CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

20 matches found

AstraLinux•added 2026/06/19 11:10 a.m.•5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: cxl: Fixed a race condition involving the nvdimmbus object when creating nvdimm objects. A issue was found during the execution of the cxl-translate.sh unit test. Adding a 3-second sleep right before the test seems to make the...

4.7CVSS5.7AI score0.00088EPSS

Exploits0References1

AstraLinux•added 2026/06/19 11:10 a.m.•5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: acpi: nfit: fixed the narrowing conversion in acpinfitctl Syzkaller reported a warning in tonfitbusuuid: “Only secondary bus families can be translated”. This warning is emitted if the argument equals NVDIMMBUSFAMILYNFIT == 0...

5.5CVSS6.5AI score0.00176EPSS

Exploits0References2

Tenable Nessus•added 2026/04/05 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2026-31399

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nvdimm/bus: Fix potential use after free in asynchronous initialization Dingisoul with KASAN reports a use after free if deviceadd fails in ndasyncdeviceregiste...

7.8CVSS5.8AI score0.00119EPSS

Exploits0References3

SUSE CVE•added 2026/04/03 11:25 p.m.•4 views

SUSE CVE-2026-31399

In the Linux kernel, the following vulnerability has been resolved: nvdimm/bus: Fix potential use after free in asynchronous initialization Dingisoul with KASAN reports a use after free if deviceadd fails in ndasyncdeviceregister. Commit b6eae0f61db2 "libnvdimm: Hold reference on parent while...

7.8CVSS5.7AI score0.00119EPSS

Exploits0References3

RedhatCVE•added 2026/04/03 5:4 p.m.•6 views

CVE-2026-31399

A flaw was found in the Linux kernel's nvdimm/bus component. During asynchronous device initialization, if the deviceadd function fails in ndasyncdeviceregister, a use-after-free vulnerability can occur. This happens because the device's reference count drops to zero before the parent pointer is...

4.7CVSS6.1AI score0.00119EPSS

Exploits0References4

NVD•added 2026/04/03 4:16 p.m.•1 views

CVE-2026-31399

7.8CVSS0.00119EPSS

Exploits0References8

OSV•added 2026/04/03 4:16 p.m.•7 views

UBUNTU-CVE-2026-31399

7.8CVSS5.7AI score0.00119EPSS

Exploits0References9

ATTACKERKB•added 2026/04/03 3:16 p.m.•0 views

CVE-2026-31399

5.7AI score0.00119EPSS

Exploits0References9Affected Software1

CVE•added 2026/04/03 3:16 p.m.•15 views

CVE-2026-31399

CVE-2026-31399 concerns the Linux kernel, specifically a use-after-free in the nvme/nvdimm bus async initialization path. The issue arises if device_add() fails during nd_async_device_register(): the parent device reference could drop to 0 before the parent pointer is accessed, leading to use-aft...

7.8CVSS5.7AI score0.00119EPSS

Exploits0References8Affected Software1

SUSE CVE•added 2026/03/25 4:55 p.m.•4 views

SUSE CVE-2026-23348

In the Linux kernel, the following vulnerability has been resolved: cxl: Fix race of nvdimmbus object when creating nvdimm objects Found issue during running of cxl-translate.sh unit test. Adding a 3s sleep right before the test seems to make the issue reproduce fairly consistently. The...

4.7CVSS5.7AI score0.00088EPSS

Exploits0References3

RedhatCVE•added 2026/03/25 12:48 p.m.•3 views

CVE-2026-23348

A flaw was found in the Linux kernel, specifically within the CXL Compute Express Link and NVDIMM Non-Volatile Dual In-line Memory Module subsystems. A race condition can occur when NVDIMM objects attempt to reprobe after the cxlacpi module is removed, while the nvdimmbus object is missing. This...

5.5CVSS5.8AI score0.00088EPSS

Exploits0References4

NVD•added 2026/03/25 11:16 a.m.•2 views

CVE-2026-23348

4.7CVSS0.00088EPSS

Exploits0References3

UbuntuCve•added 2026/03/25 11:16 a.m.•6 views

CVE-2026-23348

4.7CVSS5.7AI score0.00088EPSS

Exploits0References5

Cvelist•added 2026/03/25 10:27 a.m.•23 views

CVE-2026-23348 cxl: Fix race of nvdimm_bus object when creating nvdimm objects

0.00088EPSS

Exploits0References3

CVE•added 2026/03/25 10:27 a.m.•12 views

CVE-2026-23348

Summary of a Linux kernel CVE (CVE-2026-23348) : The issue is a race condition in the CXL/NVDIMM subsystem where NVDIMM objects reprobe after cxl_acpi removal can occur with the nvdimm_bus object missing, leading to a NULL pointer dereference and potential system crash (DoS). Affected area center...

4.7CVSS5.7AI score0.00088EPSS

Exploits0References3Affected Software1

Debian CVE•added 2026/03/25 10:27 a.m.•3 views

CVE-2026-23348

4.7CVSS5.2AI score0.00088EPSS

Exploits0

OSV•added 2026/03/25 10:27 a.m.•4 views

CVE-2026-23348 cxl: Fix race of nvdimm_bus object when creating nvdimm objects

4.7CVSS5.8AI score0.00088EPSS

Exploits0References6

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-11258

Malicious code in bioql PyPI...

7.3AI score0.00176EPSS

Exploits0References9

OSV•added 2025/04/16 2:12 p.m.•8 views

CVE-2025-22044 acpi: nfit: fix narrowing conversion in acpi_nfit_ctl

In the Linux kernel, the following vulnerability has been resolved: acpi: nfit: fix narrowing conversion in acpinfitctl Syzkaller has reported a warning in tonfitbusuuid: "only secondary bus families can be translated". This warning is emited if the argument is equal to NVDIMMBUSFAMILYNFIT == 0...

5.5CVSS6.3AI score0.00176EPSS

Exploits0References13

Debian CVE•added 2025/02/26 2:12 a.m.•9 views

CVE-2022-49446

In the Linux kernel, the following vulnerability has been resolved: nvdimm: Fix firmware activation deadlock scenarios Lockdep reports the following deadlock scenarios for CXL root device power-management, deviceprepare, operations, and deviceshutdown operations for 'ndregion' devices: Chain exis...

5.5CVSS5.6AI score0.00187EPSS

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by