use-after-free

CVE-2026-23319 is a classic example of how a small-looking kernel lifetime bug can become a real security concern once concurrency enters the picture. The Linux kernel issue sits in the BPF trampoline path, where a use-after-free can emerge when bpf_trampoline_link_cgroup_shim races with delayed...

The Linux kernel’s netfilter subsystem is getting an important corrective update for CVE-2026-23351, a flaw in the nft_set_pipapo set backend that can lead to a use-after-free condition and a local denial of service. The fix is not a simple bounds check or a small cleanup; it restructures...

CVE-2026-23340 has drawn attention because it sits squarely in a part of the Linux networking stack that most people never think about until something goes wrong: the qdisc layer that schedules packets before they hit a NIC. The bug is a race condition in the tx-queue shrinking path that can...

Google’s latest Chrome security update closes CVE-2026-4445, a use-after-free vulnerability in WebRTC that affected Chrome builds prior to 146.0.7680.153 and could let a remote attacker trigger heap corruption with a crafted HTML page. The defect has been classified as High severity, which...

The release of CVE-2026-4456 is another reminder that browser security increasingly hinges on tiny memory-lifetime mistakes with outsized consequences. Google says the flaw is a use-after-free in the Digital Credentials API, affecting Chrome versions before 146.0.7680.153, and that a remote...

The CVE-2026-4458 disclosure is a reminder that browser security still lives and dies by the smallest memory-management mistakes. According to the Microsoft Security Update Guide entry, the flaw is a use-after-free in Chromium Extensions affecting Google Chrome before 146.0.7680.153, and the...

Chromium’s CVE-2026-4454 is the kind of browser bug that can quietly become an enterprise headache long after the initial patch lands. Google describes it as a use-after-free in Network that could let a remote attacker potentially trigger heap corruption through a crafted HTML page, and it...

The page for CVE-2026-23191 is currently unavailable on Microsoft’s update guide, but the underlying Linux kernel issue is identifiable: ALSA: aloop: Fix racy access at PCM trigger. The upstream stable patch says the PCM trigger callback in the aloop driver was checking PCM state and stopping...

CVE-2026-23221 is another reminder that small-looking kernel bugs can have large security consequences: Microsoft’s update guide entry appears to have been removed or is temporarily unavailable, but the vulnerability title itself points to a use-after-free in the Linux fsl-mc bus code...

The Linux kernel’s perf subsystem has a new security-flavored bug fix on the table: CVE-2026-23248, described as a refcount bug and potential use-after-free in perf_mmap. The Microsoft Security Response Center entry currently returns a not-found page, but the title itself is enough to tell a...

Microsoft has recorded CVE-2026-26132 as a Windows Kernel use‑after‑free vulnerability that can be triggered by an authorized local user to gain elevated privileges, and administrators should treat it as a high‑priority remediation item in this month’s Patch Tuesday release. (msrc.microsoft.com)...

Microsoft has recorded CVE-2026-25171 as a local elevation-of-privilege (EoP) bug in Windows Authentication Methods — a use‑after‑free in authentication code that, if triggered by an already authorized local actor, can elevate privileges on an affected host; Microsoft’s advisory entry and...

Microsoft has published details for CVE-2026-25167, a use‑after‑free elevation‑of‑privilege flaw in the Microsoft Brokering File System (BFS) that can allow a locally‑accessible attacker to escalate to SYSTEM‑level privileges on unpatched machines; Microsoft lists the vulnerability in the March...

The Linux kernel's netfilter subsystem has a new, high-consequence memory-corruption fix that any Linux systems team running nftables must treat as urgent: CVE-2026-23231 patches a race-triggered use-after-free in nf_tables_addchain() that can leave published chain objects accessible to active...

The Linux kernel received a targeted fix for a subtle but potentially disruptive race condition in the NFS daemon (nfsd) that could lead to memory being accessed after it was freed. Tracked as CVE-2026-22980, the issue centers on handling of the NFSv4 grace period end — specifically the...

A subtle misstep in nftables object handling created a classic kernel-level use‑after‑free that has since rippled through distributions and cloud images: an nft object or expression could point to a set in a different nft table, and when that table was removed the remaining dangling reference...

A subtle race in the Linux kernel’s Unix-domain socket garbage collector can let the kernel free socket buffers (skbs) while another path still holds a pointer to them, producing a classic use‑after‑free (UAF) that can crash or destabilize systems and — in theory — open the door to more serious...

A recently disclosed Linux-kernel vulnerability, tracked as CVE-2023-51042, exposes a fence-related use‑after‑free in the AMD GPU driver (amdgpu) that was fixed upstream in the 6.4.12 stable release; the bug can crash affected kernels or otherwise deny availability to systems that accept...

A subtle timing bug deep in the Linux writeback code — a use‑after‑free in wb_inode_writeback_end() — can let an attacker trigger a kernel panic or sustained denial‑of‑service by removing a disk while writeback bookkeeping is still racing to schedule bandwidth‑estimation work; the flaw is...

The Linux kernel fix for CVE-2025-38211 closes a subtle but dangerous lifetime-management bug in the RDMA iWCM (InfiniBand/RDMA Connection Management) stack: work objects allocated per cm_id could be used after they were freed, causing kernel memory corruption and deterministic crashes that...