CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

15 matches found

AstraLinux•added 2026/05/03 11:59 p.m.•1 views

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

A vulnerability was discovered in vhostnewmsg in drivers/vhost/vhost.c within the Linux kernel. This issue arises due to the improper initialization of memory in messages transmitted between virtual guests and the host operating system, as implemented in the vhostnewmsg function. This vulnerabili...

5.5CVSS6.7AI score0.00006EPSS

Exploits0References2

Tenable Nessus•added 2026/01/15 12:0 a.m.•1 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002568)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002568 advisory. Linux kernel vhost since version 4.8 does not properly initialize memory in messages passed between virtual guests and the host operating system in the...

5.5CVSS6.4AI score0.00108EPSS

Exploits0References10

NVD•added 2024/01/09 6:15 p.m.•18 views

CVE-2024-0340

A vulnerability was found in vhostnewmsg in drivers/vhost/vhost.c in the Linux kernel, which does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhostnewmsg function. This issue can allow local privileged users to read...

5.5CVSS5.4AI score0.00006EPSS

Exploits0References9

Prion•added 2024/01/09 6:15 p.m.•25 views

Design/Logic Flaw

1.7CVSS6.5AI score0.00006EPSS

Exploits0References3Affected Software1

Debian CVE•added 2024/01/09 5:36 p.m.•36 views

CVE-2024-0340

5.5CVSS6.8AI score0.00006EPSS

Exploits0

CVE•added 2024/01/09 5:36 p.m.•347 views

CVE-2024-0340

CVE-2024-0340 is confirmed in the Linux kernel, affecting the vhost_new_msg path in drivers/vhost/vhost.c. The issue arises from memory not being properly initialized when building messages exchanged between virtual guests and the host via /dev/vhost-net, enabling local privileged users to read k...

5.5CVSS4.8AI score0.00006EPSS

Exploits0References9Affected Software1

SUSE CVE•added 2023/02/15 4:34 a.m.•1 views

SUSE CVE-2018-1118

Linux kernel vhost since version 4.8 does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhostnewmsg function. This can allow local privileged users to read some kernel memory contents when reading from the /dev/vhost-ne...

5.5CVSS7.5AI score0.00108EPSS

Exploits0References7

Veracode•added 2020/11/05 3:9 a.m.•55 views

Denial Of Service (DoS)

kernel is vulnerable to denial of service DoS.Lack of validation in getrawsocket in drivers/vhost/net.c of an skfamily field allows to attacker perform ioctl2 calls on the '/dev/vhost-net' device may use this flaw to crash the kernel...

5.3CVSS3.3AI score0.00073EPSS

Exploits1References18Affected Software2

RedhatCVE•added 2020/01/13 9:32 p.m.•35 views

CVE-2018-1118

The Linux kernel does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhostnewmsg function. This can allow local privileged users to read some kernel memory contents when reading from the /dev/vhost-net device file...

5.5CVSS5AI score0.00108EPSS

Exploits0References1

Veracode•added 2019/05/16 3:18 a.m.•35 views

Information Disclosure

Linux kernel is vulnerable to information disclosure vulnerability. This is because Linux kernel does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhostnewmsg function. A privileged user could read some memory contents...

5.5CVSS5.7AI score0.00108EPSS

Exploits1References30Affected Software2