CVE-2026-31674
- EPSS 0.12%
- Veröffentlicht 25.04.2026 08:46:50
- Zuletzt bearbeitet 06.05.2026 21:34:51
In the Linux kernel, the following vulnerability has been resolved: netfilter: ip6t_rt: reject oversized addrnr in rt_mt6_check() Reject rt match rules whose addrnr exceeds IP6T_RT_HOPS. rt_mt6() expects addrnr to stay within the bounds of rtinfo-...
CVE-2026-31673
- EPSS 0.12%
- Veröffentlicht 25.04.2026 08:46:49
- Zuletzt bearbeitet 01.06.2026 17:16:55
In the Linux kernel, the following vulnerability has been resolved: af_unix: read UNIX_DIAG_VFS data under unix_state_lock Exact UNIX diag lookups hold a reference to the socket, but not to u->path. Meanwhile, unix_release_sock() clears u->path und...
CVE-2026-31671
- EPSS 0.11%
- Veröffentlicht 24.04.2026 14:45:18
- Zuletzt bearbeitet 27.04.2026 20:11:39
In the Linux kernel, the following vulnerability has been resolved: xfrm_user: fix info leak in build_report() struct xfrm_user_report is a __u8 proto field followed by a struct xfrm_selector which means there is three "empty" bytes of padding, but...
CVE-2026-31670
- EPSS 0.11%
- Veröffentlicht 24.04.2026 14:45:17
- Zuletzt bearbeitet 27.04.2026 20:10:26
In the Linux kernel, the following vulnerability has been resolved: net: rfkill: prevent unlimited numbers of rfkill events from being created Userspace can create an unlimited number of rfkill events if the system is so configured, while not consu...
CVE-2026-31667
- EPSS 0.1%
- Veröffentlicht 24.04.2026 14:45:15
- Zuletzt bearbeitet 27.04.2026 20:00:40
In the Linux kernel, the following vulnerability has been resolved: Input: uinput - fix circular locking dependency with ff-core A lockdep circular locking dependency warning can be triggered reproducibly when using a force-feedback gamepad with ui...
CVE-2026-31664
- EPSS 0.11%
- Veröffentlicht 24.04.2026 14:45:13
- Zuletzt bearbeitet 01.06.2026 17:16:54
In the Linux kernel, the following vulnerability has been resolved: xfrm: clear trailing padding in build_polexpire() build_expire() clears the trailing padding bytes of struct xfrm_user_expire after setting the hard field via memset_after(), but t...
CVE-2026-31661
- EPSS 0.11%
- Veröffentlicht 24.04.2026 14:45:11
- Zuletzt bearbeitet 27.04.2026 20:17:46
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmsmac: Fix dma_free_coherent() size dma_alloc_consistent() may change the size to align it. The new size is saved in alloced. Change the free size to match the allocation...
CVE-2026-31659
- EPSS 0.4%
- Veröffentlicht 24.04.2026 14:45:10
- Zuletzt bearbeitet 27.04.2026 20:17:17
In the Linux kernel, the following vulnerability has been resolved: batman-adv: reject oversized global TT response buffers batadv_tt_prepare_tvlv_global_data() builds the allocation length for a global TT response in 16-bit temporaries. When a rem...
CVE-2026-31657
- EPSS 0.4%
- Veröffentlicht 24.04.2026 14:45:08
- Zuletzt bearbeitet 01.06.2026 17:16:54
In the Linux kernel, the following vulnerability has been resolved: batman-adv: hold claim backbone gateways by reference batadv_bla_add_claim() can replace claim->backbone_gw and drop the old gateway's last reference while readers still follow the...
CVE-2026-31651
- EPSS 0.11%
- Veröffentlicht 24.04.2026 14:45:03
- Zuletzt bearbeitet 27.04.2026 20:14:45
In the Linux kernel, the following vulnerability has been resolved: mmc: vub300: fix NULL-deref on disconnect Make sure to deregister the controller before dropping the reference to the driver data on disconnect to avoid NULL-pointer dereferences o...