Lucene search
K
UbuntucveRecent

68528 matches found

UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.2 views

CVE-2026-23106

In the Linux kernel, the following vulnerability has been resolved: timekeeping: Adjust the leap state for the correct auxiliary timekeeper When doajdtimex was introduced to handle adjtimex for any timekeeper, this reference to tkcore was not updated. When called on an auxiliary timekeeper, the...

5.5CVSS5.7AI score0.001EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.2 views

CVE-2026-23059

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Sanitize payload size to prevent member overflow In qla27xxcopyfpinpkt and qla27xxcopymultiplepkt, the framesize reported by firmware is used to calculate the copy length into item-iocb. However, the iocb member is...

5.7AI score0.00168EPSS
Exploits0References12
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.4 views

CVE-2026-23056

In the Linux kernel, the following vulnerability has been resolved: uacce: implement mremap in uaccevmops to return -EPERM The current uaccevmops does not support the mremap operation of vmoperationsstruct. Implement .mremap to return -EPERM to remind users. The reason we need to explicitly disab...

5.7AI score0.00177EPSS
Exploits0References25
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.3 views

CVE-2026-23072

In the Linux kernel, the following vulnerability has been resolved: l2tp: Fix memleak in l2tpudpencaprecv. syzbot reported memleak of struct l2tpsession, l2tptunnel, sock, etc. 0 The cited commit moved down the validation of the protocol version in l2tpudpencaprecv. The new place requires an extr...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.4 views

CVE-2026-23095

In the Linux kernel, the following vulnerability has been resolved: gue: Fix skb memleak with inner IP protocol 0. syzbot reported skb memleak below. 0 The repro generated a GUE packet with its inner protocol 0. gueudprecv returns -guehdr-protoctype for "resubmit" in ipprotocoldeliverrcu, but thi...

7.5CVSS5.7AI score0.00239EPSS
Exploits0References25
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.4 views

CVE-2026-23079

In the Linux kernel, the following vulnerability has been resolved: gpio: cdev: Fix resource leaks on errors in lineinfochangednotify On error handling paths, lineinfochangednotify doesn't free the allocated resources which results leaks. Fix it...

5.5CVSS5.7AI score0.00107EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.5 views

CVE-2026-23063

In the Linux kernel, the following vulnerability has been resolved: uacce: ensure safe queue release with state management Directly calling putqueue carries risks since it cannot guarantee that resources of uaccequeue have been fully released beforehand. So adding a stopqueue operation for the...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References25
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.6 views

CVE-2026-23087

In the Linux kernel, the following vulnerability has been resolved: scsi: xen: scsiback: Fix potential memory leak in scsibackremove Memory allocated for struct vscsiblkinfo in scsibackprobe is not freed in scsibackremove leading to potential memory leaks on remove, as well as in the scsibackprob...

5.5CVSS5.9AI score0.00123EPSS
Exploits0References25
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.4 views

CVE-2026-23073

In the Linux kernel, the following vulnerability has been resolved: wifi: rsi: Fix memory corruption due to not set vif driver data size The struct ieee80211vif contains trailing space for vif driver data, when struct ieee80211vif is allocated, the total memory size that is allocated is...

7.8CVSS5.9AI score0.0013EPSS
Exploits0References25
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.4 views

CVE-2026-23062

In the Linux kernel, the following vulnerability has been resolved: platform/x86: hp-bioscfg: Fix kernel panic in GETINSTANCEID macro The GETINSTANCEID macro that caused a kernel panic when accessing sysfs attributes: 1. Off-by-one error: The loop condition used 'name without checking if...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References12
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.2 views

CVE-2026-23078

In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Fix buffer overflow in config retrieval The scarlett2usbgetconfig function has a logic error in the endianness conversion code that can cause buffer overflows when count 1. The code checks if size == 2 where size...

7.8CVSS6AI score0.00143EPSS
Exploits0References25
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.4 views

CVE-2026-23069

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix potential underflow in virtiotransportgetcredit The credit calculation in virtiotransportgetcredit uses unsigned arithmetic: ret = vvs-peerbufalloc - vvs-txcnt - vvs-peerfwdcnt; If the peer shrinks its advertise...

