CVE-2026-23401
- EPSS 0.18%
- Veröffentlicht 01.04.2026 08:36:32
- Zuletzt bearbeitet 08.07.2026 13:16:30
In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE When installing an emulated MMIO SPTE, do so *after* dropping/zapping the existing SPTE (if it's shadow...
CVE-2026-23399
- EPSS 0.12%
- Veröffentlicht 28.03.2026 07:16:09
- Zuletzt bearbeitet 01.06.2026 17:16:45
In the Linux kernel, the following vulnerability has been resolved: nf_tables: nft_dynset: fix possible stateful expression memleak in error path If cloning the second stateful expression in the element via GFP_ATOMIC fails, then the first stateful...
CVE-2026-23398
- EPSS 0.11%
- Veröffentlicht 26.03.2026 10:22:50
- Zuletzt bearbeitet 24.04.2026 15:17:53
In the Linux kernel, the following vulnerability has been resolved: icmp: fix NULL pointer dereference in icmp_tag_validation() icmp_tag_validation() unconditionally dereferences the result of rcu_dereference(inet_protos[proto]) without checking fo...
CVE-2026-23396
- EPSS 0.11%
- Veröffentlicht 26.03.2026 10:22:49
- Zuletzt bearbeitet 24.04.2026 15:18:27
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix NULL deref in mesh_matches_local() mesh_matches_local() unconditionally dereferences ie->mesh_config to compare mesh configuration parameters. When called from ...
CVE-2026-23397
- EPSS 0.12%
- Veröffentlicht 26.03.2026 10:22:49
- Zuletzt bearbeitet 24.04.2026 15:18:09
In the Linux kernel, the following vulnerability has been resolved: nfnetlink_osf: validate individual option lengths in fingerprints nfnl_osf_add_callback() validates opt_num bounds and string NUL-termination but does not check individual option l...
CVE-2026-23394
- EPSS 0.09%
- Veröffentlicht 25.03.2026 10:33:18
- Zuletzt bearbeitet 01.06.2026 17:16:45
In the Linux kernel, the following vulnerability has been resolved: af_unix: Give up GC if MSG_PEEK intervened. Igor Ushakov reported that GC purged the receive queue of an alive socket due to a race with MSG_PEEK with a nice repro. This is the ex...
CVE-2026-23395
- EPSS 0.25%
- Veröffentlicht 25.03.2026 10:33:18
- Zuletzt bearbeitet 24.04.2026 15:20:17
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix accepting multiple L2CAP_ECRED_CONN_REQ Currently the code attempts to accept requests regardless of the command identifier which may cause multiple requests ...
CVE-2026-23393
- EPSS 0.1%
- Veröffentlicht 25.03.2026 10:33:17
- Zuletzt bearbeitet 24.04.2026 18:39:39
In the Linux kernel, the following vulnerability has been resolved: bridge: cfm: Fix race condition in peer_mep deletion When a peer MEP is being deleted, cancel_delayed_work_sync() is called on ccm_rx_dwork before freeing. However, br_cfm_frame_rx...
CVE-2026-23392
- EPSS 0.12%
- Veröffentlicht 25.03.2026 10:33:16
- Zuletzt bearbeitet 24.04.2026 18:39:15
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: release flowtable after rcu grace period on error Call synchronize_rcu() after unregistering the hooks from error path, since a hook that already refers to th...
CVE-2026-23391
- EPSS 0.12%
- Veröffentlicht 25.03.2026 10:33:15
- Zuletzt bearbeitet 24.04.2026 18:38:57
In the Linux kernel, the following vulnerability has been resolved: netfilter: xt_CT: drop pending enqueued packets on template removal Templates refer to objects that can go away while packets are sitting in nfqueue refer to: - helper, this can b...