Lucene search
K

1004 matches found

OSV
OSV
added 2026/02/12 9:39 a.m.8 views

USN-8030-1 linux-gcp vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - Nios II architecture; - PA-RISC architecture; - RISC-V architecture; -...

7.8CVSS6.5AI score0.00517EPSS
Exploits4References367
RedHat Linux
RedHat Linux
added 2026/02/11 2:6 p.m.4 views

kernel: libceph: fix potential use-after-free in have_mon_and_osd_map()

A use-after-free vulnerability was found in the Ceph client session initialization in the Linux kernel. The havemonandosdmap function checks map epochs without holding the appropriate locks, racing with concurrent map updates that free the old map. This can result in dereferencing freed memory...

5.8AI score0.00173EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/02/01 12:23 a.m.7 views

SUSE CVE-2026-23032

In the Linux kernel, the following vulnerability has been resolved: nullblk: fix kmemleak by releasing references to fault configfs items When CONFIGBLKDEVNULLBLKFAULTINJECTION is enabled, the null-blk driver sets up fault injection support by creating the timeoutinject, requeueinject, and...

5.7AI score0.00206EPSS
Exploits0References3
EUVD
EUVD
added 2026/01/31 11:42 a.m.7 views

EUVD-2026-5062

In the Linux kernel, the following vulnerability has been resolved: nullblk: fix kmemleak by releasing references to fault configfs items When CONFIGBLKDEVNULLBLKFAULTINJECTION is enabled, the null-blk driver sets up fault injection support by creating the timeoutinject, requeueinject, and...

5.8AI score0.00206EPSS
Exploits0References4
CVE
CVE
added 2026/01/31 11:42 a.m.24 views

CVE-2026-23032

The CVE-2026-23032 issue affects the Linux kernel null_blk driver when CONFIG_BLK_DEV_NULL_BLK_FAULT_INJECTION is enabled. Fault-injection configfs items (timeout_inject, requeue_inject, init_hctx_fault_inject) are created as children of the top-level nullbX group, but references to these items a...

5.8AI score0.00206EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/01/31 11:42 a.m.24 views

CVE-2026-23032 null_blk: fix kmemleak by releasing references to fault configfs items

In the Linux kernel, the following vulnerability has been resolved: nullblk: fix kmemleak by releasing references to fault configfs items When CONFIGBLKDEVNULLBLKFAULTINJECTION is enabled, the null-blk driver sets up fault injection support by creating the timeoutinject, requeueinject, and...

0.00206EPSS
Exploits0References4
OSV
OSV
added 2026/01/31 11:42 a.m.6 views

CVE-2026-23032 null_blk: fix kmemleak by releasing references to fault configfs items

In the Linux kernel, the following vulnerability has been resolved: nullblk: fix kmemleak by releasing references to fault configfs items When CONFIGBLKDEVNULLBLKFAULTINJECTION is enabled, the null-blk driver sets up fault injection support by creating the timeoutinject, requeueinject, and...

5.8AI score0.00206EPSS
Exploits0References7
NVD
NVD
added 2026/01/29 6:16 p.m.10 views

CVE-2026-24054

Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. In versions prior to 3.26.0, when a container image is malformed or contains no layers, containerd falls back to bind-mounting an empty snapshotter...

10CVSS0.00438EPSS
Exploits1References5
OSV
OSV
added 2026/01/29 6:16 p.m.6 views

AZL-75770 CVE-2026-24054 affecting package kata-containers for versions less than 3.19.1.kata2-3

Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. In versions prior to 3.26.0, when a container image is malformed or contains no layers, containerd falls back to bind-mounting an empty snapshotter...

10CVSS5.7AI score0.00438EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/01/29 5:16 p.m.5 views

CVE-2026-24054

Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. In versions prior to 3.26.0, when a container image is malformed or contains no layers, containerd falls back to bind-mounting an empty snapshotter...

9.3CVSS5.8AI score0.00438EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2026/01/29 5:16 p.m.29 views

CVE-2026-24054 Kata Containers Runtime: Host block device can be hotplugged to the VM if the container image is malformed or contains no layers

Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. In versions prior to 3.26.0, when a container image is malformed or contains no layers, containerd falls back to bind-mounting an empty snapshotter...

9.3CVSS0.00438EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/01/29 5:16 p.m.6 views

CVE-2026-24054 Kata Containers Runtime: Host block device can be hotplugged to the VM if the container image is malformed or contains no layers

Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. In versions prior to 3.26.0, when a container image is malformed or contains no layers, containerd falls back to bind-mounting an empty snapshotter...

9.3CVSS5.8AI score0.00438EPSS
Exploits1References5
EUVD
EUVD
added 2026/01/29 5:16 p.m.7 views

EUVD-2026-4958

Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. In versions prior to 3.26.0, when a container image is malformed or contains no layers, containerd falls back to bind-mounting an empty snapshotter...

9.3CVSS5.8AI score0.00438EPSS
Exploits1References5
OSV
OSV
added 2026/01/29 5:16 p.m.4 views

CVE-2026-24054 Kata Containers Runtime: Host block device can be hotplugged to the VM if the container image is malformed or contains no layers

Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. In versions prior to 3.26.0, when a container image is malformed or contains no layers, containerd falls back to bind-mounting an empty snapshotter...

9.3CVSS5.8AI score0.00438EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2026/01/27 12:0 a.m.4 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005156)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005156 advisory. In the Linux kernel, the following vulnerability has been resolved: nbd: fix race between timeout and normal completion If request timetout is handled by...

7CVSS6.7AI score0.00201EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/01/19 1:38 p.m.3 views

kernel: libceph: fix potential use-after-free in have_mon_and_osd_map()

A use-after-free vulnerability was found in the Ceph client session initialization in the Linux kernel. The havemonandosdmap function checks map epochs without holding the appropriate locks, racing with concurrent map updates that free the old map. This can result in dereferencing freed memory...

5.8AI score0.00173EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/01/19 9:44 a.m.5 views

kernel: libceph: fix potential use-after-free in have_mon_and_osd_map()

A use-after-free vulnerability was found in the Ceph client session initialization in the Linux kernel. The havemonandosdmap function checks map epochs without holding the appropriate locks, racing with concurrent map updates that free the old map. This can result in dereferencing freed memory...

5.8AI score0.00173EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004213)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004213 advisory. The rbd block device driver in drivers/block/rbd.c in the Linux kernel through 5.8.9 used incomplete permission checking for access to rbd devices, which could be...

4.1CVSS6.5AI score0.00308EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.3 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000605)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000605 advisory. Interpretation conflict in drivers/md/dm-snap-persistent.c in the Linux kernel through 3.11.6 allows remote authenticated users to obtain sensitive information or...

6CVSS7.2AI score0.0381EPSS
Exploits1References30
RedHat Linux
RedHat Linux
added 2026/01/14 12:29 a.m.5 views

kernel: nbd: fix incomplete validation of ioctl arg

A flaw has been found in the Linux kernel’s NBD drivers.The issue stems from incomplete validation of IOCTL arguments passed to the NBD driver. Specifically, oversized or unchecked arguments may lead to a signed integer overflow in blockwritefullpage and misuse of argument values cast to int in...

5.5CVSS7.2AI score0.00136EPSS
Exploits0References5
Rows per page
Query Builder