CVE-2026-46123
- EPSS 0.14%
- Veröffentlicht 28.05.2026 09:35:38
- Zuletzt bearbeitet 24.06.2026 16:51:21
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: virtio_bt: clamp rx length before skb_put virtbt_rx_work() calls skb_put(skb, len) where len comes directly from virtqueue_get_buf() with no validation against the buffe...
CVE-2026-46124
- EPSS 0.43%
- Veröffentlicht 28.05.2026 09:35:38
- Zuletzt bearbeitet 24.06.2026 16:51:14
In the Linux kernel, the following vulnerability has been resolved: isofs: validate block number from NFS file handle in isofs_export_iget isofs_fh_to_dentry() and isofs_fh_to_parent() pass an attacker- controlled block number (ifid->block or ifid-...
CVE-2026-46122
- EPSS 0.13%
- Veröffentlicht 28.05.2026 09:35:37
- Zuletzt bearbeitet 24.06.2026 16:51:28
In the Linux kernel, the following vulnerability has been resolved: wifi: b43: enforce bounds check on firmware key index in b43_rx() The firmware-controlled key index in b43_rx() can exceed the dev->key[] array size (58 entries). The existing B43_...
CVE-2026-46121
- EPSS 0.13%
- Veröffentlicht 28.05.2026 09:35:36
- Zuletzt bearbeitet 24.06.2026 16:51:34
In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs-schemes: protect memcg_path kfree() with damon_sysfs_lock Patch series "mm/damon/sysfs-schemes: fix use-after-free for [memcg_]path". Reads of 'memcg_path' and 'pat...
CVE-2026-46120
- EPSS 0.13%
- Veröffentlicht 28.05.2026 09:35:35
- Zuletzt bearbeitet 24.06.2026 16:51:39
In the Linux kernel, the following vulnerability has been resolved: ip6_gre: Use cached t->net in ip6erspan_changelink(). After commit 5e72ce3e3980 ("net: ipv6: Use link netns in newlink() of rtnl_link_ops"), ip6erspan_newlink() correctly resolves ...
CVE-2026-46119
- EPSS 0.53%
- Veröffentlicht 28.05.2026 09:35:34
- Zuletzt bearbeitet 24.06.2026 16:51:46
In the Linux kernel, the following vulnerability has been resolved: libceph: Fix slab-out-of-bounds access in auth message processing If a (potentially corrupted) message of type CEPH_MSG_AUTH_REPLY contains a positive value in its result field, it...
CVE-2026-46118
- EPSS 0.12%
- Veröffentlicht 28.05.2026 09:35:33
- Zuletzt bearbeitet 24.06.2026 16:59:50
In the Linux kernel, the following vulnerability has been resolved: pseries/papr-hvpipe: Fix null ptr deref in papr_hvpipe_dev_create_handle() commit 6d3789d347a7 ("papr-hvpipe: convert papr_hvpipe_dev_create_handle() to FD_PREPARE()"), changed the...
CVE-2026-46117
- EPSS 0.13%
- Veröffentlicht 28.05.2026 09:35:32
- Zuletzt bearbeitet 30.06.2026 03:20:08
In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Remove user triggerable WARN_ON() in mana_ib_create_qp_rss() Sashiko points out that the user can specify WQs sharing the same CQ as a part of the uAPI and this will tri...
CVE-2026-46116
- EPSS 0.13%
- Veröffentlicht 28.05.2026 09:35:30
- Zuletzt bearbeitet 07.07.2026 12:16:52
In the Linux kernel, the following vulnerability has been resolved: xfrm: defensively unhash xfrm_state lists in __xfrm_state_delete KASAN reproduces a slab-use-after-free in __xfrm_state_delete()'s hlist_del_rcu calls under syzkaller load on linux...
CVE-2026-46115
- EPSS 0.49%
- Veröffentlicht 28.05.2026 09:35:26
- Zuletzt bearbeitet 24.06.2026 17:00:06
In the Linux kernel, the following vulnerability has been resolved: block: add pgmap check to biovec_phys_mergeable biovec_phys_mergeable() is used by the request merge, DMA mapping, and integrity merge paths to decide if two physically contiguous ...