CVE-2026-53269
- EPSS 0.12%
- Veröffentlicht 25.06.2026 08:39:55
- Zuletzt bearbeitet 08.07.2026 04:01:49
In the Linux kernel, the following vulnerability has been resolved: netfilter: synproxy: add mutex to guard hook reference counting As the synproxy infrastructure register netfilter hooks on-demand when a user adds the first iptables target or nfta...
CVE-2026-53268
- EPSS 0.36%
- Veröffentlicht 25.06.2026 08:39:54
- Zuletzt bearbeitet 08.07.2026 04:01:54
In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack_irc: fix possible out-of-bounds read When parsing fails after we've matched the command string we should bail out instead of trying to match a different comman...
CVE-2026-53267
- EPSS 0.13%
- Veröffentlicht 25.06.2026 08:39:53
- Zuletzt bearbeitet 08.07.2026 04:01:59
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_ct: bail out on template ct in get eval I noticed this issue while looking at a historic syzbot report [1]. A rule like the one below is enough to trigger the bug: ...
CVE-2026-53266
- EPSS 0.13%
- Veröffentlicht 25.06.2026 08:39:53
- Zuletzt bearbeitet 08.07.2026 04:02:04
In the Linux kernel, the following vulnerability has been resolved: netfilter: bridge: make ebt_snat ARP rewrite writable The ebtables SNAT target keeps the Ethernet source address rewrite behind skb_ensure_writable(skb, 0). This is intentional: a...
CVE-2026-53264
- EPSS 0.13%
- Veröffentlicht 25.06.2026 08:39:51
- Zuletzt bearbeitet 08.07.2026 04:02:13
In the Linux kernel, the following vulnerability has been resolved: net/sched: act_api: use RCU with deferred freeing for action lifecycle When NEWTFILTER and DELFILTER are run concurrently it is possible to create a race with an associated action....
CVE-2026-53263
- EPSS 0.12%
- Veröffentlicht 25.06.2026 08:39:51
- Zuletzt bearbeitet 08.07.2026 04:02:17
In the Linux kernel, the following vulnerability has been resolved: 6lowpan: fix off-by-one in multicast context address compression The second memcpy in lowpan_iphc_mcast_ctx_addr_compress() uses &data[1] as destination and &ipaddr->s6_addr[11] as...
CVE-2026-53262
- EPSS 0.13%
- Veröffentlicht 25.06.2026 08:39:50
- Zuletzt bearbeitet 08.07.2026 15:15:55
In the Linux kernel, the following vulnerability has been resolved: l2tp: pppol2tp: hold reference to session in pppol2tp_ioctl() pppol2tp_ioctl() read sock->sk->sk_user_data directly without any locks or reference counting. If a controllable slee...
CVE-2026-53261
- EPSS 0.12%
- Veröffentlicht 25.06.2026 08:39:49
- Zuletzt bearbeitet 08.07.2026 15:17:32
In the Linux kernel, the following vulnerability has been resolved: devlink: Release nested relation on devlink free devlink relation state is normally released from devl_unregister(), which calls devlink_rel_put(). This misses devlink instances th...
CVE-2026-53260
- EPSS 0.35%
- Veröffentlicht 25.06.2026 08:39:49
- Zuletzt bearbeitet 08.07.2026 15:25:49
In the Linux kernel, the following vulnerability has been resolved: tcp: Add preempt_{disable,enable}_nested() in reqsk_queue_hash_req(). syzbot reported a weird reqsk->rsk_refcnt underflow in __inet_csk_reqsk_queue_drop(). The captured reqsk_put(...
CVE-2026-53258
- EPSS 0.12%
- Veröffentlicht 25.06.2026 08:39:47
- Zuletzt bearbeitet 08.07.2026 16:40:07
In the Linux kernel, the following vulnerability has been resolved: wifi: fix leak if split 6 GHz scanning fails rdev->int_scan_req is leaked if cfg80211_scan() fails. Note that it's supposed to be released at ___cfg80211_scan_done() but this does...