CVE-2026-45836
- EPSS 0.12%
- Veröffentlicht 26.05.2026 16:14:13
- Zuletzt bearbeitet 26.06.2026 19:01:35
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_get_sndtimeo_cb() Add the same NULL guard already present in l2cap_sock_resume_cb() and l2cap_sock_ready_cb().
CVE-2026-45835
- EPSS 0.12%
- Veröffentlicht 26.05.2026 16:14:12
- Zuletzt bearbeitet 26.06.2026 19:01:20
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_new_connection_cb() Add the same NULL guard already present in l2cap_sock_resume_cb() and l2cap_sock_ready_cb().
CVE-2026-45834
- EPSS 0.12%
- Veröffentlicht 26.05.2026 16:14:11
- Zuletzt bearbeitet 26.06.2026 18:57:39
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_state_change_cb() Add the same NULL guard already present in l2cap_sock_resume_cb() and l2cap_sock_ready_cb().
CVE-2026-46300
- EPSS 3.66%
- Veröffentlicht 23.05.2026 11:44:02
- Zuletzt bearbeitet 10.07.2026 12:17:03
In the Linux kernel, the following vulnerability has been resolved: net: skbuff: preserve shared-frag marker during coalescing skb_try_coalesce() can attach paged frags from @from to @to. If @from has SKBFL_SHARED_FRAG set, the resulting @to skb c...
CVE-2026-43503
- EPSS 0.14%
- Veröffentlicht 23.05.2026 11:44:01
- Zuletzt bearbeitet 02.07.2026 12:17:20
In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through frag-transfer helpers Two frag-transfer helpers (__pskb_copy_fclone() and skb_shift()) fail to propagate the SKBFL_SHARED_FRAG bit...
CVE-2026-43502
- EPSS 0.12%
- Veröffentlicht 21.05.2026 12:17:50
- Zuletzt bearbeitet 26.06.2026 17:28:25
In the Linux kernel, the following vulnerability has been resolved: net/rds: handle zerocopy send cleanup before the message is queued A zerocopy send can fail after user pages have been pinned but before the message is attached to the sending sock...
- EPSS 0.13%
- Veröffentlicht 21.05.2026 12:17:49
- Zuletzt bearbeitet 08.07.2026 23:16:54
In the Linux kernel, the following vulnerability has been resolved: rtmutex: Use waiter::task instead of current in remove_waiter() remove_waiter() is used by the slowlock paths, but it is also used for proxy-lock rollback in rt_mutex_start_proxy_l...
CVE-2026-43501
- EPSS 0.48%
- Veröffentlicht 21.05.2026 12:17:49
- Zuletzt bearbeitet 02.07.2026 12:17:19
In the Linux kernel, the following vulnerability has been resolved: ipv6: rpl: reserve mac_len headroom when recompressed SRH grows ipv6_rpl_srh_rcv() decompresses an RFC 6554 Source Routing Header, swaps the next segment into ipv6_hdr->daddr, reco...
CVE-2026-43497
- EPSS 0.11%
- Veröffentlicht 21.05.2026 12:12:47
- Zuletzt bearbeitet 26.06.2026 17:29:05
In the Linux kernel, the following vulnerability has been resolved: fbdev: udlfb: add vm_ops to dlfb_ops_mmap to prevent use-after-free dlfb_ops_mmap() uses remap_pfn_range() to map vmalloc framebuffer pages to userspace but sets no vm_ops on the V...
CVE-2026-43496
- EPSS 0.12%
- Veröffentlicht 21.05.2026 12:12:46
- Zuletzt bearbeitet 26.06.2026 17:29:09
In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_red: Replace direct dequeue call with peek and qdisc_dequeue_peeked When red qdisc has children (eg qfq qdisc) whose peek() callback is qdisc_peek_dequeued(), we cou...