CVE-2026-31673
- EPSS 0.12%
- Veröffentlicht 25.04.2026 08:46:49
- Zuletzt bearbeitet 01.06.2026 17:16:55
In the Linux kernel, the following vulnerability has been resolved: af_unix: read UNIX_DIAG_VFS data under unix_state_lock Exact UNIX diag lookups hold a reference to the socket, but not to u->path. Meanwhile, unix_release_sock() clears u->path und...
CVE-2026-31672
- EPSS 0.11%
- Veröffentlicht 24.04.2026 14:45:19
- Zuletzt bearbeitet 27.04.2026 20:11:49
In the Linux kernel, the following vulnerability has been resolved: wifi: rt2x00usb: fix devres lifetime USB drivers bind to USB interfaces and any device managed resources should have their lifetime tied to the interface rather than parent USB dev...
CVE-2026-31671
- EPSS 0.11%
- Veröffentlicht 24.04.2026 14:45:18
- Zuletzt bearbeitet 27.04.2026 20:11:39
In the Linux kernel, the following vulnerability has been resolved: xfrm_user: fix info leak in build_report() struct xfrm_user_report is a __u8 proto field followed by a struct xfrm_selector which means there is three "empty" bytes of padding, but...
CVE-2026-31670
- EPSS 0.11%
- Veröffentlicht 24.04.2026 14:45:17
- Zuletzt bearbeitet 27.04.2026 20:10:26
In the Linux kernel, the following vulnerability has been resolved: net: rfkill: prevent unlimited numbers of rfkill events from being created Userspace can create an unlimited number of rfkill events if the system is so configured, while not consu...
CVE-2026-31668
- EPSS 0.44%
- Veröffentlicht 24.04.2026 14:45:16
- Zuletzt bearbeitet 27.04.2026 20:08:54
In the Linux kernel, the following vulnerability has been resolved: seg6: separate dst_cache for input and output paths in seg6 lwtunnel The seg6 lwtunnel uses a single dst_cache per encap route, shared between seg6_input_core() and seg6_output_cor...
CVE-2026-31667
- EPSS 0.1%
- Veröffentlicht 24.04.2026 14:45:15
- Zuletzt bearbeitet 27.04.2026 20:00:40
In the Linux kernel, the following vulnerability has been resolved: Input: uinput - fix circular locking dependency with ff-core A lockdep circular locking dependency warning can be triggered reproducibly when using a force-feedback gamepad with ui...
CVE-2026-31663
- EPSS 0.21%
- Veröffentlicht 24.04.2026 14:45:13
- Zuletzt bearbeitet 30.06.2026 03:18:26
In the Linux kernel, the following vulnerability has been resolved: xfrm: hold dev ref until after transport_finish NF_HOOK After async crypto completes, xfrm_input_resume() calls dev_put() immediately on re-entry before the skb reaches transport_f...
CVE-2026-31664
- EPSS 0.11%
- Veröffentlicht 24.04.2026 14:45:13
- Zuletzt bearbeitet 01.06.2026 17:16:54
In the Linux kernel, the following vulnerability has been resolved: xfrm: clear trailing padding in build_polexpire() build_expire() clears the trailing padding bytes of struct xfrm_user_expire after setting the hard field via memset_after(), but t...
CVE-2026-31662
- EPSS 0.39%
- Veröffentlicht 24.04.2026 14:45:12
- Zuletzt bearbeitet 27.04.2026 20:17:55
In the Linux kernel, the following vulnerability has been resolved: tipc: fix bc_ackers underflow on duplicate GRP_ACK_MSG The GRP_ACK_MSG handler in tipc_group_proto_rcv() currently decrements bc_ackers on every inbound group ACK, even when the sa...
CVE-2026-31661
- EPSS 0.11%
- Veröffentlicht 24.04.2026 14:45:11
- Zuletzt bearbeitet 27.04.2026 20:17:46
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmsmac: Fix dma_free_coherent() size dma_alloc_consistent() may change the size to align it. The new size is saved in alloced. Change the free size to match the allocation...