CVE-2026-31394
- EPSS 0.11%
- Veröffentlicht 03.04.2026 15:15:58
- Zuletzt bearbeitet 20.05.2026 15:08:26
In the Linux kernel, the following vulnerability has been resolved: mac80211: fix crash in ieee80211_chan_bw_change for AP_VLAN stations ieee80211_chan_bw_change() iterates all stations and accesses link->reserved.oper via sta->sdata->link[link_id]...
CVE-2026-31392
- EPSS 0.12%
- Veröffentlicht 03.04.2026 15:15:57
- Zuletzt bearbeitet 26.05.2026 12:57:56
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix krb5 mount with username option Customer reported that some of their krb5 mounts were failing against a single server as the client was trying to mount the shares ...
CVE-2026-23474
- EPSS 0.14%
- Veröffentlicht 03.04.2026 15:15:53
- Zuletzt bearbeitet 26.05.2026 14:24:16
In the Linux kernel, the following vulnerability has been resolved: mtd: Avoid boot crash in RedBoot partition table parser Given CONFIG_FORTIFY_SOURCE=y and a recent compiler, commit 439a1bcac648 ("fortify: Use __builtin_dynamic_object_size() when...
CVE-2026-23472
- EPSS 0.12%
- Veröffentlicht 03.04.2026 15:15:51
- Zuletzt bearbeitet 26.05.2026 14:26:13
In the Linux kernel, the following vulnerability has been resolved: serial: core: fix infinite loop in handle_tx() for PORT_UNKNOWN uart_write_room() and uart_write() behave inconsistently when xmit_buf is NULL (which happens for PORT_UNKNOWN ports...
CVE-2026-23468
- EPSS 0.12%
- Veröffentlicht 03.04.2026 15:15:47
- Zuletzt bearbeitet 01.06.2026 17:16:46
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Limit BO list entry count to prevent resource exhaustion Userspace can pass an arbitrary number of BO list entries via the bo_number field. Although the previous multip...
CVE-2026-23462
- EPSS 0.26%
- Veröffentlicht 03.04.2026 15:15:41
- Zuletzt bearbeitet 20.05.2026 15:27:46
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: HIDP: Fix possible UAF This fixes the following trace caused by not dropping l2cap_conn reference when user->remove callback is called: [ 97.809249] l2cap_conn_free: ...
CVE-2026-23460
- EPSS 0.12%
- Veröffentlicht 03.04.2026 15:15:40
- Zuletzt bearbeitet 26.05.2026 14:36:24
In the Linux kernel, the following vulnerability has been resolved: net/rose: fix NULL pointer dereference in rose_transmit_link on reconnect syzkaller reported a bug [1], and the reproducer is available at [2]. ROSE sockets use four sk->sk_state ...
CVE-2026-23458
- EPSS 0.13%
- Veröffentlicht 03.04.2026 15:15:39
- Zuletzt bearbeitet 26.05.2026 14:38:45
In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: fix use-after-free in ctnetlink_dump_exp_ct() ctnetlink_dump_exp_ct() stores a conntrack pointer in cb->data for the netlink dump callback ctnetlink_exp_ct_du...
CVE-2026-23457
- EPSS 0.38%
- Veröffentlicht 03.04.2026 15:15:38
- Zuletzt bearbeitet 26.05.2026 14:40:03
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_sip: fix Content-Length u32 truncation in sip_help_tcp() sip_help_tcp() parses the SIP Content-Length header with simple_strtoul(), which returns unsigned l...
CVE-2026-23456
- EPSS 0.45%
- Veröffentlicht 03.04.2026 15:15:37
- Zuletzt bearbeitet 26.05.2026 14:41:06
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_h323: fix OOB read in decode_int() CONS case In decode_int(), the CONS case calls get_bits(bs, 2) to read a length value, then calls get_uint(bs, len) witho...