Lucene search
K

226447 matches found

Debian CVE
Debian CVE
added 2026/06/24 4:28 p.m.3 views

CVE-2026-52962

In the Linux kernel, the following vulnerability has been resolved: ceph: fix a buffer leak in cephsetxattr The oldblob in cephsetxattr can store ci-ixattrs.preallocblob value during the retry. However, it is never called the cephbufferput for the oldblob object. This patch fixes the issue of the...

5.9AI score0.00184EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/06/24 4:28 p.m.5 views

CVE-2026-52960

In the Linux kernel, the following vulnerability has been resolved: ceph: put folios not suitable for writeback The batch holds references to the folios see filemapgetfolios, foliobatchrelease, so we need to folioput the folios we remove. Tested on v6.18...

7.5CVSS5.8AI score0.00359EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/06/24 4:28 p.m.8 views

CVE-2026-52960

CVE-2026-52960 affects the Linux kernel Ceph component: when removing folios not suitable for writeback, the batch may hold references to folios and fail to release them, causing a resource leak. This could lead to DoS via resource exhaustion. The issue is resolved in the Linux kernel, with tests...

7.5CVSS5.8AI score0.00359EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 4:28 p.m.27 views

CVE-2026-52960 ceph: put folios not suitable for writeback

In the Linux kernel, the following vulnerability has been resolved: ceph: put folios not suitable for writeback The batch holds references to the folios see filemapgetfolios, foliobatchrelease, so we need to folioput the folios we remove. Tested on v6.18...

7.5CVSS0.00359EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/24 4:28 p.m.4 views

CVE-2026-52960

In the Linux kernel, the following vulnerability has been resolved: ceph: put folios not suitable for writeback The batch holds references to the folios see filemapgetfolios, foliobatchrelease, so we need to folioput the folios we remove. Tested on v6.18...

7.5CVSS5.7AI score0.00359EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/06/24 4:28 p.m.4 views

CVE-2026-52961

In the Linux kernel, the following vulnerability has been resolved: ceph: fix BUGON in cephbuildxattrsblob due to stale blob size The generic/642 test-case can reproduce the kernel crash: 40243.605254 ------------ cut here ------------ 40243.605956 kernel BUG at fs/ceph/xattr.c:918! 40243.607142...

5.7AI score0.00198EPSS
Exploits0
CVE
CVE
added 2026/06/24 4:28 p.m.9 views

CVE-2026-52959

The CVE-2026-52959 issue affects the Linux kernel SEV guest module. During an extended guest request (SVM_VMGEXIT_EXT_GUEST_REQUEST), get_ext_report() allocates a buffer for a host certificate blob and stores its size in report_req->certs_len. The host may return SNP_GUEST_VMM_ERR_INVALID_LEN ...

7.8CVSS5.9AI score0.00093EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/24 4:28 p.m.27 views

CVE-2026-52959 virt: sev-guest: Do not use host-controlled page order in cleanup path

In the Linux kernel, the following vulnerability has been resolved: virt: sev-guest: Do not use host-controlled page order in cleanup path When issuing an extended guest request SVMVMGEXITEXTGUESTREQUEST, getextreport allocates a buffer to retrieve a certificate blob from the host, keeping track ...

7.8CVSS0.00093EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/24 4:28 p.m.5 views

CVE-2026-52959

In the Linux kernel, the following vulnerability has been resolved: virt: sev-guest: Do not use host-controlled page order in cleanup path When issuing an extended guest request SVMVMGEXITEXTGUESTREQUEST, getextreport allocates a buffer to retrieve a certificate blob from the host, keeping track ...

7.8CVSS5.8AI score0.00093EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/06/24 4:28 p.m.5 views

CVE-2026-52957

In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential null-ptr-deref in decodechooseargs A message of type CEPHMSGOSDMAP contains an OSD map that itself contains a CRUSH map. When decoding this CRUSH map in crushdecode, an array of maxbuckets CRUSH buckets is...

