CVE-2026-23397
- EPSS 0.12%
- Veröffentlicht 26.03.2026 10:22:49
- Zuletzt bearbeitet 24.04.2026 15:18:09
In the Linux kernel, the following vulnerability has been resolved: nfnetlink_osf: validate individual option lengths in fingerprints nfnl_osf_add_callback() validates opt_num bounds and string NUL-termination but does not check individual option l...
CVE-2026-23391
- EPSS 0.12%
- Veröffentlicht 25.03.2026 10:33:15
- Zuletzt bearbeitet 24.04.2026 18:38:57
In the Linux kernel, the following vulnerability has been resolved: netfilter: xt_CT: drop pending enqueued packets on template removal Templates refer to objects that can go away while packets are sitting in nfqueue refer to: - helper, this can b...
CVE-2026-23390
- EPSS 0.13%
- Veröffentlicht 25.03.2026 10:29:02
- Zuletzt bearbeitet 24.04.2026 18:32:24
In the Linux kernel, the following vulnerability has been resolved: tracing/dma: Cap dma_map_sg tracepoint arrays to prevent buffer overflow The dma_map_sg tracepoint can trigger a perf buffer overflow when tracing large scatter-gather lists. With ...
CVE-2026-23388
- EPSS 0.12%
- Veröffentlicht 25.03.2026 10:28:06
- Zuletzt bearbeitet 24.04.2026 18:45:22
In the Linux kernel, the following vulnerability has been resolved: Squashfs: check metadata block offset is within range Syzkaller reports a "general protection fault in squashfs_copy_data" This is ultimately caused by a corrupted index look-up t...
CVE-2026-23382
- EPSS 0.11%
- Veröffentlicht 25.03.2026 10:28:01
- Zuletzt bearbeitet 24.04.2026 18:42:01
In the Linux kernel, the following vulnerability has been resolved: HID: Add HID_CLAIMED_INPUT guards in raw_event callbacks missing them In commit 2ff5baa9b527 ("HID: appleir: Fix potential NULL dereference at raw event handle"), we handle the fac...
CVE-2026-23374
- EPSS 0.12%
- Veröffentlicht 25.03.2026 10:27:55
- Zuletzt bearbeitet 27.04.2026 14:16:30
In the Linux kernel, the following vulnerability has been resolved: blktrace: fix __this_cpu_read/write in preemptible context tracing_record_cmdline() internally uses __this_cpu_read() and __this_cpu_write() on the per-CPU variable trace_cmdline_s...
CVE-2026-23372
- EPSS 0.13%
- Veröffentlicht 25.03.2026 10:27:53
- Zuletzt bearbeitet 24.04.2026 16:36:05
In the Linux kernel, the following vulnerability has been resolved: nfc: rawsock: cancel tx_work before socket teardown In rawsock_release(), cancel any pending tx_work and purge the write queue before orphaning the socket. rawsock_tx_work runs on...
CVE-2026-23367
- EPSS 0.12%
- Veröffentlicht 25.03.2026 10:27:49
- Zuletzt bearbeitet 24.04.2026 18:41:25
In the Linux kernel, the following vulnerability has been resolved: wifi: radiotap: reject radiotap with unknown bits The radiotap parser is currently only used with the radiotap namespace (not with vendor namespaces), but if the undefined field 18...
CVE-2026-23365
- EPSS 0.12%
- Veröffentlicht 25.03.2026 10:27:47
- Zuletzt bearbeitet 24.04.2026 18:47:28
In the Linux kernel, the following vulnerability has been resolved: net: usb: kalmia: validate USB endpoints The kalmia driver should validate that the device it is probing has the proper number and types of USB endpoints it is expecting before it ...
CVE-2026-23357
- EPSS 0.1%
- Veröffentlicht 25.03.2026 10:27:41
- Zuletzt bearbeitet 24.04.2026 19:04:35
In the Linux kernel, the following vulnerability has been resolved: can: mcp251x: fix deadlock in error path of mcp251x_open The mcp251x_open() function call free_irq() in its error path with the mpc_lock mutex held. But if an interrupt already occ...