CVE-2026-23356
- EPSS 0.13%
- Veröffentlicht 25.03.2026 10:27:40
- Zuletzt bearbeitet 24.04.2026 19:06:21
In the Linux kernel, the following vulnerability has been resolved: drbd: fix "LOGIC BUG" in drbd_al_begin_io_nonblock() Even though we check that we "should" be able to do lc_get_cumulative() while holding the device->al_lock spinlock, it may stil...
CVE-2026-23352
- EPSS 0.13%
- Veröffentlicht 25.03.2026 10:27:37
- Zuletzt bearbeitet 24.04.2026 17:59:40
In the Linux kernel, the following vulnerability has been resolved: x86/efi: defer freeing of boot services memory efi_free_boot_services() frees memory occupied by EFI_BOOT_SERVICES_CODE and EFI_BOOT_SERVICES_DATA using memblock_free_late(). Ther...
CVE-2026-23344
- EPSS 0.12%
- Veröffentlicht 25.03.2026 10:27:31
- Zuletzt bearbeitet 24.04.2026 18:17:48
In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix use-after-free on error path In the error path of sev_tsm_init_locked(), the code dereferences 't' after it has been freed with kfree(). The pr_err() statement at...
CVE-2026-23339
- EPSS 0.12%
- Veröffentlicht 25.03.2026 10:27:28
- Zuletzt bearbeitet 23.04.2026 21:17:17
In the Linux kernel, the following vulnerability has been resolved: nfc: nci: free skb on nci_transceive early error paths nci_transceive() takes ownership of the skb passed by the caller, but the -EPROTO, -EINVAL, and -EBUSY error paths return wit...
CVE-2026-23336
- EPSS 0.13%
- Veröffentlicht 25.03.2026 10:27:26
- Zuletzt bearbeitet 23.04.2026 21:12:52
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: cancel rfkill_block work in wiphy_unregister() There is a use-after-free error in cfg80211_shutdown_all_interfaces found by syzkaller: BUG: KASAN: use-after-free i...
CVE-2026-23330
- EPSS 0.12%
- Veröffentlicht 25.03.2026 10:27:21
- Zuletzt bearbeitet 27.04.2026 14:16:30
In the Linux kernel, the following vulnerability has been resolved: nfc: nci: complete pending data exchange on device close In nci_close_device(), complete any pending data exchange before closing. The data exchange callback (e.g. rawsock_data_exc...
CVE-2026-23312
- EPSS 0.12%
- Veröffentlicht 25.03.2026 10:27:07
- Zuletzt bearbeitet 26.05.2026 15:02:57
In the Linux kernel, the following vulnerability has been resolved: net: usb: kaweth: validate USB endpoints The kaweth driver should validate that the device it is probing has the proper number and types of USB endpoints it is expecting before it ...
CVE-2026-23307
- EPSS 0.12%
- Veröffentlicht 25.03.2026 10:27:02
- Zuletzt bearbeitet 28.05.2026 14:28:13
In the Linux kernel, the following vulnerability has been resolved: can: ems_usb: ems_usb_read_bulk_callback(): check the proper length of a message When looking at the data in a USB urb, the actual_length is the size of the buffer passed to the dr...
CVE-2026-23303
- EPSS 0.12%
- Veröffentlicht 25.03.2026 10:26:58
- Zuletzt bearbeitet 28.05.2026 14:40:06
In the Linux kernel, the following vulnerability has been resolved: smb: client: Don't log plaintext credentials in cifs_set_cifscreds When debug logging is enabled, cifs_set_cifscreds() logs the key payload and exposes the plaintext username and p...
CVE-2026-23293
- EPSS 0.12%
- Veröffentlicht 25.03.2026 10:26:51
- Zuletzt bearbeitet 29.05.2026 15:04:45
In the Linux kernel, the following vulnerability has been resolved: net: vxlan: fix nd_tbl NULL dereference when IPv6 is disabled When booting with the 'ipv6.disable=1' parameter, the nd_tbl is never initialized because inet6_init() exits before nd...