml, a JavaScript YAML parser and dumper. A remote attacker can exploit this vulnerability by providing a specially crafted YAML document that repeatedly uses the same alias in a merge sequence. This can lead to algorithmic CPU exhaustion, causing the Node.js worker or eve...
CVE-2026-53036
A flaw was found in the Linux kernel. Specifically, an off-by-one error exists in the BPF Berkeley Packet Filter JIT Just-In-Time compiler when handling immediate values for branch instructions on ARM64 architectures. This vulnerability allows the system to process values outside their intended...
CVE-2026-53024
A flaw was found in the Linux kernel's Greybus raw subsystem. A local user could trigger a use-after-free vulnerability by attempting to write to a character device chardev after it has been disconnected. This can lead to a kernel panic, resulting in a Denial of Service DoS for the system...
CVE-2026-53054
A flaw was found in the Linux kernel's Direct Rendering Manager DRM subsystem, specifically within the Qualcomm Adreno GPU MSM driver. An incorrect argument in the VMBIND UNMAP locking mechanism meant that certain objects involved in unmapping operations were not consistently locked. This could...
CVE-2026-53008
A flaw was found in the Linux kernel. A race condition exists in the ice network driver's TX timestamp ring cleanup, specifically between the icefreetxtstampring and icetxmap functions. This vulnerability could allow a local attacker to trigger a null pointer dereference, leading to a system cras...
CVE-2026-52980
A flaw was found in the Linux kernel's sched/fair scheduler. When a new schedentity is forked, its reldeadline may be unexpectedly set, leading to an abnormally large deadline value. If the task later calls schedyield, this inflated deadline can cause an overflow in vruntime calculations. This ca...
CVE-2026-52957
A flaw was found in the Linux kernel's libceph component. When processing a CEPHMSGOSDMAP message containing a specially crafted CRUSH map, a remote attacker could potentially trigger a null pointer dereference. This issue arises during the decoding of crushchooseargmap if a bucketindex refers to...
CVE-2026-53101
A flaw was found in the Linux kernel's mt7921 Wi-Fi driver. A potential deadlock can occur when the rocabortsync function attempts to cancel a work item while rocwork is still running and holding a mutex. This situation, which can arise during Wi-Fi station removal, causes both sides to block,...
CVE-2026-53064
A flaw was found in the Linux kernel's device-mapper dm-cache component. When dm-cache operates in passthrough mode, a race condition can occur during concurrent write operations to the same cached block. This can lead to a null-pointer dereference in the invalidatecomplete function, potentially...
CVE-2026-56132
A flaw was found in libexpat, a library used for parsing XML data. An attacker could exploit a heap-based buffer overflow, a type of memory error, by providing specially crafted XML input. This vulnerability occurs when the library mishandles memory reallocation while processing XML, particularly...
CVE-2026-53037
A flaw was found in the Linux kernel's USB Human Interface Device HID subsystem. This vulnerability occurs when a USB device, containing both HID and storage or Universal Attached SCSI UAS components, is reset. During the reset process, memory allocation operations within the hidpostreset functio...
CVE-2026-52963
A flaw was found in the Linux kernel's Advanced Linux Sound Architecture ALSA USB audio driver. The driver's handling of MIDI Musical Instrument Digital Interface endpoint descriptors did not properly bound scans, allowing it to read beyond the intended memory buffer. This out-of-bounds read coul...
CVE-2026-53111
A flaw was found in the Linux kernel. The bpflwtxmitpushencap helper in the Berkeley Packet Filter BPF subsystem attempts to access an uninitialized network device structure during certain test runs. A local user can exploit this null pointer dereference by executing the bpflwtpushipencap functio...
CVE-2026-53110
A flaw was found in the Linux kernel's BPF Berkeley Packet Filter JIT Just-In-Time compiler for the s390x architecture. The system's Application Binary Interface ABI requires that unsigned arguments and return values be zero-extended. However, the BPF JIT compiler incorrectly performed only sign...
CVE-2026-53089
A flaw was found in the Linux kernel's BPF Berkeley Packet Filter subsystem. When querying information for an offloaded BPF map or program, a race condition can occur during network namespace destruction. This can lead to a use-after-free vulnerability, potentially causing a system crash or denia...
CVE-2026-53021
A flaw was found in the Linux kernel's SCSI target core. The sbcexecuteunmap function, which handles UNMAP operations, is vulnerable to an integer overflow. This vulnerability occurs because the bounds check for the Logical Block Address LBA and range does not prevent a 64-bit overflow. An attack...
CVE-2026-53084
A flaw was found in the Linux kernel's Berkeley Packet Filter BPF subsystem. This vulnerability involves a lock ordering problem that occurs when BPF programs acquire certain locks that depend on the mmaplock. This issue could potentially lead to system instability or unexpected behavior due to...
CVE-2026-53081
A flaw was found in the Linux kernel's Berkeley Packet Filter BPF verifier. This vulnerability occurs due to inconsistent base ID mapping when the regsafe function compares scalar registers with BPFADDCONST values. This inconsistency allows the BPF verifier to incorrectly succeed in state pruning...
