CVE-2026-46172
- EPSS 0.13%
- Veröffentlicht 28.05.2026 09:36:26
- Zuletzt bearbeitet 10.06.2026 21:12:54
In the Linux kernel, the following vulnerability has been resolved: ipv6: xfrm6: release dst on error in xfrm6_rcv_encap() xfrm6_rcv_encap() performs an IPv6 route lookup when the skb does not already have a dst attached. ip6_route_input_lookup() r...
CVE-2026-46170
- EPSS 0.13%
- Veröffentlicht 28.05.2026 09:36:25
- Zuletzt bearbeitet 11.06.2026 12:19:56
In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: ADD_ADDR rtx: free sk if last When an ADD_ADDR is retransmitted, the sk is held in sk_reset_timer(), and released at the end. If at that moment, it was the last referen...
CVE-2026-46171
- EPSS 0.13%
- Veröffentlicht 28.05.2026 09:36:25
- Zuletzt bearbeitet 11.06.2026 12:19:22
In the Linux kernel, the following vulnerability has been resolved: riscv: kvm: fix vector context allocation leak When the second kzalloc (host_context.vector.datap) fails in kvm_riscv_vcpu_alloc_vector_context, the first allocation (guest_context...
CVE-2026-46169
- EPSS 0.13%
- Veröffentlicht 28.05.2026 09:36:24
- Zuletzt bearbeitet 11.06.2026 12:56:33
In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix uninit-value by validating catalog record size Syzbot reported a KMSAN uninit-value issue in hfsplus_strcasecmp(). The root cause is that hfs_brec_read() doesn't valid...
CVE-2026-46168
- EPSS 0.13%
- Veröffentlicht 28.05.2026 09:36:23
- Zuletzt bearbeitet 10.06.2026 21:14:43
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix scheduling with atomic in timestamp sockopt Using lock_sock_fast() (atomic context) around sock_set_timestamp() and sock_set_timestamping() is unsafe, as both helpers ca...
CVE-2026-46167
- EPSS 0.13%
- Veröffentlicht 28.05.2026 09:36:22
- Zuletzt bearbeitet 10.06.2026 21:14:35
In the Linux kernel, the following vulnerability has been resolved: usb: usblp: fix uninitialized heap leak via LPGETSTATUS ioctl Just like in a previous problem in this driver, usblp_ctrl_msg() will collapse the usb_control_msg() return value to 0...
CVE-2026-46166
- EPSS 0.2%
- Veröffentlicht 28.05.2026 09:36:21
- Zuletzt bearbeitet 09.07.2026 13:17:21
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: use safe list iteration in radar detect work The call to ieee80211_dfs_cac_cancel can cause the iterated chanctx to be freed and removed from the list. Guard agains...
CVE-2026-46165
- EPSS 0.1%
- Veröffentlicht 28.05.2026 09:36:20
- Zuletzt bearbeitet 10.06.2026 21:14:22
In the Linux kernel, the following vulnerability has been resolved: openvswitch: vport: fix self-deadlock on release of tunnel ports vports are used concurrently and protected by RCU, so netdev_put() must happen after the RCU grace period. So, eit...
- EPSS 0.14%
- Veröffentlicht 28.05.2026 09:36:19
- Zuletzt bearbeitet 10.06.2026 21:14:05
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix double free in create_space_info_sub_group() error path When kobject_init_and_add() fails, the call chain is: create_space_info_sub_group() -> btrfs_sysfs_add_space_inf...
CVE-2026-46163
- EPSS 0.13%
- Veröffentlicht 28.05.2026 09:36:18
- Zuletzt bearbeitet 10.06.2026 21:13:41
In the Linux kernel, the following vulnerability has been resolved: wifi: b43legacy: enforce bounds check on firmware key index in RX path Same fix as b43: the firmware-controlled key index in b43legacy_rx() can exceed dev->max_nr_keys. The existin...