Lucene search
K

7242 matches found

RedHat Linux
RedHat Linux
added 2026/06/17 6:53 a.m.7 views

kernel: mm/page_alloc: clear page->private in free_pages_prepare()

A flaw was found in the Linux kernel's memory management subsystem. When pages are freed, the page-private field is not properly cleared. If these pages are later reallocated as high-order pages and split, the tail pages can retain stale page-private values. This can lead to a use-after-free...

7.8CVSS5.4AI score0.0013EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/17 6:53 a.m.7 views

kernel: iommu: disable SVA when CONFIG_X86 is set

A security vulnerability was found in the Linux kernel's IOMMU Shared Virtual Addressing SVA implementation on x86 architecture. When SVA is enabled, the IOMMU caches kernel page table entries. Since the kernel lacks a mechanism to notify the IOMMU when kernel page table pages are freed and...

7.8CVSS5.7AI score0.00145EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/17 1:20 a.m.7 views

kernel: mm/page_alloc: clear page->private in free_pages_prepare()

A flaw was found in the Linux kernel's memory management subsystem. When pages are freed, the page-private field is not properly cleared. If these pages are later reallocated as high-order pages and split, the tail pages can retain stale page-private values. This can lead to a use-after-free...

7.8CVSS5.4AI score0.0013EPSS
Exploits0References5
NVD
NVD
added 2026/06/16 8:16 p.m.13 views

CVE-2026-0152

In OSMMapPMRGeneric of pmros.c, there is a possible way to leverage a system call to system call to maliciously expand the VMA out of bounds due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not...

7.8CVSS0.00071EPSS
Exploits0References1
CVE
CVE
added 2026/06/16 6:51 p.m.23 views

CVE-2026-0152

CVE-2026-0152 affects the OSMMapPMRGeneric path in pmr_os.c. A logic error may allow abusing a system-call sequence to expand the VMA out of bounds, enabling local privilege escalation with no extra privileges or user interaction required. Documented impact is high for confidentiality, integrity,...

7.8CVSS5.6AI score0.00071EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/16 5:19 a.m.38 views

CVE-2026-10635 Dangling memory-domain pointer (use-after-free) in Xtensa MMU page-table code on memory-domain de-init

On Xtensa targets with CONFIGUSERSPACE and CONFIGXTENSAMMU, the page-table code arch/xtensa/core/ptables.c maintains a global list, xtensadomainlist, of active memory domains using a list node embedded inside the caller-owned struct kmemdomain. When a domain is destroyed via kmemdomaindeinit -...

6.3CVSS0.00164EPSS
Exploits1References2
CVE
CVE
added 2026/06/16 5:19 a.m.23 views

CVE-2026-10635

CVE-2026-10635 affects Zephyr v4.4.0 on Xtensa targets with CONFIG_USERSPACE and CONFIG_XTENSA_MMU. The bug arises when destroying a memory domain via k_mem_domain_deinit(): the page-table code keeps a global xtensa_domain_list entry for the domain, but the node is not removed, leaving a dangling...

6.3CVSS5.5AI score0.00164EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.22 views

PT-2026-49610

On Xtensa targets with CONFIG USERSPACE and CONFIG XTENSA MMU, the page-table code arch/xtensa/core/ptables.c maintains a global list, xtensa domain list, of active memory domains using a list node embedded inside the caller-owned struct k mem domain. When a domain is destroyed via k mem domain...

6.3CVSS5.5AI score0.00164EPSS
Exploits1References3
OSV
OSV
added 2026/06/15 10:50 a.m.4 views

SUSE-SU-2026:22099-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2026-23254: net: gro: fix outer network offset bsc1259884. - CVE-2026-23303: smb: client: Don't log plaintext credentials in cifssetcifscreds bsc1260502. -...

9.8CVSS7.1AI score0.00514EPSS
Exploits0References125
RedHat Linux
RedHat Linux
added 2026/06/15 10:20 a.m.8 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash

A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash...

8.8CVSS5.5AI score0.00393EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/15 10:20 a.m.11 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash

A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash...

8.8CVSS5.5AI score0.00378EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/15 10:20 a.m.13 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash

A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash...

8.8CVSS5.2AI score0.00462EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/15 6:47 a.m.10 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash...

8.8CVSS5.5AI score0.00399EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/15 6:47 a.m.13 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash

A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash...

8.8CVSS5.5AI score0.00393EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/15 6:47 a.m.10 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash

A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash...

8.8CVSS5.5AI score0.00378EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/15 6:47 a.m.10 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash

A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash...

8.8CVSS5.2AI score0.00462EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/12 7:56 p.m.9 views

kernel: iommu: disable SVA when CONFIG_X86 is set

A security vulnerability was found in the Linux kernel's IOMMU Shared Virtual Addressing SVA implementation on x86 architecture. When SVA is enabled, the IOMMU caches kernel page table entries. Since the kernel lacks a mechanism to notify the IOMMU when kernel page table pages are freed and...

7.8CVSS5.4AI score0.00145EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.14 views

Ubuntu 20.04 LTS : Linux kernel (FIPS) vulnerabilities (USN-7922-2)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7922-2 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in...

7.8CVSS5.8AI score0.00261EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.17 views

Ubuntu 20.04 LTS : Linux kernel (Azure FIPS) vulnerabilities (USN-7939-2)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7939-2 advisory. Jean-Claude Graf, Sandro Regge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation betwee...

7.8CVSS8.1AI score0.01345EPSS
Exploits8References24
Snyk
Snyk
added 2026/06/10 11:10 p.m.10 views

Missing Release of Memory after Effective Lifetime

Overview Magick.NET-Q8-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package ar...

5.1CVSS5.4AI score0.0011EPSS
Exploits0References2
Rows per page
Query Builder