Lucene search
K

476 matches found

Tenable Nessus
Tenable Nessus
added 5 days ago8 views

Oracle Linux 9 : kernel (ELSA-2026-27789)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-27789 advisory. - net/sched: fix pedit partial COW leading to page cache corruption Ivan Vecera RHEL-177392 CVE-2026-46331 - scsi: qla2xxx: Completely fix fcport doub...

9.8CVSS7.2AI score0.00563EPSS
Exploits13References18
Tenable Nessus
Tenable Nessus
added 6 days ago8 views

Linux Distros Unpatched Vulnerability : CVE-2026-52989

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nvmet-tcp: propagate nvmettcpbuildpduiovec errors to its callers Currently, when nvmettcpbuildpduiovec detects an out-of-bounds PDU length or offset, it trigger...

9.8CVSS5.8AI score0.00342EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/24 6:32 p.m.3 views

EUVD-2026-38857

In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: propagate nvmettcpbuildpduiovec errors to its callers Currently, when nvmettcpbuildpduiovec detects an out-of-bounds PDU length or offset, it triggers nvmettcpfatalerrorcmd-queue and returns early. However, because the...

5.7AI score0.00342EPSS
Exploits0References7
NVD
NVD
added 2026/06/24 5:17 p.m.5 views

CVE-2026-52989

In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: propagate nvmettcpbuildpduiovec errors to its callers Currently, when nvmettcpbuildpduiovec detects an out-of-bounds PDU length or offset, it triggers nvmettcpfatalerrorcmd-queue and returns early. However, because the...

9.8CVSS0.00342EPSS
Exploits0References9
CVE
CVE
added 2026/06/24 4:29 p.m.14 views

CVE-2026-52989

CVE-2026-52989 affects the Linux kernel nvmet-tcp component. The root cause is that nvmet_tcp_build_pdu_iovec() detects out-of-bounds PDU length/offset but does not propagate the error to callers; it returns void and triggers nvmet_tcp_fatal_error(cmd->queue) without alerting the caller, leavi...

9.8CVSS5.7AI score0.00342EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/06/24 4:29 p.m.25 views

CVE-2026-52989 nvmet-tcp: propagate nvmet_tcp_build_pdu_iovec() errors to its callers

In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: propagate nvmettcpbuildpduiovec errors to its callers Currently, when nvmettcpbuildpduiovec detects an out-of-bounds PDU length or offset, it triggers nvmettcpfatalerrorcmd-queue and returns early. However, because the...

9.8CVSS0.00342EPSS
Exploits0References6
Rockylinux
Rockylinux
added 2026/06/24 12:0 p.m.8 views

kernel security, bug fix, and enhancement update

An update is available for kernel. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

9.8CVSS6.4AI score0.00353EPSS
Exploits9
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.5 views

RockyLinux 8 : kernel (RLSA-2026:27353)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:27353 advisory. kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service CVE-2026-31419 kernel: drm/amd/display: Do not skip unrelated mode...

9.8CVSS6.8AI score0.00353EPSS
Exploits9References17
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.9 views

Oracle Linux 8 : kernel (ELSA-2026-27353)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-27353 advisory. - net/sched: fix pedit partial COW leading to page cache corruption Ivan Vecera RHEL-177582 CVE-2026-46331 - net/sched: actpedit: free pedit keys on...

9.8CVSS7.5AI score0.00353EPSS
Exploits9References9
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.7 views

AlmaLinux 8 : kernel-rt (ALSA-2026:27354)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:27354 advisory. kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service CVE-2026-31419 kernel: drm/amd/display: Do not skip unrelated mode...

9.8CVSS5.9AI score0.00353EPSS
Exploits9References10
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.9 views

AlmaLinux 8 : kernel (ALSA-2026:27353)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:27353 advisory. kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service CVE-2026-31419 kernel: drm/amd/display: Do not skip unrelated mode...

9.8CVSS6.2AI score0.00353EPSS
Exploits9References10
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.22 views

RockyLinux 8 : kernel-rt (RLSA-2026:27354)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:27354 advisory. kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service CVE-2026-31419 kernel: drm/amd/display: Do not skip unrelated mode...

9.8CVSS6.6AI score0.00353EPSS
Exploits9References17
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: nvmet-fc: Avoid scheduling the deletion of associations twice. When forcibly shutting down a port via the configfs interface, nvmetportsubsysdroplink first calls nvmetportdelctrls, and then nvmetdisableport. Both functions will...

5.7AI score0.00197EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: Do not restore null skstatechange. queue-statechange is set as part of nvmettcpsetqueuesock, but if the TCP connection is not established when nvmettcpsetqueuesock is called, then queue-statechange is not set, and...

5.5CVSS6.4AI score0.00178EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: nvmet: moving async event work off nvmet-wq For the target function nvmetctrlfree, the variable ctrl-asynceventwork is flushed. If nvmetctrlfree runs on nvmet-wq, the flush re-enters the workqueue completion for the same worker. ...

7.5CVSS5.8AI score0.00441EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

A use-after-free vulnerability was discovered in the drivers/nvme/target/tcp.c file, specifically in the nvmettcpfreecrypto function. This issue stems from a logical error in the NVMe/TCP subsystem of the Linux kernel. This vulnerability may allow a malicious user to exploit the situation,...

8.8CVSS7.3AI score0.09141EPSS
Exploits2References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: A hang issue has been fixed in nvmettcplistendataready. When the socket is closed while in the TCPLISTEN state, a callback is executed to flush all outstanding packets. This execution then calls nvmettcplistendataready...

5.4AI score0.00167EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: nvmet: The cqe.result field must always be initialized. The specification does not require that the first two double-word values i.e., the “results” for a command queue entry need to be set to 0 when they are not used this is not...

5.5CVSS5.8AI score0.00256EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.1 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: nvmet: A possible leak has been fixed when destroying a ctrl during qp establishment. In nvmetsqdestroy, we capture sq-ctrl early. If it is not NULL, we know that a ctrl was allocated during the admin connect request handling. We...

4.7CVSS6.1AI score0.00226EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: objtool, nvmet: Fixed an out-of-bounds stack access in nvmetctrlstateshow. The cstsstatenames array contains only six sparse entries, but the iteration code in nvmetctrlstateshow iterates seven times, leading to a potential...

7.1CVSS6.4AI score0.00206EPSS
Exploits0References2
Rows per page
Query Builder