Posts of last 24 hours

CVE-2026-53114 | Linux Kernel up to 6.18.32/7.0.9 perf perf_allow_kernel hw permission (WID-SEC-2026-2077)
A vulnerability marked as critical has been reported in Linux Kernel up to 6.18.32/7.0.9. Affected by this vulnerability is the function perf_allow_kernel of the component perf. Performing a manipulation of the argument hw results in permission issues. This vulnerability is identified as CVE-2026-53114. The attack can only be performed from the local network. There is not any exploit available. It is suggested to upgrade the affected component.
https://vuldb.com/vuln/373462
CVE-2026-53115 | Linux Kernel up to 6.12.90/6.18.32/7.0.9 bus __driver_attach driver_override use after free (WID-SEC-2026-2077)
A vulnerability described as critical has been identified in Linux Kernel up to 6.12.90/6.18.32/7.0.9. Affected by this issue is the function __driver_attach of the component bus. Executing a manipulation of the argument driver_override can lead to use after free. This vulnerability is tracked as CVE-2026-53115. The attack is only possible within the local network. No exploit exists. Upgrading the affected component is recommended.
https://vuldb.com/vuln/373463
CVE-2026-53112 | Linux Kernel up to 7.0.9 wifi rtl_pci_init use after free (WID-SEC-2026-2077)
A vulnerability identified as critical has been detected in Linux Kernel up to 7.0.9. This impacts the function rtl_pci_init of the component wifi. This manipulation causes use after free. The identification of this vulnerability is CVE-2026-53112. The attack needs to be done within the local network. There is no exploit available. You should upgrade the affected component.
https://vuldb.com/vuln/373460
CVE-2026-53113 | Linux Kernel up to 7.0.9 wifi ath11k_mac_setup_bcn_tmpl_ema memory leak (WID-SEC-2026-2077)
A vulnerability labeled as critical has been found in Linux Kernel up to 7.0.9. Affected is the function ath11k_mac_setup_bcn_tmpl_ema of the component wifi. Such manipulation leads to memory leak. This vulnerability is referenced as CVE-2026-53113. The attack needs to be initiated within the local network. No exploit is available. The affected component should be upgraded.
https://vuldb.com/vuln/373461
CVE-2026-53109 | Linux Kernel up to 6.18.32/7.0.9 powerpc pte_free_defer context stack-based overflow (WID-SEC-2026-2077)
A vulnerability was found in Linux Kernel up to 6.18.32/7.0.9. It has been rated as critical. This affects the function pte_free_defer of the component powerpc. Performing a manipulation of the argument context results in stack-based buffer overflow. This vulnerability is cataloged as CVE-2026-53109. It is possible to initiate the attack remotely. There is no exploit available. Upgrading the affected component is advised.
https://vuldb.com/vuln/373360
CVE-2026-53111 | Linux Kernel up to 7.0.9 bpf dev null pointer dereference (WID-SEC-2026-2077)
A vulnerability marked as critical has been reported in Linux Kernel up to 6.1.174/6.6.140/6.12.90/6.18.32/7.0.9. Affected by this issue is some unknown functionality of the component bpf. This manipulation of the argument dev causes null pointer dereference. This vulnerability appears as CVE-2026-53111. The attacker needs to be present on the local network. There is no available exploit. It is suggested to upgrade the affected component.
https://vuldb.com/vuln/373364
CVE-2026-53110 | Linux Kernel up to 6.6.140/6.12.90/6.18.32/7.0.9 s390 kfunc data authenticity (WID-SEC-2026-2077)
A vulnerability categorized as critical has been discovered in Linux Kernel up to 6.6.140/6.12.90/6.18.32/7.0.9. This affects an unknown function of the component s390. The manipulation of the argument kfunc results in insufficient verification of data authenticity. This vulnerability was named CVE-2026-53110. The attack needs to be approached within the local network. There is no available exploit. It is advisable to upgrade the affected component.
https://vuldb.com/vuln/373459
CVE-2026-53108 | Linux Kernel up to 7.0.9 pgtable.c pmd_present locking (WID-SEC-2026-2077)
A vulnerability was found in Linux Kernel up to 7.0.9. It has been declared as critical. The impacted element is the function pmd_present of the file arch/powerpc/mm/book3s64/pgtable.c. Such manipulation leads to improper locking. This vulnerability is listed as CVE-2026-53108. The attack must be carried out from within the local network. There is no available exploit. It is recommended to upgrade the affected component.
https://vuldb.com/vuln/373359
CVE-2026-53107 | Linux Kernel up to 6.18.32/7.0.9 wifi usb_kill_urb privilege escalation (WID-SEC-2026-2077)
A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.18.32/7.0.9. Impacted is the function usb_kill_urb of the component wifi. The manipulation leads to privilege escalation. This vulnerability is uniquely identified as CVE-2026-53107. The attack can only be initiated within the local network. No exploit exists. It is advisable to upgrade the affected component.
https://vuldb.com/vuln/373368
CVE-2026-13574 | llvm llvm-project up to 22.1.6 Bitcode File IntrinsicInst.cpp getBasePtr heap-based overflow (Issue 199191)
A vulnerability marked as problematic has been reported in llvm llvm-project up to 22.1.6. This impacts the function GCRelocateInst::getBasePtr in the library llvm/lib/IR/IntrinsicInst.cpp of the component Bitcode File Handler. This manipulation causes heap-based buffer overflow. This vulnerability is handled as CVE-2026-13574. It is possible to launch the attack on the local host. Additionally, an exploit exists. The project was informed of the problem early through an issue report but has not responded yet.
https://vuldb.com/vuln/374582

Managed ad