5.5CVSS5.8AI score0.00127EPSS
Exploits0References12
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.6 views

CVE-2026-23064

In the Linux kernel, the following vulnerability has been resolved: net/sched: actife: avoid possible NULL deref tcfifeencode must make sure ifeencode does not return NULL. syzbot reported: Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 1 SMP KASAN NOP...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References25
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.4 views

CVE-2026-23108

In the Linux kernel, the following vulnerability has been resolved: can: usb8dev: usb8devreadbulkcallback: fix URB memory leak Fix similar memory leak as in commit 7352e1d5932a "can: gsusb: gsusbreceivebulkcallback: fix URB memory leak". In usb8devopen - usb8devstart, the URBs for USB-in transfer...

5.5CVSS5.9AI score0.00127EPSS
Exploits0References25
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.5 views

CVE-2026-23091

In the Linux kernel, the following vulnerability has been resolved: intelth: fix device leak on output open Make sure to drop the reference taken when looking up the th device during output device open on errors and on close. Note that a recent commit fixed the leak in a couple of open error path...

5.5CVSS5.9AI score0.00123EPSS
Exploits0References31
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.6 views

CVE-2026-23102

In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: signal: Fix restoration of SVE context When SME is supported, Restoring SVE signal context can go wrong in a few ways, including placing the task into an invalid state where the kernel may read from out-of-bounds...

7.1CVSS5.8AI score0.00117EPSS
Exploits0References10
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.3 views

CVE-2026-23082

In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbreceivebulkcallback: unanchor URL on usbsubmiturb error In commit 7352e1d5932a "can: gsusb: gsusbreceivebulkcallback: fix URB memory leak", the URB was re-anchored before usbsubmiturb in gsusbreceivebulkcallback ...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.5 views

CVE-2026-23049

In the Linux kernel, the following vulnerability has been resolved: drm/panel-simple: fix connector type for DataImage SCF0700C48GGU18 panel The connector type for the DataImage SCF0700C48GGU18 panel is missing and devmdrmpanelbridgeadd requires connector type to be set. This leads to a warning a...

5.9AI score0.00173EPSS
Exploits0References25
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.3 views

CVE-2026-23083

In the Linux kernel, the following vulnerability has been resolved: fou: Don't allow 0 for FOUATTRIPPROTO. fouudprecv has the same problem mentioned in the previous patch. If FOUATTRIPPROTO is set to 0, skb is not freed by fouudprecv nor "resubmit"-ted in ipprotocoldeliverrcu. Let's forbid 0 for...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References25
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.6 views

CVE-2025-71198

In the Linux kernel, the following vulnerability has been resolved: iio: imu: stlsm6dsx: fix iiochanspec for sensors without event detection The stlsm6dsxaccchannels array of struct iiochanspec has a non-NULL eventspec field, indicating support for IIO events. However, event detection is not...

5.8AI score0.00168EPSS
Exploits0References12
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.3 views

CVE-2026-23068

In the Linux kernel, the following vulnerability has been resolved: spi: spi-sprd-adi: Fix double free in probe error path The driver currently uses spiallochost to allocate the controller but registers it using devmspiregistercontroller. If devmregisterrestarthandler fails, the code jumps to the...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References12
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.6 views

CVE-2026-23053

In the Linux kernel, the following vulnerability has been resolved: NFS: Fix a deadlock involving nfsreleasefolio Wang Zhaolong reports a deadlock involving NFSv4.1 state recovery waiting on kthreadd, which is attempting to reclaim memory by calling nfsreleasefolio. The latter cannot make progres...

5.8AI score0.00168EPSS
Exploits0References11
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.5 views

CVE-2026-23050

In the Linux kernel, the following vulnerability has been resolved: pNFS: Fix a deadlock when returning a delegation during open Ben Coddington reports seeing a hang in the following stack trace: 0 ffffd0b50e1774e0 schedule at ffffffff9ca05415 1 ffffd0b50e177548 schedule at ffffffff9ca05717 2...

5.7AI score0.00168EPSS
Exploits0References11
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.3 views

CVE-2026-23057

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Coalesce only linear skb vsock/virtio common tries to coalesce buffers in rx queue: if a linear skb with a spare tail room is followed by a small skb length limited by GOODCOPYLEN = 128, an attempt is made to join...

5.7AI score0.00166EPSS
Exploits0References11
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.2 views

CVE-2025-71195

In the Linux kernel, the following vulnerability has been resolved: dmaengine: xilinx: xdma: Fix regmap maxregister The maxregister field is assigned the size of the register memory region instead of the offset of the last register. The result is that reading from the regmap via debugfs can cause...

