CVE-2026-31407
- EPSS 0.17%
- Veröffentlicht 06.04.2026 08:16:38
- Zuletzt bearbeitet 01.06.2026 17:16:46
In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: add missing netlink policy validations Hyunwoo Kim reports out-of-bounds access in sctp and ctnetlink. These attributes are used by the kernel without any va...
CVE-2026-31408
- EPSS 0.3%
- Veröffentlicht 06.04.2026 08:16:38
- Zuletzt bearbeitet 20.05.2026 16:18:27
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: Fix use-after-free in sco_recv_frame() due to missing sock_hold sco_recv_frame() reads conn->sk under sco_conn_lock() but immediately releases the lock without hold...
CVE-2026-31409
- EPSS 0.45%
- Veröffentlicht 06.04.2026 08:16:38
- Zuletzt bearbeitet 01.06.2026 17:16:46
In the Linux kernel, the following vulnerability has been resolved: ksmbd: unset conn->binding on failed binding request When a multichannel SMB2_SESSION_SETUP request with SMB2_SESSION_REQ_FLAG_BINDING fails ksmbd sets conn->binding = true but nev...
CVE-2026-31404
- EPSS 0.12%
- Veröffentlicht 03.04.2026 15:16:07
- Zuletzt bearbeitet 20.05.2026 12:03:39
In the Linux kernel, the following vulnerability has been resolved: NFSD: Defer sub-object cleanup in export put callbacks svc_export_put() calls path_put() and auth_domain_put() immediately when the last reference drops, before the RCU grace perio...
CVE-2026-31403
- EPSS 0.12%
- Veröffentlicht 03.04.2026 15:16:06
- Zuletzt bearbeitet 20.05.2026 12:15:36
In the Linux kernel, the following vulnerability has been resolved: NFSD: Hold net reference for the lifetime of /proc/fs/nfs/exports fd The /proc/fs/nfs/exports proc entry is created at module init and persists for the module's lifetime. exports_p...
CVE-2026-31402
- EPSS 0.49%
- Veröffentlicht 03.04.2026 15:16:05
- Zuletzt bearbeitet 08.07.2026 13:16:34
In the Linux kernel, the following vulnerability has been resolved: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache The NFSv4.0 replay cache uses a fixed 112-byte inline buffer (rp_ibuf[NFSD4_REPLAY_ISIZE]) to store encoded operation responses...
CVE-2026-31401
- EPSS 0.14%
- Veröffentlicht 03.04.2026 15:16:04
- Zuletzt bearbeitet 20.05.2026 12:19:54
In the Linux kernel, the following vulnerability has been resolved: HID: bpf: prevent buffer overflow in hid_hw_request right now the returned value is considered to be always valid. However, when playing with HID-BPF, the return value can be arbit...
CVE-2026-31399
- EPSS 0.12%
- Veröffentlicht 03.04.2026 15:16:03
- Zuletzt bearbeitet 20.05.2026 12:54:51
In the Linux kernel, the following vulnerability has been resolved: nvdimm/bus: Fix potential use after free in asynchronous initialization Dingisoul with KASAN reports a use after free if device_add() fails in nd_async_device_register(). Commit b...
CVE-2026-31400
- EPSS 0.12%
- Veröffentlicht 03.04.2026 15:16:03
- Zuletzt bearbeitet 20.05.2026 12:31:31
In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix cache_request leak in cache_release When a reader's file descriptor is closed while in the middle of reading a cache_request (rp->offset != 0), cache_release() decremen...
CVE-2026-31398
- EPSS 0.12%
- Veröffentlicht 03.04.2026 15:16:02
- Zuletzt bearbeitet 20.05.2026 13:03:52
In the Linux kernel, the following vulnerability has been resolved: mm/rmap: fix incorrect pte restoration for lazyfree folios We batch unmap anonymous lazyfree folios by folio_unmap_pte_batch. If the batch has a mix of writable and non-writable b...