|
3151
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:
af_unix: Abandonar la recolección de basura (GC) si MSG_PEEK intervino.
Igor Ushakov informó que la recolección de basura (GC) p…
|
CWE-362
Race Condition
|
CVE-2026-23394
|
2026-04-25 00:20 |
2026-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3152
|
8.8 |
HIGH
Adjacent
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: L2CAP: Fix accepting multiple L2CAP_ECRED_CONN_REQ
Currently the code attempts to accept requests regardless of the
co…
|
NVD-CWE-noinfo
|
CVE-2026-23395
|
2026-04-25 00:20 |
2026-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3153
|
8.8 |
HIGH
Adjacent
|
linux
|
linux_kernel
|
En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:
Bluetooth: L2CAP: Corrección para aceptar múltiples L2CAP_ECRED_CONN_REQ
Actualmente, el código intenta aceptar solicitudes inde…
|
NVD-CWE-noinfo
|
CVE-2026-23395
|
2026-04-25 00:20 |
2026-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3154
|
8.2 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
xen/privcmd: restrict usage in unprivileged domU
The Xen privcmd driver allows to issue arbitrary hypercalls from
user space proc…
|
NVD-CWE-noinfo
|
CVE-2026-31788
|
2026-04-25 00:19 |
2026-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3155
|
8.2 |
HIGH
Local
|
linux
|
linux_kernel
|
En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:
xen/privcmd: restringir el uso en domU no privilegiado
El controlador Xen privcmd permite emitir hiperllamadas arbitrarias desde…
|
NVD-CWE-noinfo
|
CVE-2026-31788
|
2026-04-25 00:19 |
2026-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3156
|
8.8 |
HIGH
Network
|
pyload-ng_project
|
pyload-ng
|
pyLoad is a free and open-source download manager written in Python. In 0.5.0b3.dev96 and earlier, the ADMIN_ONLY_OPTIONS protection mechanism restricts security-critical configuration values (reconn…
|
CWE-78
OS Command
|
CVE-2026-35463
|
2026-04-25 00:18 |
2026-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3157
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
wifi: mac80211: fix NULL deref in mesh_matches_local()
mesh_matches_local() unconditionally dereferences ie->mesh_config to
compa…
|
CWE-476
NULL Pointer Dereference
|
CVE-2026-23396
|
2026-04-25 00:18 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3158
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:
wifi: mac80211: corrige desreferencia de NULL en mesh_matches_local()
mesh_matches_local() desreferencia incondicionalmente ie-&…
|
CWE-476
NULL Pointer Dereference
|
CVE-2026-23396
|
2026-04-25 00:18 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3159
|
7.1 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
nfnetlink_osf: validate individual option lengths in fingerprints
nfnl_osf_add_callback() validates opt_num bounds and string
NUL…
|
CWE-125
Out-of-bounds Read
|
CVE-2026-23397
|
2026-04-25 00:18 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3160
|
7.1 |
HIGH
Local
|
linux
|
linux_kernel
|
En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:
nfnetlink_osf: validar longitudes de opciones individuales en huellas digitales
nfnl_osf_add_callback() valida los límites de op…
|
CWE-125
Out-of-bounds Read
|
CVE-2026-23397
|
2026-04-25 00:18 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
