Lucene search
K

5986 matches found

SUSE CVE
SUSE CVE
added 2026/05/29 1:15 a.m.17 views

SUSE CVE-2026-46211

In the Linux kernel, the following vulnerability has been resolved: drm/msm/gem: fix error handling in msmioctlgeminfogetmetadata msmioctlgeminfogetmetadata always returns 0 regardless of errors. When copytouser fails or the user buffer is too small, the error code stored in ret is ignored becaus...

6.6CVSS5.9AI score0.00127EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-46197

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amdkfd: validate SVM ioctl nattr against buffer size Validate nattr field against the buffer size, preventing out-of-bounds buffer access via user-controlle...

7.8CVSS7.2AI score0.00139EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/28 9:9 p.m.11 views

CVE-2026-46167

A flaw was found in the Linux kernel's usblp driver. A local user, interacting with a malicious printer, could exploit this vulnerability. When the LPGETSTATUS ioctl is used and a printer responds with zero bytes, the driver may return uninitialized kernel memory. This leads to information...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References4
NVD
NVD
added 2026/05/28 10:16 a.m.14 views

CVE-2026-46220

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/sdma4: replace BUGON with WARNON in fence emission sdmav40ringemitfence contains two BUGONaddr & 0x3 assertions that verify fence writeback addresses are dword-aligned. These assertions can be reached from unprivileged...

5.5CVSS0.00119EPSS
Exploits0References8
NVD
NVD
added 2026/05/28 10:16 a.m.22 views

CVE-2026-46211

In the Linux kernel, the following vulnerability has been resolved: drm/msm/gem: fix error handling in msmioctlgeminfogetmetadata msmioctlgeminfogetmetadata always returns 0 regardless of errors. When copytouser fails or the user buffer is too small, the error code stored in ret is ignored becaus...

5.5CVSS0.00127EPSS
Exploits0References4
NVD
NVD
added 2026/05/28 10:16 a.m.19 views

CVE-2026-46167

In the Linux kernel, the following vulnerability has been resolved: usb: usblp: fix uninitialized heap leak via LPGETSTATUS ioctl Just like in a previous problem in this driver, usblpctrlmsg will collapse the usbcontrolmsg return value to 0/-errno, discarding the actual number of bytes transferre...

5.5CVSS0.00128EPSS
Exploits0References8
NVD
NVD
added 2026/05/28 10:16 a.m.13 views

CVE-2026-46151

In the Linux kernel, the following vulnerability has been resolved: usb: usblp: fix heap leak in IEEE 1284 device ID via short response usblpctrlmsg collapses the usbcontrolmsg return value to 0/-errno, discarding the actual number of bytes transferred. A broken printer can complete the GETDEVICE...

5.5CVSS0.00123EPSS
Exploits0References8
OSV
OSV
added 2026/05/28 10:16 a.m.8 views

UBUNTU-CVE-2026-46220

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/sdma4: replace BUGON with WARNON in fence emission sdmav40ringemitfence contains two BUGONaddr & 0x3 assertions that verify fence writeback addresses are dword-aligned. These assertions can be reached from unprivileged...

5.5CVSS5.7AI score0.00119EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/05/28 9:40 a.m.14 views

CVE-2026-46211

In the Linux kernel, the following vulnerability has been resolved: drm/msm/gem: fix error handling in msmioctlgeminfogetmetadata msmioctlgeminfogetmetadata always returns 0 regardless of errors. When copytouser fails or the user buffer is too small, the error code stored in ret is ignored becaus...

5.9AI score0.00127EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/05/28 9:40 a.m.37 views

CVE-2026-46211

CVE-2026-46211 affects the Linux kernel drm/msm/gem component. The flaw in msm_ioctl_gem_info_get_metadata() can cause a NULL pointer dereference due to unchecked allocation (kmemdup()) and always returning 0 on errors, making userspace believe success. The issue is fixed by adding a NULL check f...

5.5CVSS5.9AI score0.00127EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/28 9:40 a.m.11 views

CVE-2026-46197

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: validate SVM ioctl nattr against buffer size Validate nattr field against the buffer size, preventing out-of-bounds buffer access via user-controlled attribute count. cherry picked from commit...

7.8CVSS5.9AI score0.00139EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2026/05/28 9:40 a.m.32 views

CVE-2026-46197

The CVE-2026-46197 issue affects the Linux kernel DRM/AMDKFD component, where the nattr field validation for SVM ioctl was insufficient against the reported buffer size, enabling out-of-bounds access via a user-controlled attribute count. The root cause is input size validation failure in the SVM...

7.8CVSS5.9AI score0.00139EPSS
Exploits0References7Affected Software1
Debian CVE
Debian CVE
added 2026/05/28 9:36 a.m.10 views

CVE-2026-46167

In the Linux kernel, the following vulnerability has been resolved: usb: usblp: fix uninitialized heap leak via LPGETSTATUS ioctl Just like in a previous problem in this driver, usblpctrlmsg will collapse the usbcontrolmsg return value to 0/-errno, discarding the actual number of bytes transferre...

5.5CVSS5.8AI score0.00128EPSS
Exploits0
CVE
CVE
added 2026/05/28 9:36 a.m.38 views

CVE-2026-46167

CVE-2026-46167 – Linux kernel usb/usblp heap leak : The vulnerability stems from an uninitialized status buffer (statusbuf) allocated at probe time for LPGETSTATUS. If a malicious printer returns zero bytes, a stale 8-byte heap region could be copied to userspace via LPGETSTATUS, causing a heap l...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2026/05/28 9:36 a.m.42 views

CVE-2026-46159

The CVE-2026-46159 issue affects the Linux kernel’s Btrfs code, specifically btrfs_ioctl_space_info(). A TOCTOU race occurs between two passes over block group RAID type lists: the first pass counts entries for allocation, the second fills the buffer and releases the groups_sem lock. If entries s...

4.7CVSS5.8AI score0.00093EPSS
Exploits0References8Affected Software1
EUVD
EUVD
added 2026/05/28 9:36 a.m.10 views

EUVD-2026-32778

In the Linux kernel, the following vulnerability has been resolved: usb: usblp: fix heap leak in IEEE 1284 device ID via short response usblpctrlmsg collapses the usbcontrolmsg return value to 0/-errno, discarding the actual number of bytes transferred. A broken printer can complete the GETDEVICE...

5.8AI score0.00123EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.17 views

PT-2026-44282

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Time-of-Check to Time-of-Use TOCTOU race condition exists in the btrfs ioctl space info function. The function performs two passes over block group RAID type lists: the first to...

4.7CVSS6AI score0.00093EPSS
Exploits0
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the LPGETSTATUS ioctl command in the usblp driver. This command fails to initialize heap memory,...

5.8AI score0.00128EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.11 views

PT-2026-44334

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the msm ioctl gem info get metadata function where it unconditionally returns 0, ignoring error codes stored in ret. This occurs when the user buffer is too small or...

9.8CVSS6AI score0.005EPSS
Exploits1References289
RedhatCVE
RedhatCVE
added 2026/05/27 11:37 p.m.12 views

CVE-2026-45956

A flaw was found in the Linux kernel's drm/exynos component. This vulnerability arises from an incorrect lookup of device information within the vidiconnectionioctl function, where the system uses an improper pointer to access data. This can lead to memory corruption, which means the system might...

7.8CVSS5.8AI score0.00126EPSS
Exploits0References4
Rows per page
Query Builder