5.7AI score0.00168EPSS
Exploits0References12
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.3 views

CVE-2026-23065

In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd: Fix memory leak in wbrfrecord The tmp buffer is allocated using kcalloc but is not freed if acpievaluatedsm fails. This causes a memory leak in the error path. Fix this by explicitly freeing the tmp buffer in th...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References11
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.4 views

CVE-2026-23099

In the Linux kernel, the following vulnerability has been resolved: bonding: limit BONDMODE8023AD to Ethernet devices BONDMODE8023AD makes sense for ARPHRDETHER only. syzbot reported: BUG: KASAN: global-out-of-bounds in hwaddrcreate net/core/devaddrlists.c:63 inline BUG: KASAN: global-out-of-boun...

7.1CVSS5.9AI score0.00152EPSS
Exploits0References25
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.3 views

CVE-2026-23096

In the Linux kernel, the following vulnerability has been resolved: uacce: fix cdev handling in the cleanup path When cdevdeviceadd fails, it internally releases the cdev memory, and if cdevdevicedel is then executed, it will cause a hang error. To fix it, we check the return value of cdevdevicea...

5.5CVSS5.7AI score0.00114EPSS
Exploits0References25
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.3 views

CVE-2026-23089

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix use-after-free in sndusbmixerfree When sndusbcreatemixer fails, sndusbmixerfree frees mixer-idelems but the controls already added to the card still reference the freed memory. Later when sndcardregister runs...

7.8CVSS5.9AI score0.00135EPSS
Exploits0References25
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.4 views

CVE-2026-23076

In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Fix potential OOB access in audio mixer handling In the audio mixer handling code of ctxfi driver, the conf field is used as a kind of loop index, and it's referred in the index callbacks amixerindex and sumindex. As...

7.1CVSS5.9AI score0.00126EPSS
Exploits0References25
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.4 views

CVE-2025-71199

In the Linux kernel, the following vulnerability has been resolved: iio: adc: at91-sama5d2adc: Fix potential use-after-free in sama5d2adc driver at91adcinterrupt can call at91adctouchdatahandler function to start the work by schedulework&st-touchst.workq. If we remove the module which will call...

5.7AI score0.00173EPSS
Exploits0References25
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.2 views

CVE-2026-23067

In the Linux kernel, the following vulnerability has been resolved: iommu/io-pgtable-arm: fix sizet signedness bug in unmap path armlpaeunmap returns sizet but was returning -ENOENT negative error code when encountering an unmapped PTE. Since sizet is unsigned, -ENOENT typically -2 becomes a huge...

5.5CVSS5.8AI score0.00107EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.2 views

CVE-2026-23093

In the Linux kernel, the following vulnerability has been resolved: ksmbd: smbd: fix dmaunmapsg nents The dmaunmapsg functions should be called with the same nents as the dmamapsg, not the value the map function returned...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References23
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.4 views

CVE-2025-71193

In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qusb2: Fix NULL pointer dereference on early suspend Enabling runtime PM before attaching the QPHY instance as driver data can lead to a NULL pointer dereference in runtime PM callbacks that expect valid driver data...

5.7AI score0.00168EPSS
Exploits0References12
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.5 views

CVE-2025-71197

In the Linux kernel, the following vulnerability has been resolved: w1: therm: Fix off-by-one buffer overflow in alarmsstore The sysfs buffer passed to alarmsstore is allocated with 'size + 1' bytes and a NUL terminator is appended. However, the 'size' argument does not account for this extra byt...

6.1AI score0.00191EPSS
Exploits0References25
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.4 views

CVE-2026-23077

In the Linux kernel, the following vulnerability has been resolved: mm/vma: fix anonvma UAF on mremap faulted, unfaulted merge Patch series "mm/vma: fix anonvma UAF on mremap faulted, unfaulted merge", v2. Commit 879bca0a2c4f "mm/vma: fix incorrectly disallowed anonymous VMA merges" introduced th...

7.8CVSS5.7AI score0.00134EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.4 views

CVE-2026-23098

In the Linux kernel, the following vulnerability has been resolved: netrom: fix double-free in nrrouteframe In nrrouteframe, oldskb is immediately freed without checking if nrneigh-ax25 pointer is NULL. Therefore, if nrneigh-ax25 is NULL, the caller function will free oldskb again, causing a...

