CVE-2026-22990
- EPSS 0.34%
- Veröffentlicht 23.01.2026 15:24:11
- Zuletzt bearbeitet 27.04.2026 14:16:27
In the Linux kernel, the following vulnerability has been resolved: libceph: replace overzealous BUG_ON in osdmap_apply_incremental() If the osdmap is (maliciously) corrupted such that the incremental osdmap epoch is different from what is expected...
CVE-2026-22984
- EPSS 0.35%
- Veröffentlicht 23.01.2026 15:24:06
- Zuletzt bearbeitet 27.04.2026 14:16:27
In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds reads in handle_auth_done() Perform an explicit bounds check on payload_len to avoid a possible out-of-bounds access in the callout. [ idr...
CVE-2026-22978
- EPSS 0.12%
- Veröffentlicht 23.01.2026 15:24:00
- Zuletzt bearbeitet 26.02.2026 20:17:16
In the Linux kernel, the following vulnerability has been resolved: wifi: avoid kernel-infoleak from struct iw_point struct iw_point has a 32bit hole on 64bit arches. struct iw_point { void __user *pointer; /* Pointer to the data (in us...
CVE-2025-71161
- EPSS 0.17%
- Veröffentlicht 23.01.2026 15:23:59
- Zuletzt bearbeitet 01.06.2026 17:16:38
In the Linux kernel, the following vulnerability has been resolved: dm-verity: disable recursive forward error correction There are two problems with the recursive correction: 1. It may cause denial-of-service. In fec_read_bufs, there is a loop th...
CVE-2025-71160
- EPSS 0.16%
- Veröffentlicht 23.01.2026 15:23:58
- Zuletzt bearbeitet 26.02.2026 20:19:14
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: avoid chain re-validation if possible Hamza Mahfooz reports cpu soft lock-ups in nft_chain_validate(): watchdog: BUG: soft lockup - CPU#1 stuck for 27s! [ip...
CVE-2025-71158
- EPSS 0.14%
- Veröffentlicht 23.01.2026 15:23:57
- Zuletzt bearbeitet 26.02.2026 20:20:07
In the Linux kernel, the following vulnerability has been resolved: gpio: mpsse: ensure worker is torn down When an IRQ worker is running, unplugging the device would cause a crash. The sealevel hardware this driver was written for was not hotplugg...
CVE-2025-71154
- EPSS 0.11%
- Veröffentlicht 23.01.2026 14:25:53
- Zuletzt bearbeitet 26.02.2026 20:30:51
In the Linux kernel, the following vulnerability has been resolved: net: usb: rtl8150: fix memory leak on usb_submit_urb() failure In async_set_registers(), when usb_submit_urb() fails, the allocated async_req structure and URB are not freed, cau...
CVE-2025-71152
- EPSS 0.12%
- Veröffentlicht 23.01.2026 14:25:52
- Zuletzt bearbeitet 25.03.2026 11:16:14
In the Linux kernel, the following vulnerability has been resolved: net: dsa: properly keep track of conduit reference Problem description ------------------- DSA has a mumbo-jumbo of reference handling of the conduit net device and its kobject wh...
CVE-2025-71150
- EPSS 0.12%
- Veröffentlicht 23.01.2026 14:15:16
- Zuletzt bearbeitet 18.04.2026 09:16:13
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix refcount leak when invalid session is found on session lookup When a session is found but its state is not SMB2_SESSION_VALID, It indicates that no valid session was fou...
CVE-2026-22976
- EPSS 0.12%
- Veröffentlicht 21.01.2026 06:57:23
- Zuletzt bearbeitet 02.06.2026 14:16:45
In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_qfq: Fix NULL deref when deactivating inactive aggregate in qfq_reset `qfq_class->leaf_qdisc->q.qlen > 0` does not imply that the class itself is active. Two qfq_cl...