CVE-2026-43439
- EPSS 0.09%
- Veröffentlicht 08.05.2026 14:22:08
- Zuletzt bearbeitet 21.05.2026 17:26:45
In the Linux kernel, the following vulnerability has been resolved: cgroup: fix race between task migration and iteration When a task is migrated out of a css_set, cgroup_migrate_add_task() first moves it from cset->tasks to cset->mg_tasks via: ...
CVE-2026-43437
- EPSS 0.13%
- Veröffentlicht 08.05.2026 14:22:07
- Zuletzt bearbeitet 21.05.2026 17:41:41
In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: fix use-after-free on linked stream runtime in snd_pcm_drain() In the drain loop, the local variable 'runtime' is reassigned to a linked stream's runtime (runtime = s->r...
CVE-2026-43438
- EPSS 0.13%
- Veröffentlicht 08.05.2026 14:22:07
- Zuletzt bearbeitet 21.05.2026 17:28:08
In the Linux kernel, the following vulnerability has been resolved: sched_ext: Remove redundant css_put() in scx_cgroup_init() The iterator css_for_each_descendant_pre() walks the cgroup hierarchy under cgroup_lock(). It does not increment the refe...
CVE-2026-43436
- EPSS 0.12%
- Veröffentlicht 08.05.2026 14:22:06
- Zuletzt bearbeitet 21.05.2026 17:43:14
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Check endpoint numbers at parsing Scarlett2 mixer interfaces The Scarlett2 mixer quirk in USB-audio driver may hit a NULL dereference when a malformed USB descript...
CVE-2026-43434
- EPSS 0.13%
- Veröffentlicht 08.05.2026 14:22:05
- Zuletzt bearbeitet 12.05.2026 14:10:27
In the Linux kernel, the following vulnerability has been resolved: rust_binder: check ownership before using vma When installing missing pages (or zapping them), Rust Binder will look up the vma in the mm by address, and then call vm_insert_page (...
- EPSS 0.12%
- Veröffentlicht 08.05.2026 14:22:05
- Zuletzt bearbeitet 12.05.2026 14:10:27
In the Linux kernel, the following vulnerability has been resolved: rust_binder: fix oneway spam detection The spam detection logic in TreeRange was executed before the current request was inserted into the tree. So the new request was not being fa...
CVE-2026-43433
- EPSS 0.1%
- Veröffentlicht 08.05.2026 14:22:04
- Zuletzt bearbeitet 12.05.2026 14:10:27
In the Linux kernel, the following vulnerability has been resolved: rust_binder: avoid reading the written value in offsets array When sending a transaction, its offsets array is first copied into the target proc's vma, and then the values are read...
CVE-2026-43431
- EPSS 0.11%
- Veröffentlicht 08.05.2026 14:22:03
- Zuletzt bearbeitet 20.05.2026 18:21:21
In the Linux kernel, the following vulnerability has been resolved: xhci: Fix NULL pointer dereference when reading portli debugfs files Michal reported and debgged a NULL pointer dereference bug in the recently added portli debugfs files Oops is ...
CVE-2026-43432
- EPSS 0.12%
- Veröffentlicht 08.05.2026 14:22:03
- Zuletzt bearbeitet 20.05.2026 18:18:34
In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Fix memory leak in xhci_disable_slot() xhci_alloc_command() allocates a command structure and, when the second argument is true, also allocates a completion structure. C...
CVE-2026-43430
- EPSS 0.09%
- Veröffentlicht 08.05.2026 14:22:02
- Zuletzt bearbeitet 20.05.2026 18:22:23
In the Linux kernel, the following vulnerability has been resolved: usb: yurex: fix race in probe The bbu member of the descriptor must be set to the value standing for uninitialized values before the URB whose completion handler sets bbu is submit...