CVE-2026-52953
A flaw was found in the Linux kernel's input/output memory management unit IOMMU virtualized directed I/O VT-d subsystem. This vulnerability occurs due to an out-of-scope memory access when a QEMU process is terminated. An attacker could potentially trigger a general protection fault, leading to ...
CVE-2026-53055
A flaw was found in the Linux kernel's hisilicon/sec2 cryptographic module. Under heavy system load during packet transmission, the hardware may free request memory before the software completes its processing. This can lead to a use-after-free error when the software attempts to access the freed...
CVE-2026-52950
A flaw was found in the Linux kernel, specifically within the drm/xe/dma-buf component. This Use-After-Free UAF vulnerability occurs due to an issue in a retry loop, where a buffer object is prematurely freed on error. An attacker could potentially exploit this to cause memory corruption, leading...
CVE-2026-53053
A flaw was found in the Linux kernel's IOMMU Input/Output Memory Management Unit AMD driver. The clonealias function incorrectly uses the device ID devid when handling alias devices. This can lead to the propagation of wrong or stale Device Table Entry DTE entries to alias devices, potentially...
CVE-2026-53083
A flaw was found in the Linux kernel. A missing condresched in the bpffdarraymapclear loop, specifically when handling BPF Berkeley Packet Filter PROGARRAY maps with numerous entries, can lead to an RCU Read-Copy Update stall. This can result in a Denial of Service DoS under heavy system load, as...
CVE-2026-53090
A flaw was found in the Linux kernel's Berkeley Packet Filter BPF verifier. When ldabs,ind instructions are used in BPF subprograms, the verifier fails to correctly simulate the abnormal exit path if packet data loading fails. This oversight could lead to unexpected behavior or bypass of security...
CVE-2026-53040
A flaw was found in the Oracle Cluster File System Release 2 OCFS2 in the Linux kernel. A local attacker with the ability to craft a malicious OCFS2 filesystem could trigger a use-after-free vulnerability. This occurs when the OCFS2IOCINFO ioctl is issued with the OCFS2INFOFLNONCOHERENT flag,...
CVE-2026-57914
A flaw was found in Apache Kerby. A remote attacker could send a deeply nested Abstract Syntax Notation One ASN.1 structure to an Apache Kerby client or service, triggering a stack overflow exception. This could lead to a denial of service DoS condition, making the service unavailable to legitima...
CVE-2026-53013
A flaw was found in the Linux kernel's macvlan module. An issue in the macvlangetsize function, which incorrectly calculates the required space for network interface information, can lead to a denial of service. A local user could exploit this by configuring a macvlan interface with a specific...
CVE-2026-53029
A flaw was found in the Linux kernel's ntfs3 filesystem driver. This vulnerability occurs due to an uninitialized local variable lcn when handling zero-length data during I/O operations. An attacker could potentially exploit this flaw to cause a denial of service or information disclosure due to...
CVE-2026-53019
A flaw was found in the Linux kernel's clock clk driver for Spacemit's ccumix component. An inverted condition within the ccumixtriggerfc function can cause the system to skip frequency change triggers. This can lead to kernel panics during CPU frequency scaling, resulting in a Denial of Service...
CVE-2026-57454
A flaw was found in Vim, an open source command-line text editor. A local attacker could exploit this vulnerability by providing a specially crafted undo or swap file. When Vim processes this file, an out-of-bounds read occurs, which can lead to the disclosure of sensitive information from memory...
CVE-2026-57915
A flaw was found in Apache Kerby. An attacker can bypass the Kerberos pre-authentication check by sending a Pre-Authentication Data PA-DATA packet with an unrecognized or unsupported type. This vulnerability allows an attacker to circumvent the initial authentication step, potentially leading to...
CVE-2026-53028
A flaw was found in the Linux kernel's USB Type-C subsystem. This vulnerability occurs when an error pointer for tps-partner is checked but not handled, leading to its subsequent dereference. This unhandled error can cause a system crash, resulting in a Denial of Service DoS for the affected syst...
CVE-2026-53063
A flaw was found in the Linux kernel's device-mapper dm cache component. Incomplete logic within the invalidateremove function, which handles write operations after cache invalidation, can lead to a system hang. This occurs because the function sets up remapping for write operations but fails to...
CVE-2026-53052
A flaw was found in the Linux kernel. The Advanced Linux Sound Architecture on Chip ASoC subsystem, specifically within the Qualcomm qdsp6 topology component, fails to verify the type of a virtual widget before accessing its private data. This oversight could allow an attacker to cause incorrect...
CVE-2026-57918
A flaw was found in libnfs. When connecting to a malicious Network File System NFS server, an integer underflow vulnerability occurs due to an issue in handling the expected data unit size. This flaw could allow a remote attacker to disclose sensitive information and potentially manipulate data o...
CVE-2026-53017
A flaw was found in the Linux kernel's f2fs filesystem. This vulnerability can lead to data loss when a file synchronization fsync operation on a newly created file occurs at the same time as a checkpoint operation. The system incorrectly assumes that a checkpoint has completed, which can result ...