CVE-2026-31417
- EPSS 0.39%
- Veröffentlicht 13.04.2026 13:21:04
- Zuletzt bearbeitet 20.05.2026 19:34:29
In the Linux kernel, the following vulnerability has been resolved: net/x25: Fix overflow when accumulating packets Add a check to ensure that `x25_sock.fraglen` does not overflow. The `fraglen` also needs to be resetted when purging `fragment_que...
CVE-2026-31415
- EPSS 0.11%
- Veröffentlicht 13.04.2026 13:21:03
- Zuletzt bearbeitet 20.05.2026 15:41:05
In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid overflows in ip6_datagram_send_ctl() Yiming Qian reported : <quote> I believe I found a locally triggerable kernel bug in the IPv6 sendmsg ancillary-data path that ca...
CVE-2026-31414
- EPSS 0.38%
- Veröffentlicht 13.04.2026 13:21:02
- Zuletzt bearbeitet 20.05.2026 15:43:42
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_expect: use expect->helper Use expect->helper in ctnetlink and /proc to dump the helper name. Using nfct_help() without holding a reference to the master co...
CVE-2026-31412
- EPSS 0.17%
- Veröffentlicht 10.04.2026 10:35:05
- Zuletzt bearbeitet 20.05.2026 15:54:46
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_mass_storage: Fix potential integer overflow in check_command_size_in_blocks() The `check_command_size_in_blocks()` function calculates the data size in bytes by lef...
CVE-2026-31411
- EPSS 0.13%
- Veröffentlicht 08.04.2026 13:06:17
- Zuletzt bearbeitet 20.05.2026 16:03:38
In the Linux kernel, the following vulnerability has been resolved: net: atm: fix crash due to unvalidated vcc pointer in sigd_send() Reproducer available at [1]. The ATM send path (sendmsg -> vcc_sendmsg -> sigd_send) reads the vcc pointer from m...
CVE-2026-31410
- EPSS 0.16%
- Veröffentlicht 06.04.2026 08:16:39
- Zuletzt bearbeitet 20.05.2026 16:11:09
In the Linux kernel, the following vulnerability has been resolved: ksmbd: use volume UUID in FS_OBJECT_ID_INFORMATION Use sb->s_uuid for a proper volume identifier as the primary choice. For filesystems that do not provide a UUID, fall back to stf...
CVE-2026-31405
- EPSS 0.55%
- Veröffentlicht 06.04.2026 08:16:38
- Zuletzt bearbeitet 20.05.2026 12:01:54
In the Linux kernel, the following vulnerability has been resolved: media: dvb-net: fix OOB access in ULE extension header tables The ule_mandatory_ext_handlers[] and ule_optional_ext_handlers[] tables in handle_one_ule_extension() are declared wit...
CVE-2026-31407
- EPSS 0.17%
- Veröffentlicht 06.04.2026 08:16:38
- Zuletzt bearbeitet 01.06.2026 17:16:46
In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: add missing netlink policy validations Hyunwoo Kim reports out-of-bounds access in sctp and ctnetlink. These attributes are used by the kernel without any va...
CVE-2026-31408
- EPSS 0.3%
- Veröffentlicht 06.04.2026 08:16:38
- Zuletzt bearbeitet 20.05.2026 16:18:27
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: Fix use-after-free in sco_recv_frame() due to missing sock_hold sco_recv_frame() reads conn->sk under sco_conn_lock() but immediately releases the lock without hold...
CVE-2026-31409
- EPSS 0.45%
- Veröffentlicht 06.04.2026 08:16:38
- Zuletzt bearbeitet 01.06.2026 17:16:46
In the Linux kernel, the following vulnerability has been resolved: ksmbd: unset conn->binding on failed binding request When a multichannel SMB2_SESSION_SETUP request with SMB2_SESSION_REQ_FLAG_BINDING fails ksmbd sets conn->binding = true but nev...