|
1311
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drbd: fix "LOGIC BUG" in drbd_al_begin_io_nonblock()
Even though we check that we "should" be able to do lc_get_cumulative()
whil…
|
CWE-617
Reachable Assertion
|
CVE-2026-23356
|
2026-04-25 04:06 |
2026-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1312
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:
drbd: corrige el 'LOGIC BUG' en drbd_al_begin_io_nonblock()
Aunque verificamos que "deberíamos" poder hacer lc_get_cumulative() …
|
CWE-617
Reachable Assertion
|
CVE-2026-23356
|
2026-04-25 04:06 |
2026-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1313
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
can: mcp251x: fix deadlock in error path of mcp251x_open
The mcp251x_open() function call free_irq() in its error path with the
m…
|
CWE-667
Improper Locking
|
CVE-2026-23357
|
2026-04-25 04:04 |
2026-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1314
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:
can: mcp251x: corregir interbloqueo en la ruta de error de mcp251x_open
La función mcp251x_open() llama a free_irq() en su ruta …
|
CWE-667
Improper Locking
|
CVE-2026-23357
|
2026-04-25 04:04 |
2026-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1315
|
4.7 |
MEDIUM
Local
|
uutils
|
coreutils
|
A Time-of-Check to Time-of-Use (TOCTOU) vulnerability exists in the mv utility of uutils coreutils during cross-device moves. The extended attribute (xattr) preservation logic uses multiple path-base…
|
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2026-35354
|
2026-04-25 04:04 |
2026-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1316
|
6.6 |
MEDIUM
Local
|
uutils
|
coreutils
|
The cp utility in uutils coreutils fails to properly handle setuid and setgid bits when ownership preservation fails. When copying with the -p (preserve) flag, the utility applies the source mode bit…
|
CWE-281
Improper Preservation of Permissions
|
CVE-2026-35350
|
2026-04-25 04:04 |
2026-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1317
|
5.7 |
MEDIUM
Adjacent
|
openclaw
|
openclaw
|
OpenClaw before 2026.4.2 accepts non-loopback cleartext ws:// gateway endpoints and transmits stored gateway credentials over unencrypted connections. Attackers can forge discovery results or craft s…
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2026-40045
|
2026-04-25 04:03 |
2026-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1318
|
7.0 |
HIGH
Local
|
uutils
|
coreutils
|
A Time-of-Check to Time-of-Use (TOCTOU) race condition exists in the mkfifo utility of uutils coreutils. The utility creates a FIFO and then performs a path-based chmod to set permissions. A local at…
|
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2026-35352
|
2026-04-25 04:03 |
2026-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1319
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu: Fix error handling in slot reset
If the device has not recovered after slot reset is called, it goes to
out label for…
|
CWE-908
Use of Uninitialized Resource
|
CVE-2026-23358
|
2026-04-25 04:03 |
2026-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1320
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:
drm/amdgpu: Corregir el manejo de errores en el reinicio de ranura
Si el dispositivo no se ha recuperado después de que se llama…
|
CWE-908
Use of Uninitialized Resource
|
CVE-2026-23358
|
2026-04-25 04:03 |
2026-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
