CVE-2026-43386
- EPSS 0.13%
- Veröffentlicht 08.05.2026 14:21:32
- Zuletzt bearbeitet 26.05.2026 16:03:02
In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix potential out-of-bounds read in rtw_restruct_wmm_ie The current code checks 'i + 5 < in_len' at the end of the if statement. However, it accesses 'in_ie[i +...
CVE-2026-43384
- EPSS 0.46%
- Veröffentlicht 08.05.2026 14:21:31
- Zuletzt bearbeitet 26.05.2026 17:05:52
In the Linux kernel, the following vulnerability has been resolved: net/tcp-ao: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this.
CVE-2026-43382
- EPSS 0.1%
- Veröffentlicht 08.05.2026 14:21:30
- Zuletzt bearbeitet 26.05.2026 17:15:10
In the Linux kernel, the following vulnerability has been resolved: batman-adv: Avoid double-rtnl_lock ELP metric worker batadv_v_elp_get_throughput() might be called when the RTNL lock is already held. This could be problematic when the work queue...
CVE-2026-43383
- EPSS 0.44%
- Veröffentlicht 08.05.2026 14:21:30
- Zuletzt bearbeitet 26.05.2026 17:07:21
In the Linux kernel, the following vulnerability has been resolved: net/tcp-md5: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this.
CVE-2026-43381
- EPSS 0.12%
- Veröffentlicht 08.05.2026 14:21:29
- Zuletzt bearbeitet 26.05.2026 17:17:15
In the Linux kernel, the following vulnerability has been resolved: nouveau/dpcd: return EBUSY for aux xfer if the device is asleep If we have runtime suspended, and userspace wants to use /dev/drm_dp_* then just tell it the device is busy instead ...
CVE-2026-43379
- EPSS 0.44%
- Veröffentlicht 08.05.2026 14:21:28
- Zuletzt bearbeitet 19.05.2026 19:56:32
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in smb_lazy_parent_lease_break_close() opinfo pointer obtained via rcu_dereference(fp->f_opinfo) is being accessed after rcu_read_unlock() has been called...
CVE-2026-43380
- EPSS 0.14%
- Veröffentlicht 08.05.2026 14:21:28
- Zuletzt bearbeitet 20.05.2026 17:16:22
In the Linux kernel, the following vulnerability has been resolved: hwmon: (pmbus/q54sj108a2) fix stack overflow in debugfs read The q54sj108a2_debugfs_read function suffers from a stack buffer overflow due to incorrect arguments passed to bin2hex(...
CVE-2026-43378
- EPSS 0.31%
- Veröffentlicht 08.05.2026 14:21:27
- Zuletzt bearbeitet 20.05.2026 17:16:22
In the Linux kernel, the following vulnerability has been resolved: smb: server: fix use-after-free in smb2_open() The opinfo pointer obtained via rcu_dereference(fp->f_opinfo) is dereferenced after rcu_read_unlock(), creating a use-after-free wind...
CVE-2026-43377
- EPSS 0.25%
- Veröffentlicht 08.05.2026 14:21:26
- Zuletzt bearbeitet 15.05.2026 15:14:24
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Don't log keys in SMB3 signing and encryption key generation When KSMBD_DEBUG_AUTH logging is enabled, generate_smb3signingkey() and generate_smb3encryptionkey() log the ses...
CVE-2026-43375
- EPSS 0.12%
- Veröffentlicht 08.05.2026 14:21:25
- Zuletzt bearbeitet 15.05.2026 15:16:08
In the Linux kernel, the following vulnerability has been resolved: net: mctp: fix device leak on probe failure Driver core holds a reference to the USB interface and its parent USB device while the interface is bound to a driver and there is no ne...