CVE-2026-23434
- EPSS 0.13%
- Veröffentlicht 03.04.2026 15:15:19
- Zuletzt bearbeitet 27.04.2026 14:16:32
In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: serialize lock/unlock against other NAND operations nand_lock() and nand_unlock() call into chip->ops.lock_area/unlock_area without holding the NAND device lock. On c...
CVE-2026-23427
- EPSS 0.29%
- Veröffentlicht 03.04.2026 15:15:14
- Zuletzt bearbeitet 27.04.2026 14:16:32
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in durable v2 replay of active file handles parse_durable_handle_context() unconditionally assigns dh_info->fp->conn to the current connection when handli...
CVE-2026-23428
- EPSS 0.33%
- Veröffentlicht 03.04.2026 15:15:14
- Zuletzt bearbeitet 27.04.2026 14:16:32
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free of share_conf in compound request smb2_get_ksmbd_tcon() reuses work->tcon in compound requests without validating tcon->t_state. ksmbd_tree_conn_lookup() ...
CVE-2026-23426
- EPSS 0.12%
- Veröffentlicht 03.04.2026 13:24:34
- Zuletzt bearbeitet 23.04.2026 21:04:06
In the Linux kernel, the following vulnerability has been resolved: drm/logicvc: Fix device node reference leak in logicvc_drm_config_parse() The logicvc_drm_config_parse() function calls of_get_child_by_name() to find the "layers" node but fails t...
CVE-2026-23422
- EPSS 0.12%
- Veröffentlicht 03.04.2026 13:24:31
- Zuletzt bearbeitet 24.04.2026 15:21:10
In the Linux kernel, the following vulnerability has been resolved: dpaa2-switch: Fix interrupt storm after receiving bad if_id in IRQ handler Commit 31a7a0bbeb00 ("dpaa2-switch: add bounds check for if_id in IRQ handler") introduces a range check ...
CVE-2026-23420
- EPSS 0.09%
- Veröffentlicht 03.04.2026 13:24:29
- Zuletzt bearbeitet 24.04.2026 15:21:23
In the Linux kernel, the following vulnerability has been resolved: wifi: wlcore: Fix a locking bug Make sure that wl->mutex is locked before it is unlocked. This has been detected by the Clang thread-safety analyzer.
CVE-2026-23419
- EPSS 0.18%
- Veröffentlicht 03.04.2026 13:24:23
- Zuletzt bearbeitet 27.04.2026 14:16:31
In the Linux kernel, the following vulnerability has been resolved: net/rds: Fix circular locking dependency in rds_tcp_tune syzbot reported a circular locking dependency in rds_tcp_tune() where sk_net_refcnt_upgrade() is called while holding the s...
CVE-2026-23417
- EPSS 0.12%
- Veröffentlicht 02.04.2026 11:40:57
- Zuletzt bearbeitet 24.04.2026 15:21:51
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix constant blinding for PROBE_MEM32 stores BPF_ST | BPF_PROBE_MEM32 immediate stores are not handled by bpf_jit_blind_insn(), allowing user-controlled 32-bit immediates to s...
CVE-2026-23414
- EPSS 0.24%
- Veröffentlicht 02.04.2026 11:40:55
- Zuletzt bearbeitet 27.04.2026 14:16:31
In the Linux kernel, the following vulnerability has been resolved: tls: Purge async_hold in tls_decrypt_async_wait() The async_hold queue pins encrypted input skbs while the AEAD engine references their scatterlist data. Once tls_decrypt_async_wai...
CVE-2026-23413
- EPSS 0.12%
- Veröffentlicht 02.04.2026 11:40:54
- Zuletzt bearbeitet 27.04.2026 14:16:31
In the Linux kernel, the following vulnerability has been resolved: clsact: Fix use-after-free in init/destroy rollback asymmetry Fix a use-after-free in the clsact qdisc upon init/destroy rollback asymmetry. The latter is achieved by first fully i...