8.8CVSS5.7AI score0.00177EPSS
Exploits0References25
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.4 views

CVE-2026-23097

In the Linux kernel, the following vulnerability has been resolved: migrate: correct lock ordering for hugetlb file folios Syzbot has found a deadlock analyzed by Lance Yang: 1 Task 5749: Holds foliolock, then tries to acquire immaprwsemread lock. 2 Task 5754: Holds immaprwsemwrite lock, then tri...

5.5CVSS5.9AI score0.00114EPSS
Exploits0References25
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.5 views

CVE-2026-23107

In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: signal: Allocate SSVE storage when restoring ZA The code to restore a ZA context doesn't attempt to allocate the task's svestate before setting TIFSME. Consequently, restoring a ZA context can place a task into an...

5.5CVSS5.8AI score0.00126EPSS
Exploits0References12
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.5 views

CVE-2026-23104

In the Linux kernel, the following vulnerability has been resolved: ice: fix devlink reload call trace Commit 4da71a77fc3b "ice: read internal temperature sensor" introduced internal temperature sensor reading via HWMON. icehwmoninit was added to iceinitfeature and icehwmonexit was added to...

5.5CVSS5.7AI score0.00112EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.5 views

CVE-2026-23086

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: cap TX credit to local buffer size The virtio transports derives its TX credit directly from peerbufalloc, which is set from the remote endpoint's SOVMSOCKETSBUFFERSIZE value. On the host side this means that the...

5.5CVSS5.9AI score0.00142EPSS
Exploits0References12
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.4 views

CVE-2026-23075

In the Linux kernel, the following vulnerability has been resolved: can: esdusb: esdusbreadbulkcallback: fix URB memory leak Fix similar memory leak as in commit 7352e1d5932a "can: gsusb: gsusbreceivebulkcallback: fix URB memory leak". In esdusbopen, the URBs for USB-in transfers are allocated,...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References25
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.4 views

CVE-2026-23092

In the Linux kernel, the following vulnerability has been resolved: iio: dac: ad3552r-hs: fix out-of-bound write in ad3552rhswritedatasource When simplewritetobuffer succeeds, it returns the number of bytes actually copied to the buffer. The code incorrectly uses 'count' as the index for null...

7.8CVSS6.8AI score0.00186EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.4 views

CVE-2026-23085

In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Avoid truncating memory addresses On 32-bit machines with CONFIGARMLPAE, it is possible for lowmem allocations to be backed by addresses physical memory above the 32-bit address limit, as found while...

5.5CVSS5.9AI score0.00123EPSS
Exploits0References25
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.7 views

CVE-2026-23074

In the Linux kernel, the following vulnerability has been resolved: net/sched: Enforce that teql can only be used as root qdisc Design intent of teql is that it is only supposed to be used as root qdisc. We need to check for that constraint. Although not important, I will describe the scenario th...

7.8CVSS5.9AI score0.00134EPSS
Exploits0References43
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.5 views

CVE-2026-23052

In the Linux kernel, the following vulnerability has been resolved: ftrace: Do not over-allocate ftrace memory The pgremaining calculation in ftraceprocesslocs assumes that ENTRIESPERPAGE multiplied by 2^order equals the actual capacity of the allocated page group. However, ENTRIESPERPAGE is...

5.7AI score0.00155EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.4 views

CVE-2026-23070

In the Linux kernel, the following vulnerability has been resolved: Octeontx2-af: Add proper checks for fwdata firmware populates MAC address, link modes supported, advertised and EEPROM data in shared firmware structure which kernel access via MAC blockCGX/RPM. Accessing fwdata, on boards booted...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.4 views

CVE-2026-23100

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix hugetlbpmdshared Patch series "mm/hugetlb: fixes for PMD table sharing incl. using mmugather", v3. One functional fix, one performance regression fix, and two related comment fixes. I cleaned up my prototype I...

5.5CVSS5.7AI score0.00114EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.8 views

CVE-2026-23110

In the Linux kernel, the following vulnerability has been resolved: scsi: core: Wake up the error handler when final completions race against each other The fragile ordering between marking commands completed or failed so that the error handler only wakes when the last running command completes o...

4.7CVSS5.7AI score0.00096EPSS
Exploits0References12
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.4 views

CVE-2026-23103

In the Linux kernel, the following vulnerability has been resolved: ipvlan: Make the addrslock be per port Make the addrslock be per port, not per ipvlan dev. Initial code seems to be written in the assumption, that any address change must occur under RTNL. But it is not so for the case of IPv6. ...

7.8CVSS6AI score0.00107EPSS
Exploits0References25
Total number of security vulnerabilities68528