CVE-2026-53200
- EPSS 0.13%
- Veröffentlicht 25.06.2026 08:39:08
- Zuletzt bearbeitet 06.07.2026 12:32:25
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: nv: Fix handling of XN[0] when !FEAT_XNX XN has already been extracted from its bitfield position so using FIELD_PREP() on the mask that clears XN[0] is completely brok...
CVE-2026-53198
- EPSS 0.47%
- Veröffentlicht 25.06.2026 08:39:07
- Zuletzt bearbeitet 06.07.2026 12:32:35
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free of a deferred file_lock on double SMB2_CANCEL A deferred byte-range lock (an SMB2_LOCK that blocks) registers an async work on conn->async_requests via se...
CVE-2026-53196
- EPSS 0.28%
- Veröffentlicht 25.06.2026 08:39:06
- Zuletzt bearbeitet 15.07.2026 01:16:31
In the Linux kernel, the following vulnerability has been resolved: USB: serial: io_ti: fix heap overflow in get_manuf_info() get_manuf_info() reads le16_to_cpu(rom_desc->Size) bytes from the device I2C EEPROM into a buffer allocated with kmalloc_o...
CVE-2026-53197
- EPSS 0.1%
- Veröffentlicht 25.06.2026 08:39:06
- Zuletzt bearbeitet 06.07.2026 12:33:29
In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: fix ABBA deadlock in iptfs_destroy_state() iptfs_destroy_state() calls hrtimer_cancel() while holding a spinlock that the timer callback also acquires, leading to an A...
CVE-2026-53194
- EPSS 0.15%
- Veröffentlicht 25.06.2026 08:39:05
- Zuletzt bearbeitet 15.07.2026 01:16:30
In the Linux kernel, the following vulnerability has been resolved: USB: serial: kl5kusb105: fix bulk-out buffer overflow klsi_105_prepare_write_buffer() is called by the generic write path with the bulk-out buffer and its size (bulk_out_size, 64 b...
CVE-2026-53195
- EPSS 0.15%
- Veröffentlicht 25.06.2026 08:39:05
- Zuletzt bearbeitet 06.07.2026 12:36:28
In the Linux kernel, the following vulnerability has been resolved: USB: serial: io_ti: fix heap overflow in build_i2c_fw_hdr() build_i2c_fw_hdr() allocates a fixed-size buffer of (16*1024 - 512) + sizeof(struct ti_i2c_firmware_rec) bytes, then cop...
CVE-2026-53193
- EPSS 0.14%
- Veröffentlicht 25.06.2026 08:39:04
- Zuletzt bearbeitet 06.07.2026 12:37:04
In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Forcibly close timer instances at closing When snd_timer object is freed via snd_timer_free() and still pending snd_timer_instance objects are assigned to the timer ob...
CVE-2026-53191
- EPSS 0.14%
- Veröffentlicht 25.06.2026 08:39:03
- Zuletzt bearbeitet 06.07.2026 12:37:40
In the Linux kernel, the following vulnerability has been resolved: io_uring/net: inherit IORING_CQE_F_BUF_MORE across bundle recv retries When a bundle recv retries inside io_recv_finish(), the merge logic OR the saved cflags from the previous ite...
CVE-2026-53192
- EPSS 0.13%
- Veröffentlicht 25.06.2026 08:39:03
- Zuletzt bearbeitet 06.07.2026 12:37:12
In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Fix UAF at snd_timer_user_params() At releasing a timer object, e.g. when a userspace timer (CONFIG_SND_UTIMER) gets closed and snd_timer_free() is called, it tries to...
CVE-2026-53190
- EPSS 0.13%
- Veröffentlicht 25.06.2026 08:39:02
- Zuletzt bearbeitet 06.07.2026 12:38:01
In the Linux kernel, the following vulnerability has been resolved: drm/virtio: fix dma_fence refcount leak on error in virtio_gpu_dma_fence_wait() dma_fence_unwrap_for_each() internally calls dma_fence_unwrap_first() which does cursor->chain = dma...