Lucene search
+L

966 matches found

Debian CVE
Debian CVE
added 2026/05/08 2:22 p.m.8 views

CVE-2026-43435

In the Linux kernel, the following vulnerability has been resolved: rustbinder: fix oneway spam detection The spam detection logic in TreeRange was executed before the current request was inserted into the tree. So the new request was not being factored in the spam calculation. Fix this by moving...

5.5CVSS5.7AI score0.00121EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/05/08 2:22 p.m.10 views

CVE-2026-43434

In the Linux kernel, the following vulnerability has been resolved: rustbinder: check ownership before using vma When installing missing pages or zapping them, Rust Binder will look up the vma in the mm by address, and then call vminsertpage or zappagerangesingle. However, if the vma is closed an...

5.7AI score0.00128EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/08 2:22 p.m.5 views

CVE-2026-43435

In the Linux kernel, the following vulnerability has been resolved: rustbinder: fix oneway spam detection The spam detection logic in TreeRange was executed before the current request was inserted into the tree. So the new request was not being factored in the spam calculation. Fix this by moving...

5.7AI score0.00121EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/05/08 2:22 p.m.36 views

CVE-2026-43434 rust_binder: check ownership before using vma

In the Linux kernel, the following vulnerability has been resolved: rustbinder: check ownership before using vma When installing missing pages or zapping them, Rust Binder will look up the vma in the mm by address, and then call vminsertpage or zappagerangesingle. However, if the vma is closed an...

7.8CVSS0.00128EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/08 2:22 p.m.39 views

CVE-2026-43435 rust_binder: fix oneway spam detection

In the Linux kernel, the following vulnerability has been resolved: rustbinder: fix oneway spam detection The spam detection logic in TreeRange was executed before the current request was inserted into the tree. So the new request was not being factored in the spam calculation. Fix this by moving...

0.00121EPSS
Exploits0References3
CVE
CVE
added 2026/05/08 2:22 p.m.34 views

CVE-2026-43435

CVE-2026-43435 relates to the Linux kernel rust_binder component where the oneway spam-detection logic in TreeRange (and missing logic in ArrayRange) could allow large spamming transactions to go undetected. The fix moves the spam-check after the new range is inserted and adds an equivalent low_o...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2026/05/08 2:22 p.m.9 views

CVE-2026-43434

In the Linux kernel, the following vulnerability has been resolved: rustbinder: check ownership before using vma When installing missing pages or zapping them, Rust Binder will look up the vma in the mm by address, and then call vminsertpage or zappagerangesingle. However, if the vma is closed an...

7.8CVSS5.7AI score0.00128EPSS
Exploits0
OSV
OSV
added 2026/05/08 2:22 p.m.3 views

CVE-2026-43434 rust_binder: check ownership before using vma

In the Linux kernel, the following vulnerability has been resolved: rustbinder: check ownership before using vma When installing missing pages or zapping them, Rust Binder will look up the vma in the mm by address, and then call vminsertpage or zappagerangesingle. However, if the vma is closed an...

7.8CVSS6.5AI score0.00128EPSS
Exploits0References6
OSV
OSV
added 2026/05/08 2:22 p.m.2 views

CVE-2026-43435 rust_binder: fix oneway spam detection

In the Linux kernel, the following vulnerability has been resolved: rustbinder: fix oneway spam detection The spam detection logic in TreeRange was executed before the current request was inserted into the tree. So the new request was not being factored in the spam calculation. Fix this by moving...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/05/08 2:22 p.m.5 views

CVE-2026-43433

In the Linux kernel, the following vulnerability has been resolved: rustbinder: avoid reading the written value in offsets array When sending a transaction, its offsets array is first copied into the target proc's vma, and then the values are read back from there. This is normally fine because th...

5.7AI score0.00099EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/05/08 2:22 p.m.17 views

CVE-2026-43433

The CVE-2026-43433 entry refers to a Linux kernel issue in the rust_binder component: a TOCTOU opportunity where a local process that can write to its own VMA could alter the offsets array before it is read back during a transaction, potentially enabling privilege escalation to the sender. The fi...

7.8CVSS5.7AI score0.00099EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2026/05/08 2:22 p.m.7 views

CVE-2026-43433

In the Linux kernel, the following vulnerability has been resolved: rustbinder: avoid reading the written value in offsets array When sending a transaction, its offsets array is first copied into the target proc's vma, and then the values are read back from there. This is normally fine because th...

7.8CVSS5.7AI score0.00099EPSS
Exploits0
Cvelist
Cvelist
added 2026/05/08 2:22 p.m.44 views

CVE-2026-43433 rust_binder: avoid reading the written value in offsets array

In the Linux kernel, the following vulnerability has been resolved: rustbinder: avoid reading the written value in offsets array When sending a transaction, its offsets array is first copied into the target proc's vma, and then the values are read back from there. This is normally fine because th...

7.8CVSS0.00099EPSS
Exploits0References3
OSV
OSV
added 2026/05/08 2:22 p.m.3 views

CVE-2026-43433 rust_binder: avoid reading the written value in offsets array

In the Linux kernel, the following vulnerability has been resolved: rustbinder: avoid reading the written value in offsets array When sending a transaction, its offsets array is first copied into the target proc's vma, and then the values are read back from there. This is normally fine because th...

7.8CVSS6.5AI score0.00099EPSS
Exploits0References6
vulnersOsv
vulnersOsv
added 2026/05/08 12:0 a.m.8 views

ch.sbb:spring-cloud-stream-binder-solace (>=8.0.0 <=9.0.2), cn.herodotus.dante:dante-authentication-autoconfigure (>=4.0.0.0-M2 <=4.0.0.0-M3) +157 more potentially affected by CVE-2026-40989 via org.springframework.cloud:spring-cloud-function-context (>=5.0.0-M1 <=5.0.1)

org.springframework.cloud:spring-cloud-function-context MAVEN version =5.0.0-M1, =8.0.0, =4.0.0.0-M2, =4.0.0.0-M2, =4.0.0.0-M2, =6.0.0-beta.2, =6.0.0-beta.2, =6.0.0-beta.2, =6.0.0-beta.2, =6.0.0-beta.2, =6.0.0-beta.2, =1.0.0, =1.0.0, =2.0.0-RC1, =8.0.4 and more S...

6.5CVSS5.4AI score0.00211EPSS
Exploits0
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, caused by an error in the execution order of the one-way garbage detection logic in rustbinder, as well as the...

5.5CVSS5.9AI score0.00121EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of checks for vma ownership in rustbinder, allowing pages to be installed into the wrong...

7.8CVSS5.8AI score0.00128EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an issue with TOCTOU function calls in the rustbinder module. This vulnerability could allow the...

7.8CVSS5.8AI score0.00099EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.13 views

PT-2026-39096

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the rust binder component where oneway spam detection was flawed. In TreeRange, the spam detection logic executed before the current request was inserted into the tree...

5.8AI score0.00121EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.13 views

PT-2026-39094

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Time-of-Check to Time-of-Use TOCTOU issue exists in the rust binder component. When a transaction is sent, the offsets array is copied into the target process's virtual memory area VMA...

7.8CVSS5.8AI score0.00099EPSS
Exploits0References6
Rows per page
Query Builder