CVE-2026-43112
- EPSS 0.35%
- Veröffentlicht 06.05.2026 07:40:38
- Zuletzt bearbeitet 08.07.2026 13:16:44
In the Linux kernel, the following vulnerability has been resolved: fs/smb/client: fix out-of-bounds read in cifs_sanitize_prepath When cifs_sanitize_prepath is called with an empty string or a string containing only delimiters (e.g., "/"), the cur...
CVE-2026-43110
- EPSS 0.24%
- Veröffentlicht 06.05.2026 07:40:37
- Zuletzt bearbeitet 01.06.2026 17:17:03
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: validate bsscfg indices in IF events brcmf_fweh_handle_if_event() validates the firmware-provided interface index before it touches drvr->iflist[], but it still use...
CVE-2026-43111
- EPSS 0.12%
- Veröffentlicht 06.05.2026 07:40:37
- Zuletzt bearbeitet 01.06.2026 17:17:03
In the Linux kernel, the following vulnerability has been resolved: HID: roccat: fix use-after-free in roccat_report_event roccat_report_event() iterates over the device->readers list without holding the readers_lock. This allows a concurrent rocca...
CVE-2026-43109
- EPSS 0.11%
- Veröffentlicht 06.05.2026 07:40:36
- Zuletzt bearbeitet 17.05.2026 16:16:16
In the Linux kernel, the following vulnerability has been resolved: x86: shadow stacks: proper error handling for mmap lock 김영민 reports that shstk_pop_sigframe() doesn't check for errors from mmap_read_lock_killable(), which is a silly oversight, a...
CVE-2026-43107
- EPSS 0.11%
- Veröffentlicht 06.05.2026 07:40:35
- Zuletzt bearbeitet 11.05.2026 17:30:05
In the Linux kernel, the following vulnerability has been resolved: xfrm: account XFRMA_IF_ID in aevent size calculation xfrm_get_ae() allocates the reply skb with xfrm_aevent_msgsize(), then build_aevent() appends attributes including XFRMA_IF_ID ...
CVE-2026-43104
- EPSS 0.12%
- Veröffentlicht 06.05.2026 07:40:33
- Zuletzt bearbeitet 01.06.2026 17:17:03
In the Linux kernel, the following vulnerability has been resolved: drm/vc4: Fix a memory leak in hang state error path When vc4_save_hang_state() encounters an early return condition, it returns without freeing the previously allocated `kernel_sta...
CVE-2026-43105
- EPSS 0.11%
- Veröffentlicht 06.05.2026 07:40:33
- Zuletzt bearbeitet 01.06.2026 17:17:03
In the Linux kernel, the following vulnerability has been resolved: drm/vc4: Fix memory leak of BO array in hang state The hang state's BO array is allocated separately with kzalloc() in vc4_save_hang_state() but never freed in vc4_free_hang_state(...
CVE-2026-43103
- EPSS 0.12%
- Veröffentlicht 06.05.2026 07:40:32
- Zuletzt bearbeitet 01.06.2026 17:17:03
In the Linux kernel, the following vulnerability has been resolved: net: lapbether: handle NETDEV_PRE_TYPE_CHANGE lapbeth_data_transmit() expects the underlying device type to be ARPHRD_ETHER. Returning NOTIFY_BAD from lapbeth_device_event() makes...
CVE-2026-43101
- EPSS 0.43%
- Veröffentlicht 06.05.2026 07:40:30
- Zuletzt bearbeitet 11.05.2026 17:35:21
In the Linux kernel, the following vulnerability has been resolved: ipv6: ioam: fix potential NULL dereferences in __ioam6_fill_trace_data() We need to check __in6_dev_get() for possible NULL value, as suggested by Yiming Qian. Also add skb_dst_de...
CVE-2026-43099
- EPSS 0.49%
- Veröffentlicht 06.05.2026 07:40:29
- Zuletzt bearbeitet 01.06.2026 17:17:03
In the Linux kernel, the following vulnerability has been resolved: ipv4: icmp: fix null-ptr-deref in icmp_build_probe() ipv6_stub->ipv6_dev_find() may return ERR_PTR(-EAFNOSUPPORT) when the IPv6 stack is not active (CONFIG_IPV6=m and not loaded), ...