CVE-2026-46135
- EPSS 0.35%
- Veröffentlicht 28.05.2026 09:35:49
- Zuletzt bearbeitet 04.07.2026 12:16:56
In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: fix race between ICReq handling and queue teardown nvmet_tcp_handle_icreq() updates queue->state after sending an Initialization Connection Response (ICResp), but it doe...
CVE-2026-46132
- EPSS 0.13%
- Veröffentlicht 28.05.2026 09:35:47
- Zuletzt bearbeitet 24.06.2026 17:51:37
In the Linux kernel, the following vulnerability has been resolved: net: rtnetlink: zero ifla_vf_broadcast to avoid stack infoleak in rtnl_fill_vfinfo rtnl_fill_vfinfo() declares struct ifla_vf_broadcast on the stack without initialisation: struc...
CVE-2026-46133
- EPSS 0.57%
- Veröffentlicht 28.05.2026 09:35:47
- Zuletzt bearbeitet 24.06.2026 17:50:36
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Reject unknown opcodes before ICRC processing Even after applying commit 7244491dab34 ("RDMA/rxe: Validate pad and ICRC before payload_size() in rxe_rcv"), a single unaut...
CVE-2026-46128
- EPSS 0.13%
- Veröffentlicht 28.05.2026 09:35:43
- Zuletzt bearbeitet 24.06.2026 16:50:16
In the Linux kernel, the following vulnerability has been resolved: ipmi: Check event message buffer response for bad data The event message buffer response data size got checked later when processing, but check it right after the response comes ba...
CVE-2026-46127
- EPSS 0.13%
- Veröffentlicht 28.05.2026 09:35:42
- Zuletzt bearbeitet 24.06.2026 16:50:27
In the Linux kernel, the following vulnerability has been resolved: RDMA/ocrdma: Don't NULL deref uctx on errors in ocrdma_copy_pd_uresp() Sashiko points out that pd->uctx isn't initialized until late in the function so all these error flow referen...
CVE-2026-46123
- EPSS 0.14%
- Veröffentlicht 28.05.2026 09:35:38
- Zuletzt bearbeitet 24.06.2026 16:51:21
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: virtio_bt: clamp rx length before skb_put virtbt_rx_work() calls skb_put(skb, len) where len comes directly from virtqueue_get_buf() with no validation against the buffe...
CVE-2026-46124
- EPSS 0.43%
- Veröffentlicht 28.05.2026 09:35:38
- Zuletzt bearbeitet 24.06.2026 16:51:14
In the Linux kernel, the following vulnerability has been resolved: isofs: validate block number from NFS file handle in isofs_export_iget isofs_fh_to_dentry() and isofs_fh_to_parent() pass an attacker- controlled block number (ifid->block or ifid-...
CVE-2026-46122
- EPSS 0.13%
- Veröffentlicht 28.05.2026 09:35:37
- Zuletzt bearbeitet 24.06.2026 16:51:28
In the Linux kernel, the following vulnerability has been resolved: wifi: b43: enforce bounds check on firmware key index in b43_rx() The firmware-controlled key index in b43_rx() can exceed the dev->key[] array size (58 entries). The existing B43_...
CVE-2026-46120
- EPSS 0.13%
- Veröffentlicht 28.05.2026 09:35:35
- Zuletzt bearbeitet 24.06.2026 16:51:39
In the Linux kernel, the following vulnerability has been resolved: ip6_gre: Use cached t->net in ip6erspan_changelink(). After commit 5e72ce3e3980 ("net: ipv6: Use link netns in newlink() of rtnl_link_ops"), ip6erspan_newlink() correctly resolves ...
CVE-2026-46119
- EPSS 0.53%
- Veröffentlicht 28.05.2026 09:35:34
- Zuletzt bearbeitet 24.06.2026 16:51:46
In the Linux kernel, the following vulnerability has been resolved: libceph: Fix slab-out-of-bounds access in auth message processing If a (potentially corrupted) message of type CEPH_MSG_AUTH_REPLY contains a positive value in its result field, it...