CVE-2026-23282
- EPSS 0.12%
- Veröffentlicht 25.03.2026 10:26:42
- Zuletzt bearbeitet 22.05.2026 00:24:34
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix oops due to uninitialised var in smb2_unlink() If SMB2_open_init() or SMB2_close_init() fails (e.g. reconnect), the iovs set @rqst will be left uninitialised, henc...
CVE-2026-23281
- EPSS 0.13%
- Veröffentlicht 25.03.2026 10:26:41
- Zuletzt bearbeitet 22.05.2026 00:31:53
In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: fix use-after-free in lbs_free_adapter() The lbs_free_adapter() function uses timer_delete() (non-synchronous) for both command_timer and tx_lockup_timer before the...
CVE-2026-23279
- EPSS 0.14%
- Veröffentlicht 25.03.2026 10:26:39
- Zuletzt bearbeitet 22.05.2026 00:37:25
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix NULL pointer dereference in mesh_rx_csa_frame() In mesh_rx_csa_frame(), elems->mesh_chansw_params_ie is dereferenced at lines 1638 and 1642 without a prior NULL...
CVE-2026-31788
- EPSS 0.15%
- Veröffentlicht 25.03.2026 10:25:05
- Zuletzt bearbeitet 24.04.2026 15:19:57
In the Linux kernel, the following vulnerability has been resolved: xen/privcmd: restrict usage in unprivileged domU The Xen privcmd driver allows to issue arbitrary hypercalls from user space processes. This is normally no problem, as access is us...
CVE-2026-33064
- EPSS 0.49%
- Veröffentlicht 20.03.2026 08:16:12
- Zuletzt bearbeitet 23.03.2026 18:43:25
Free5GC is an open-source Linux Foundation project for 5th generation (5G) mobile core networks. Versions prior to 1.4.2 are vulnerable to procedure panic caused by Nil Pointer Dereference in the /sdm-subscriptions endpoint. A remote attacker can cau...
CVE-2026-33065
- EPSS 0.28%
- Veröffentlicht 20.03.2026 08:16:12
- Zuletzt bearbeitet 23.03.2026 18:32:57
Free5GC is an open-source Linux Foundation project for 5th generation (5G) mobile core networks. In versions prior to 1.4.2, the UDM incorrectly converts a downstream 400 Bad Request (from UDR) into a 500 Internal Server Error when handling DELETE re...
CVE-2026-33191
- EPSS 0.35%
- Veröffentlicht 20.03.2026 08:16:12
- Zuletzt bearbeitet 23.03.2026 18:24:15
Free5GC is an open-source Linux Foundation project for 5th generation (5G) mobile core networks. Versions prior to 1.4.2 are vulnerable to null byte injection in URL path parameters. A remote attacker can inject null bytes (URL-encoded as %00) into t...
CVE-2026-33192
- EPSS 0.32%
- Veröffentlicht 20.03.2026 08:09:07
- Zuletzt bearbeitet 23.03.2026 18:32:46
Free5GC is an open-source Linux Foundation project for 5th generation (5G) mobile core networks. In versions prior to 1.4.2, the UDM incorrectly converts a downstream 400 Bad Request (from UDR) into a 500 Internal Server Error when handling PATCH req...
CVE-2026-23278
- EPSS 0.17%
- Veröffentlicht 20.03.2026 08:08:58
- Zuletzt bearbeitet 04.07.2026 12:16:54
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: always walk all pending catchall elements During transaction processing we might have more than one catchall element: 1 live catchall element and 1 pending el...
- EPSS 0.12%
- Veröffentlicht 20.03.2026 08:08:57
- Zuletzt bearbeitet 18.04.2026 09:16:15
In the Linux kernel, the following vulnerability has been resolved: net/sched: teql: fix NULL pointer dereference in iptunnel_xmit on TEQL slave xmit teql_master_xmit() calls netdev_start_xmit(skb, slave) to transmit through slave devices, but does...