CVE-2026-43386
- EPSS 0.13%
- Veröffentlicht 08.05.2026 14:21:32
- Zuletzt bearbeitet 26.05.2026 16:03:02
In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix potential out-of-bounds read in rtw_restruct_wmm_ie The current code checks 'i + 5 < in_len' at the end of the if statement. However, it accesses 'in_ie[i +...
CVE-2026-43382
- EPSS 0.1%
- Veröffentlicht 08.05.2026 14:21:30
- Zuletzt bearbeitet 26.05.2026 17:15:10
In the Linux kernel, the following vulnerability has been resolved: batman-adv: Avoid double-rtnl_lock ELP metric worker batadv_v_elp_get_throughput() might be called when the RTNL lock is already held. This could be problematic when the work queue...
CVE-2026-43383
- EPSS 0.44%
- Veröffentlicht 08.05.2026 14:21:30
- Zuletzt bearbeitet 26.05.2026 17:07:21
In the Linux kernel, the following vulnerability has been resolved: net/tcp-md5: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this.
CVE-2026-43381
- EPSS 0.12%
- Veröffentlicht 08.05.2026 14:21:29
- Zuletzt bearbeitet 26.05.2026 17:17:15
In the Linux kernel, the following vulnerability has been resolved: nouveau/dpcd: return EBUSY for aux xfer if the device is asleep If we have runtime suspended, and userspace wants to use /dev/drm_dp_* then just tell it the device is busy instead ...
CVE-2026-43378
- EPSS 0.31%
- Veröffentlicht 08.05.2026 14:21:27
- Zuletzt bearbeitet 20.05.2026 17:16:22
In the Linux kernel, the following vulnerability has been resolved: smb: server: fix use-after-free in smb2_open() The opinfo pointer obtained via rcu_dereference(fp->f_opinfo) is dereferenced after rcu_read_unlock(), creating a use-after-free wind...
CVE-2026-43373
- EPSS 0.5%
- Veröffentlicht 08.05.2026 14:21:23
- Zuletzt bearbeitet 15.05.2026 15:16:52
In the Linux kernel, the following vulnerability has been resolved: net: ncsi: fix skb leak in error paths Early return paths in NCSI RX and AEN handlers fail to release the received skb, resulting in a memory leak. Specifically, ncsi_aen_handler(...
CVE-2026-43370
- EPSS 0.13%
- Veröffentlicht 08.05.2026 14:21:21
- Zuletzt bearbeitet 15.05.2026 15:18:18
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix use-after-free race in VM acquire Replace non-atomic vm->process_info assignment with cmpxchg() to prevent race when parent/child processes sharing a drm_file both ...
CVE-2026-43362
- EPSS 0.22%
- Veröffentlicht 08.05.2026 14:21:16
- Zuletzt bearbeitet 15.05.2026 16:13:54
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix in-place encryption corruption in SMB2_write() SMB2_write() places write payload in iov[1..n] as part of rq_iov. smb3_init_transform_rq() pointer-shares rq_iov, so...
CVE-2026-43363
- EPSS 0.12%
- Veröffentlicht 08.05.2026 14:21:16
- Zuletzt bearbeitet 15.05.2026 16:14:25
In the Linux kernel, the following vulnerability has been resolved: x86/apic: Disable x2apic on resume if the kernel expects so When resuming from s2ram, firmware may re-enable x2apic mode, which may have been disabled by the kernel during boot eit...
CVE-2026-43361
- EPSS 0.12%
- Veröffentlicht 08.05.2026 14:21:15
- Zuletzt bearbeitet 15.05.2026 13:29:54
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix transaction abort when snapshotting received subvolumes Currently a user can trigger a transaction abort by snapshotting a previously received snapshot a bunch of times ...