|
2691
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
srcu: Use irq_work to start GP in tiny SRCU
Tiny SRCU's srcu_gp_start_if_needed() directly calls schedule_work(),
which acquires …
|
NVD-CWE-noinfo
|
CVE-2026-43115
|
2026-05-9 02:51 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2692
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
netfilter: ctnetlink: ensure safe access to master conntrack
Holding reference on the expectation is not sufficient, the master
c…
|
CWE-362
Race Condition
|
CVE-2026-43116
|
2026-05-9 02:49 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2693
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
iommu/vt-d: Flush dev-IOTLB only when PCIe device is accessible in scalable mode
Commit 4fc82cd907ac ("iommu/vt-d: Don't issue AT…
|
NVD-CWE-noinfo
|
CVE-2026-43130
|
2026-05-9 02:44 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2694
|
9.1 |
CRITICAL
Network
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
btrfs: tracepoints: get correct superblock from dentry in event btrfs_sync_file()
If overlay is used on top of btrfs, dentry->d_s…
|
NVD-CWE-noinfo
|
CVE-2026-43117
|
2026-05-9 02:43 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2695
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/pm: Fix null pointer dereference issue
If SMU is disabled, during RAS initialization,
there will be null pointer derefere…
|
CWE-476
NULL Pointer Dereference
|
CVE-2026-43131
|
2026-05-9 02:42 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2696
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
btrfs: fix zero size inode with non-zero size after log replay
When logging that an inode exists, as part of logging a new name o…
|
NVD-CWE-noinfo
|
CVE-2026-43118
|
2026-05-9 02:30 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2697
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
dm-verity: correctly handle dm_bufio_client_create() failure
If either of the calls to dm_bufio_client_create() in verity_fec_ctr…
|
NVD-CWE-noinfo
|
CVE-2026-43132
|
2026-05-9 02:26 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2698
|
7.9 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
KVM: nSVM: Always use vmcb01 in VMLOAD/VMSAVE emulation
Commit cc3ed80ae69f ("KVM: nSVM: always use vmcb01 to for vmsave/vmload
o…
|
NVD-CWE-noinfo
|
CVE-2026-43133
|
2026-05-9 02:25 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2699
|
4.8 |
MEDIUM
Network
|
linuxcontainers
|
incus
|
Incus is a system container and virtual machine manager. In versions before 7.0.0, broken TLS validation logic in the OVN database connection logic can allow connections to an attacker's OVN database…
|
CWE-295
Improper Certificate Validation
|
CVE-2026-40243
|
2026-05-9 02:23 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2700
|
8.2 |
HIGH
Network
|
quarkus
|
quarkus
|
Quarkus is a Java framework for building cloud-native applications. In versions prior to 3.20.6.1, 3.27.3.1, 3.33.1.1, 3.35.1.1, 3.34.7, and 3.35.2, a path normalization inconsistency between the sec…
|
CWE-863
Incorrect Authorization
|
CVE-2026-39852
|
2026-05-9 02:18 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
