CVE-2026-53218
- EPSS 0.13%
- Veröffentlicht 25.06.2026 08:39:21
- Zuletzt bearbeitet 02.07.2026 20:52:26
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_exthdr: fix register tracking for F_PRESENT flag nft_exthdr_init() passes user-controlled priv->len to nft_parse_register_store(), which marks that many bytes in the...
CVE-2026-53217
- EPSS 0.4%
- Veröffentlicht 25.06.2026 08:39:20
- Zuletzt bearbeitet 02.07.2026 20:52:31
In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: sync RX data at the hardware packet offset mvpp2 programs the RX queue packet offset, so hardware writes received data at dma_addr + MVPP2_SKB_HEADROOM. The current CPU...
CVE-2026-53216
- EPSS 0.55%
- Veröffentlicht 25.06.2026 08:39:19
- Zuletzt bearbeitet 02.07.2026 20:52:36
In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: limit XDP frame size to the RX buffer mvpp2 has short and long BM pools, and short pool buffers can be smaller than PAGE_SIZE. The XDP path nevertheless initializes eve...
CVE-2026-53215
- EPSS 0.55%
- Veröffentlicht 25.06.2026 08:39:18
- Zuletzt bearbeitet 02.07.2026 20:52:41
In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: refill RX buffers before XDP or skb use The RX error path returns the current descriptor buffer to the hardware BM pool. That is only valid while the driver still owns ...
CVE-2026-53213
- EPSS 0.13%
- Veröffentlicht 25.06.2026 08:39:17
- Zuletzt bearbeitet 02.07.2026 20:52:56
In the Linux kernel, the following vulnerability has been resolved: drm/vc4: fix krealloc() memory leak Don't just overwrite the original pointer passed to krealloc() with its return value without checking latter: MEM = krealloc(MEM, SZ, GFP);...
CVE-2026-53212
- EPSS 0.13%
- Veröffentlicht 25.06.2026 08:39:16
- Zuletzt bearbeitet 02.07.2026 20:53:00
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_tunnel: fix use-after-free on object destroy nft_tunnel_obj_destroy() calls metadata_dst_free() which directly kfree()s the metadata_dst, ignoring the dst_entry refc...
CVE-2026-53209
- EPSS 0.14%
- Veröffentlicht 25.06.2026 08:39:14
- Zuletzt bearbeitet 02.07.2026 20:54:10
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sync: reject oversized Broadcast Announcement prepend Existing advertising instances can already hold the maximum extended advertising payload. When hci_adv_bcast_an...
CVE-2026-53208
- EPSS 0.12%
- Veröffentlicht 25.06.2026 08:39:14
- Zuletzt bearbeitet 02.07.2026 20:55:04
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: reject BR/EDR signaling packets over MTUsig net/bluetooth/l2cap_core.c:l2cap_sig_channel() accepts BR/EDR signaling packets up to the channel MTU and dispatches e...
CVE-2026-53207
- EPSS 0.1%
- Veröffentlicht 25.06.2026 08:39:13
- Zuletzt bearbeitet 02.07.2026 20:55:07
In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: fix hugetlb_lock AA deadlock in get_huge_page_for_hwpoison Two concurrent madvise(MADV_HWPOISON) calls on the same hugetlb page can trigger a recursive spinlock ...
CVE-2026-53199
- EPSS 0.53%
- Veröffentlicht 25.06.2026 08:39:08
- Zuletzt bearbeitet 06.07.2026 12:32:29
In the Linux kernel, the following vulnerability has been resolved: hv_netvsc: use kmap_local_page in netvsc_copy_to_send_buf netvsc_copy_to_send_buf() copies page buffer entries into the VMBus send buffer using phys_to_virt() on the entry PFN. Ent...