Lucene search
K

105 matches found

RedhatCVE
RedhatCVE
added 5 days ago7 views

CVE-2026-53038

A flaw was found in the Linux kernel's Integrity Measurement Architecture IMA subsystem. When handling unsupported Trusted Platform Module TPM hash algorithms, the imafs component incorrectly accesses a hash algorithm name array, leading to a read out-of-bounds. This vulnerability could allow a...

5.5CVSS5.7AI score0.00168EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-6.1, Linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ima: Fixed a use-after-free issue related to the dname.name of a dentry. – dname.name can be changed during a rename operation, and the previous value can be freed. There are conditions that could potentially stabilize this...

7.8CVSS6.3AI score0.00306EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: IMA: Do not clear the IMADIGSIG flag when setting or removing non-IMA xattr. Currently, when both IMA and EVM are in “fix” mode, the IMA signature will be reset to the IMA hash if a program first stores the IMA signature in...

5.7AI score0.00168EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: IMA: Verify that the IMA buffer from the previous kernel is within the addressable RAM. Patch series “Address page fault in imarestoremeasurementlist”, version 3. When the second-stage kernel is booted using kexec with a limiting...

5.5CVSS6AI score0.00122EPSS
Exploits0References1
OSV
OSV
added 2026/05/31 12:0 a.m.37 views

RLSA-2026:21745 Important: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: Bluetooth: MGMT: Fix possible UAFs CVE-2025-39981 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr...

7.8CVSS6.6AI score0.00514EPSS
Exploits0References19
OSV
OSV
added 2026/05/30 6:3 p.m.40 views

RLSA-2026:21556 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: proc: use the same treatment to check proclseek as ones for procreaditer et.al CVE-2025-38653 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr CVE-2025-68183...

7.8CVSS6.4AI score0.00514EPSS
Exploits0References20
Tenable Nessus
Tenable Nessus
added 2026/05/30 12:0 a.m.12 views

RockyLinux 8 : kernel (RLSA-2026:21706)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:21706 advisory. kernel: Bluetooth: MGMT: Fix possible UAFs CVE-2025-39981 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr CVE-2025-68183...

9.4CVSS6AI score0.00514EPSS
Exploits0References37
RedhatCVE
RedhatCVE
added 2026/05/28 9:13 p.m.12 views

CVE-2025-71306

A flaw was found in the Linux kernel's Integrity Measurement Architecture IMA subsystem. This vulnerability involves a stack-out-of-bounds access within the imaappraisemeasurement function during the processing of bprmcreds for execution. An attacker could potentially trigger this flaw by causing...

7.1CVSS5.8AI score0.0015EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/05/28 2:21 a.m.11 views

kernel: ima: don't clear IMA_DIGSIG flag when setting or removing non-IMA xattr

In the Linux kernel, the following vulnerability has been resolved: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr Currently when both IMA and EVM are in fix mode, the IMA signature will be reset to IMA hash if a program first stores IMA signature in security.ima and then...

5.8AI score0.00168EPSS
Exploits0References5
OSV
OSV
added 2026/05/28 12:0 a.m.18 views

ALSA-2026:21745 Important: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: Bluetooth: MGMT: Fix possible UAFs CVE-2025-39981 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr...

9.4CVSS6AI score0.00514EPSS
Exploits0References38
Debian CVE
Debian CVE
added 2026/05/27 12:14 p.m.8 views

CVE-2025-71306

In the Linux kernel, the following vulnerability has been resolved: ima: Fix stack-out-of-bounds in isbprmcredsforexec KASAN reported a stack-out-of-bounds access in imaappraisemeasurement from isbprmcredsforexec: BUG: KASAN: stack-out-of-bounds in imaappraisemeasurement+0x12dc/0x16a0 Read of siz...

7.1CVSS5.7AI score0.0015EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.12 views

PT-2026-43689

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A stack-out-of-bounds access occurs in the ima appraise measurement function via is bprm creds for exec. This issue is triggered by an incorrect offset calculation when using container o...

5.8AI score0.0015EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2026/05/06 10:52 p.m.8 views

CVE-2026-43240

A flaw was found in the Linux kernel's x86/kexec component. When a second-stage kernel is booted with a memory-limiting command, the Integrity Measurement Architecture IMA kexec buffer may be located outside the accessible memory range. This can lead to a kernel panic, effectively causing a Denia...

5.5CVSS5.9AI score0.00123EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/06 6:2 p.m.9 views

CVE-2026-43129

A flaw was found in the Linux kernel's Integrity Measurement Architecture IMA subsystem. When a second-stage kernel is booted via kexec with a memory-limiting command line, the IMA measurement buffer from the previous kernel may fall outside the new kernel's addressable memory. This out-of-bounds...

5.5CVSS5.9AI score0.00122EPSS
Exploits0References4
NVD
NVD
added 2026/05/06 12:16 p.m.8 views

CVE-2026-43129

In the Linux kernel, the following vulnerability has been resolved: ima: verify the previous kernel's IMA buffer lies in addressable RAM Patch series "Address page fault in imarestoremeasurementlist", v3. When the second-stage kernel is booted via kexec with a limiting command line such as "mem="...

5.5CVSS0.00122EPSS
Exploits0References5
CVE
CVE
added 2026/05/06 11:28 a.m.18 views

CVE-2026-43240

CVE-2026-43240 concerns the Linux kernel (x86/kexec) where a second-stage kernel booted with a memory-limiting parameter (mem=…) may place the IMA kexec buffer outside the accessible RAM, causing a kernel panic. The vulnerability arises from a missing range validation for the carried IMA measurem...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References7Affected Software1
Debian CVE
Debian CVE
added 2026/05/06 11:28 a.m.9 views

CVE-2026-43240

In the Linux kernel, the following vulnerability has been resolved: x86/kexec: add a sanity check on previous kernel's ima kexec buffer When the second-stage kernel is booted via kexec with a limiting command line such as "mem=", the physical range that contains the carried over IMA measurement...

5.5CVSS5.8AI score0.00123EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/05/06 11:27 a.m.4 views

CVE-2026-43129

In the Linux kernel, the following vulnerability has been resolved: ima: verify the previous kernel's IMA buffer lies in addressable RAM Patch series "Address page fault in imarestoremeasurementlist", v3. When the second-stage kernel is booted via kexec with a limiting command line such as "mem="...

5.5CVSS5.9AI score0.00122EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.23 views

PT-2026-37469

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists where the Integrity Measurement Architecture IMA measurement buffer passed from a previous kernel may fall outside the addressable RAM of a new kernel when the second-sta...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References16
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.8 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the IMA measurement list buffer exceeding the truncated RAM range during kexec operations,...

5.5CVSS5.9AI score0.00123EPSS
Exploits0References1
Rows per page
Query Builder