CVE-2026-31432
- EPSS 0.51%
- Veröffentlicht 22.04.2026 08:15:10
- Zuletzt bearbeitet 21.05.2026 17:28:57
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix OOB write in QUERY_INFO for compound requests When a compound request such as READ + QUERY_INFO(Security) is received, and the first command (READ) consumes most of the ...
CVE-2026-31429
- EPSS 0.26%
- Veröffentlicht 20.04.2026 09:43:03
- Zuletzt bearbeitet 20.05.2026 19:23:01
In the Linux kernel, the following vulnerability has been resolved: net: skb: fix cross-cache free of KFENCE-allocated skb head SKB_SMALL_HEAD_CACHE_SIZE is intentionally set to a non-power-of-2 value (e.g. 704 on x86_64) to avoid collisions with g...
CVE-2026-31430
- EPSS 0.08%
- Veröffentlicht 20.04.2026 09:43:03
- Zuletzt bearbeitet 21.05.2026 15:28:28
In the Linux kernel, the following vulnerability has been resolved: X.509: Fix out-of-bounds access when parsing extensions Leo reports an out-of-bounds access when parsing a certificate with empty Basic Constraints or Key Usage extension because t...
CVE-2026-31427
- EPSS 0.12%
- Veröffentlicht 13.04.2026 13:40:30
- Zuletzt bearbeitet 20.05.2026 19:27:17
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_sip: fix use of uninitialized rtp_addr in process_sdp process_sdp() declares union nf_inet_addr rtp_addr on the stack and passes it to the nf_nat_sip sdp_se...
CVE-2026-31428
- EPSS 0.12%
- Veröffentlicht 13.04.2026 13:40:30
- Zuletzt bearbeitet 20.05.2026 19:24:58
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink_log: fix uninitialized padding leak in NFULA_PAYLOAD __build_packet_message() manually constructs the NFULA_PAYLOAD netlink attribute using skb_put() and skb_c...
- EPSS 0.11%
- Veröffentlicht 13.04.2026 13:40:29
- Zuletzt bearbeitet 20.05.2026 17:55:22
In the Linux kernel, the following vulnerability has been resolved: ACPI: EC: clean up handlers on probe failure in acpi_ec_setup() When ec_install_handlers() returns -EPROBE_DEFER on reduced-hardware platforms, it has already started the EC and in...
CVE-2026-31425
- EPSS 0.11%
- Veröffentlicht 13.04.2026 13:40:28
- Zuletzt bearbeitet 20.05.2026 17:56:52
In the Linux kernel, the following vulnerability has been resolved: rds: ib: reject FRMR registration before IB connection is established rds_ib_get_mr() extracts the rds_ib_connection from conn->c_transport_data and passes it to rds_ib_reg_frmr() ...
CVE-2026-31424
- EPSS 0.12%
- Veröffentlicht 13.04.2026 13:40:27
- Zuletzt bearbeitet 20.05.2026 18:01:27
In the Linux kernel, the following vulnerability has been resolved: netfilter: x_tables: restrict xt_check_match/xt_check_target extensions for NFPROTO_ARP Weiming Shi says: xt_match and xt_target structs registered with NFPROTO_UNSPEC can be load...
CVE-2026-31423
- EPSS 0.12%
- Veröffentlicht 13.04.2026 13:40:26
- Zuletzt bearbeitet 20.05.2026 18:06:31
In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_hfsc: fix divide-by-zero in rtsc_min() m2sm() converts a u32 slope to a u64 scaled value. For large inputs (e.g. m1=4000000000), the result can reach 2^32. rtsc_mi...
CVE-2026-31421
- EPSS 0.11%
- Veröffentlicht 13.04.2026 13:40:25
- Zuletzt bearbeitet 20.05.2026 18:10:34
In the Linux kernel, the following vulnerability has been resolved: net/sched: cls_fw: fix NULL pointer dereference on shared blocks The old-method path in fw_classify() calls tcf_block_q() and dereferences q->handle. Shared blocks leave block->q ...