CVE-2026-31679
- EPSS 0.12%
- Veröffentlicht 25.04.2026 08:46:55
- Zuletzt bearbeitet 06.05.2026 21:25:09
In the Linux kernel, the following vulnerability has been resolved: openvswitch: validate MPLS set/set_masked payload length validate_set() accepted OVS_KEY_ATTR_MPLS as variable-sized payload for SET/SET_MASKED actions. In action handling, OVS exp...
CVE-2026-31678
- EPSS 0.1%
- Veröffentlicht 25.04.2026 08:46:54
- Zuletzt bearbeitet 06.05.2026 21:28:02
In the Linux kernel, the following vulnerability has been resolved: openvswitch: defer tunnel netdev_put to RCU release ovs_netdev_tunnel_destroy() may run after NETDEV_UNREGISTER already detached the device. Dropping the netdev reference in destro...
CVE-2026-31677
- EPSS 0.11%
- Veröffentlicht 25.04.2026 08:46:53
- Zuletzt bearbeitet 06.05.2026 21:29:38
In the Linux kernel, the following vulnerability has been resolved: crypto: af_alg - limit RX SG extraction by receive buffer budget Make af_alg_get_rsgl() limit each RX scatterlist extraction to the remaining receive buffer budget. af_alg_get_rsg...
CVE-2026-31676
- EPSS 0.39%
- Veröffentlicht 25.04.2026 08:46:52
- Zuletzt bearbeitet 01.06.2026 17:16:55
In the Linux kernel, the following vulnerability has been resolved: rxrpc: only handle RESPONSE during service challenge Only process RESPONSE packets while the service connection is still in RXRPC_CONN_SERVICE_CHALLENGING. Check that state under s...
CVE-2026-31675
- EPSS 0.13%
- Veröffentlicht 25.04.2026 08:46:51
- Zuletzt bearbeitet 06.05.2026 21:33:21
In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_netem: fix out-of-bounds access in packet corruption In netem_enqueue(), the packet corruption logic uses get_random_u32_below(skb_headlen(skb)) to select an index f...
CVE-2026-31674
- EPSS 0.12%
- Veröffentlicht 25.04.2026 08:46:50
- Zuletzt bearbeitet 06.05.2026 21:34:51
In the Linux kernel, the following vulnerability has been resolved: netfilter: ip6t_rt: reject oversized addrnr in rt_mt6_check() Reject rt match rules whose addrnr exceeds IP6T_RT_HOPS. rt_mt6() expects addrnr to stay within the bounds of rtinfo-...
CVE-2026-31673
- EPSS 0.12%
- Veröffentlicht 25.04.2026 08:46:49
- Zuletzt bearbeitet 01.06.2026 17:16:55
In the Linux kernel, the following vulnerability has been resolved: af_unix: read UNIX_DIAG_VFS data under unix_state_lock Exact UNIX diag lookups hold a reference to the socket, but not to u->path. Meanwhile, unix_release_sock() clears u->path und...
CVE-2026-31672
- EPSS 0.11%
- Veröffentlicht 24.04.2026 14:45:19
- Zuletzt bearbeitet 27.04.2026 20:11:49
In the Linux kernel, the following vulnerability has been resolved: wifi: rt2x00usb: fix devres lifetime USB drivers bind to USB interfaces and any device managed resources should have their lifetime tied to the interface rather than parent USB dev...
CVE-2026-31671
- EPSS 0.11%
- Veröffentlicht 24.04.2026 14:45:18
- Zuletzt bearbeitet 27.04.2026 20:11:39
In the Linux kernel, the following vulnerability has been resolved: xfrm_user: fix info leak in build_report() struct xfrm_user_report is a __u8 proto field followed by a struct xfrm_selector which means there is three "empty" bytes of padding, but...
CVE-2026-31669
- EPSS 0.4%
- Veröffentlicht 24.04.2026 14:45:17
- Zuletzt bearbeitet 27.04.2026 20:09:25
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix slab-use-after-free in __inet_lookup_established The ehash table lookups are lockless and rely on SLAB_TYPESAFE_BY_RCU to guarantee socket memory stability during RCU re...