CVE-2026-46140
- EPSS 0.13%
- Veröffentlicht 28.05.2026 09:35:56
- Zuletzt bearbeitet 04.07.2026 12:16:56
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btmtk: validate WMT event SKB length before struct access btmtk_usb_hci_wmt_sync() casts the WMT event response SKB data to struct btmtk_hci_wmt_evt (7 bytes) and struct...
CVE-2026-46139
- EPSS 0.12%
- Veröffentlicht 28.05.2026 09:35:55
- Zuletzt bearbeitet 24.06.2026 17:26:46
In the Linux kernel, the following vulnerability has been resolved: smb: client: use kzalloc to zero-initialize security descriptor buffer Commit 62e7dd0a39c2d ("smb: common: change the data type of num_aces to le16") split struct smb_acl's __le32 ...
CVE-2026-46138
- EPSS 0.28%
- Veröffentlicht 28.05.2026 09:35:54
- Zuletzt bearbeitet 24.06.2026 17:27:56
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: Fix OOB read and infinite loop in hci_le_create_big_complete_evt hci_le_create_big_complete_evt() iterates over BT_BOUND connections for a BIG handle using a ...
CVE-2026-46137
- EPSS 0.43%
- Veröffentlicht 28.05.2026 09:35:53
- Zuletzt bearbeitet 24.06.2026 17:32:53
In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: ADD_ADDR rtx: fix potential data-race This mptcp_pm_add_timer() helper is executed as a timer callback in softirq context. To avoid any data races, the socket lock needs...
CVE-2026-46136
- EPSS 0.13%
- Veröffentlicht 28.05.2026 09:35:52
- Zuletzt bearbeitet 24.06.2026 17:40:12
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: fix a potential clc buffer length underflow The buf_len is used to limit the iterations for retrieving the country power setting and may underflow under certain...
CVE-2026-46135
- EPSS 0.35%
- Veröffentlicht 28.05.2026 09:35:49
- Zuletzt bearbeitet 04.07.2026 12:16:56
In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: fix race between ICReq handling and queue teardown nvmet_tcp_handle_icreq() updates queue->state after sending an Initialization Connection Response (ICResp), but it doe...
CVE-2026-46132
- EPSS 0.13%
- Veröffentlicht 28.05.2026 09:35:47
- Zuletzt bearbeitet 24.06.2026 17:51:37
In the Linux kernel, the following vulnerability has been resolved: net: rtnetlink: zero ifla_vf_broadcast to avoid stack infoleak in rtnl_fill_vfinfo rtnl_fill_vfinfo() declares struct ifla_vf_broadcast on the stack without initialisation: struc...
CVE-2026-46133
- EPSS 0.57%
- Veröffentlicht 28.05.2026 09:35:47
- Zuletzt bearbeitet 24.06.2026 17:50:36
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Reject unknown opcodes before ICRC processing Even after applying commit 7244491dab34 ("RDMA/rxe: Validate pad and ICRC before payload_size() in rxe_rcv"), a single unaut...
CVE-2026-46131
- EPSS 0.13%
- Veröffentlicht 28.05.2026 09:35:46
- Zuletzt bearbeitet 24.06.2026 17:52:24
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: check for nEPT/nNPT in slow flush hypercalls Checking is_guest_mode(vcpu) is incorrect, because translate_nested_gpa() is only valid if an L2 guest is running *with neste...
CVE-2026-46130
- EPSS 0.12%
- Veröffentlicht 28.05.2026 09:35:45
- Zuletzt bearbeitet 24.06.2026 17:54:07
In the Linux kernel, the following vulnerability has been resolved: dm-verity-fec: fix reading parity bytes split across blocks (take 3) fec_decode_bufs() assumes that the parity bytes of the first RS codeword it decodes are never split across pari...