7.5CVSS5.7AI score0.0053EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2026/06/24 4:28 p.m.26 views

CVE-2026-52958 libceph: Fix potential out-of-bounds access in osdmap_decode()

In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in osdmapdecode When decoding osdstate and osdweight from an incoming osdmap in osdmapdecode, both are decoded for each osd, i.e., map-maxosd times. The cephdecodeneed check only accoun...

9.1CVSS0.00544EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2026/06/24 4:28 p.m.4 views

CVE-2026-52957

In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential null-ptr-deref in decodechooseargs A message of type CEPHMSGOSDMAP contains an OSD map that itself contains a CRUSH map. When decoding this CRUSH map in crushdecode, an array of maxbuckets CRUSH buckets is...

7.5CVSS5.6AI score0.0053EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/06/24 4:28 p.m.5 views

CVE-2026-52958

In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in osdmapdecode When decoding osdstate and osdweight from an incoming osdmap in osdmapdecode, both are decoded for each osd, i.e., map-maxosd times. The cephdecodeneed check only accoun...

9.1CVSS5.7AI score0.00544EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/06/24 4:28 p.m.3 views

CVE-2026-52956

In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in cephxdecrypt In cephxdecrypt, a part of the buffer p is interpreted as a cephxencryptheader, and the magic field of this struct is accessed. This happens without any guarantee that t...

7.5CVSS5.8AI score0.00359EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/06/24 4:28 p.m.4 views

CVE-2026-52955

In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in crushdecode A message of type CEPHMSGOSDMAP containing a crush map with at least one bucket has two fields holding the bucket algorithm. If the values in these two fields differ, an...

9.8CVSS5.7AI score0.00377EPSS
Exploits0References9Affected Software1
Debian CVE
Debian CVE
added 2026/06/24 4:28 p.m.5 views

CVE-2026-52955

In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in crushdecode A message of type CEPHMSGOSDMAP containing a crush map with at least one bucket has two fields holding the bucket algorithm. If the values in these two fields differ, an...

9.8CVSS5.7AI score0.00377EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/06/24 4:28 p.m.7 views

CVE-2026-52954

In the Linux kernel, the following vulnerability has been resolved: libceph: handle rbtree insertion error in decodechooseargs A message of type CEPHMSGOSDMAP contains an OSD map that itself contains a CRUSH map. The received CRUSH map may optionally contain chooseargs that get decoded in...

7.5CVSS5.7AI score0.0053EPSS
Exploits0References9Affected Software1
CVE
CVE
added 2026/06/24 4:28 p.m.7 views

CVE-2026-52954

The CVE-2026-52954 issue affects the Linux kernel libceph component. A crafted CEPH_MSG_OSD_MAP can carry a CRUSH map with two crush_choose_arg_maps sharing the same index, causing an assertion in insert_choose_arg_map() to trigger a kernel BUG when inserting the second entry. The vulnerability c...

7.5CVSS5.7AI score0.0053EPSS
Exploits0References8
CVE
CVE
added 2026/06/24 4:28 p.m.6 views

CVE-2026-52953

The CVE-2026-52953 issue affects the Linux kernel IOMMU VT-d subsystem, where an out-of-scope memory access could trigger a general protection fault (kernel oops) when a QEMU process is terminated. The triggering path involves domain_remove_dev_pasid and related IOMMU PASID handling, with a dummy...

7.1CVSS5.7AI score0.00133EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/24 4:28 p.m.27 views

CVE-2026-52954 libceph: handle rbtree insertion error in decode_choose_args()

In the Linux kernel, the following vulnerability has been resolved: libceph: handle rbtree insertion error in decodechooseargs A message of type CEPHMSGOSDMAP contains an OSD map that itself contains a CRUSH map. The received CRUSH map may optionally contain chooseargs that get decoded in...

7.5CVSS0.0053EPSS
Exploits0References8
Rows per page
Query Builder