Lucene search
K

10896 matches found

astralinux
astralinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: mmc: rtsxpci: fixed the return value check in mmcaddhost The mmcaddhost function may return an error. If we ignore its return value, the memory allocated by mmcallochost will be leaked, leading to a kernel crash due to the...

5.5CVSS5.8AI score0.00145EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux

The vgacon subsystem in the Linux kernel before version 5.8.10 mishandles software scrollback operations. There is an out-of-bounds read in vgaconscrolldelta, also known as CID-973c096f6a85...

5.9CVSS6.7AI score0.00519EPSS
Exploits1References1
astralinux
astralinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux

A locking issue was discovered in the tty subsystem of the Linux kernel through version 5.9.13. The file drivers/tty/ttyjobctrl.c allows for a use-after-free attack against TIOCSPGRP, also known as CID-54ffccbf053b...

7.8CVSS6.7AI score0.01129EPSS
Exploits2References2
astralinux
astralinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux

A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through version 5.9.13. Files drivers/tty/ttyio.c and drivers/tty/ttyjobctrl.c may allow a read-after-free attack on TIOCGSID, also known as CID-c8bcd9c5be24...

4.4CVSS6.6AI score0.00468EPSS
Exploits1References1
astralinux
astralinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux

A flaw was discovered in the Linux kernel. A use-after-free occurred in the way the console subsystem utilized ioctls KDGKBSENT and KDSKBSENT. A local user could exploit this flaw to gain access to memory beyond its intended scope. The most significant threat posed by this vulnerability is to dat...

4.1CVSS6.7AI score0.00434EPSS
Exploits1References1
astralinux
astralinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux

A flaw was discovered in the Linux kernel. A memory use-after-free vulnerability was identified in the perf subsystem, allowing a local attacker with permission to monitor perf events, thereby corrupting memory and potentially escalating privileges. The most significant threat of this vulnerabili...

7.8CVSS6.6AI score0.00302EPSS
Exploits0References1
ibm
ibm
added 2026/06/18 5:57 p.m.51 views

Security Bulletin: Dirty COW Vulnerability (CVE-2016-5195)

Question Security Bulletin: Dirty COW Vulnerability CVE-2016-5195 "Business Unit":"code":"BU059","label":"IBM Software w/o TPS","Product":"code":"SS8NDZ","label":"IBM Aspera","Component":"","Platform":"code":"PF025","label":"Platform Independent","Version":"All Versions","Edition":"","Line of...

7.2CVSS7.1AI score0.83524EPSS
Exploits82Affected Software1
osv
osv
added 2026/06/17 10:34 a.m.4 views

USN-8390-2 linux-azure, linux-gcp, linux-hwe, linux-oracle vulnerability

It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...

8.8CVSS7AI score0.93235EPSS
Exploits31References2
ubuntu
ubuntu
added 2026/06/17 10:34 a.m.16 views

USN-8390-2: Linux kernel vulnerability

It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...

8.8CVSS5.8AI score0.93235EPSS
Exploits31
redhat
redhat
added 2026/06/17 9:22 a.m.6 views

kernel: scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count()

A use-after-free flaw was found in the Linux kernel's iSCSI target subsystem. In the iscsitdecconnusagecount function, complete is called while still holding the conn-connusagelock spinlock. The waiting thread such as iscsitcloseconnection may wake up immediately and free the iscsitconn structure...

7.8CVSS5.3AI score0.00117EPSS
Exploits0References5
redhat
redhat
added 2026/06/17 6:53 a.m.7 views

kernel: mm/page_alloc: clear page->private in free_pages_prepare()

A flaw was found in the Linux kernel's memory management subsystem. When pages are freed, the page-private field is not properly cleared. If these pages are later reallocated as high-order pages and split, the tail pages can retain stale page-private values. This can lead to a use-after-free...

7.8CVSS5.4AI score0.0013EPSS
Exploits0References5
redhat
redhat
added 2026/06/17 1:20 a.m.7 views

kernel: mm/page_alloc: clear page->private in free_pages_prepare()

A flaw was found in the Linux kernel's memory management subsystem. When pages are freed, the page-private field is not properly cleared. If these pages are later reallocated as high-order pages and split, the tail pages can retain stale page-private values. This can lead to a use-after-free...

7.8CVSS5.4AI score0.0013EPSS
Exploits0References5
nessus
nessus
added 2026/06/17 12:0 a.m.9 views

Ubuntu 20.04 LTS : Linux kernel (Oracle) vulnerabilities (USN-8439-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8439-1 advisory. Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission chec...

9.8CVSS7.2AI score0.15783EPSS
Exploits14References9
ubuntu
ubuntu
added 2026/06/16 10:14 p.m.23 views

USN-8426-2: Linux kernel (Azure) vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 It was discovered that the Linux kernel did n...

9.8CVSS5.9AI score0.96267EPSS
Exploits283
osv
osv
added 2026/06/16 7:54 p.m.5 views

USN-8439-1 linux-oracle-5.15 vulnerabilities

Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges. CVE-2023-2640 Shir Tamari and Sagi Tzadik...

9.8CVSS7.1AI score0.15783EPSS
Exploits14References9
redhat
redhat
added 2026/06/16 7:17 p.m.8 views

kernel: wifi: mac80211: drop stray 'static' from fast-RX rx_result

A flaw was found in the Linux kernel's Wi-Fi mac80211 subsystem. The ieee80211invokefastrx function uses a static variable for rxresult, which is shared across concurrent calls. This can lead to incorrect processing of Wi-Fi packets, where a packet might be mishandled or its status incorrectly...

8.8CVSS5.4AI score0.00167EPSS
Exploits0References5
redhat
redhat
added 2026/06/16 7:17 p.m.7 views

kernel: wifi: mac80211: remove station if connection prep fails

A flaw was found in the Linux kernel's mac80211 Wi-Fi subsystem. When Multi-Link Operation MLO connection preparation fails, the system may not correctly remove the associated station. This can lead to a use-after-free or double-free vulnerability in the debugfs component, potentially causing...

8.8CVSS5.4AI score0.00302EPSS
Exploits0References5
redhat
redhat
added 2026/06/16 7:17 p.m.8 views

kernel: Bluetooth: hci_event: fix potential UAF in SSP passkey handlers

A flaw was found in the Linux kernel's Bluetooth subsystem. This vulnerability, a Use-After-Free UAF, exists within the Secure Simple Pairing SSP passkey handlers. It occurs when hciconn lookup and field access are performed without proper locking, allowing a connection to be freed concurrently...

8.8CVSS5.8AI score0.00262EPSS
Exploits0References5
redhat
redhat
added 2026/06/16 6:39 p.m.9 views

kernel: wifi: mac80211: remove station if connection prep fails

A flaw was found in the Linux kernel's mac80211 Wi-Fi subsystem. When Multi-Link Operation MLO connection preparation fails, the system may not correctly remove the associated station. This can lead to a use-after-free or double-free vulnerability in the debugfs component, potentially causing...

8.8CVSS5.4AI score0.00302EPSS
Exploits0References5
redhat
redhat
added 2026/06/16 6:39 p.m.8 views

kernel: wifi: mac80211: drop stray 'static' from fast-RX rx_result

A flaw was found in the Linux kernel's Wi-Fi mac80211 subsystem. The ieee80211invokefastrx function uses a static variable for rxresult, which is shared across concurrent calls. This can lead to incorrect processing of Wi-Fi packets, where a packet might be mishandled or its status incorrectly...

8.8CVSS5.4AI score0.00167EPSS
Exploits0References5
Rows per page
Query Builder