Lucene search
K

182 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-53174

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ovl: keep err zero after successful ovlcacheget ovliteratemerged stores PTRERRcache in err before checking ISERRcache. On success err holds the truncated cache...

7.8CVSS6.1AI score0.00129EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/26 7:44 a.m.8 views

CVE-2026-53174

A flaw was found in the Linux kernel's overlay filesystem ovl component. Specifically, an issue in the ovliteratemerged function incorrectly stores an error pointer even after a successful cache operation. This can lead to the function returning a misleading non-zero error, potentially causing...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/06/26 2:11 a.m.10 views

SUSE CVE-2026-53174

In the Linux kernel, the following vulnerability has been resolved: ovl: keep err zero after successful ovlcacheget ovliteratemerged stores PTRERRcache in err before checking ISERRcache. On success err holds the truncated cache pointer and can be returned as a bogus non-zero error. The syzbot...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References3
OSV
OSV
added 2026/06/25 9:16 a.m.3 views

UBUNTU-CVE-2026-53174

In the Linux kernel, the following vulnerability has been resolved: ovl: keep err zero after successful ovlcacheget ovliteratemerged stores PTRERRcache in err before checking ISERRcache. On success err holds the truncated cache pointer and can be returned as a bogus non-zero error. The syzbot...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2026/06/25 8:38 a.m.4 views

CVE-2026-53174

In the Linux kernel, the following vulnerability has been resolved: ovl: keep err zero after successful ovlcacheget ovliteratemerged stores PTRERRcache in err before checking ISERRcache. On success err holds the truncated cache pointer and can be returned as a bogus non-zero error. The syzbot...

7.8CVSS5.7AI score0.00129EPSS
Exploits0
EUVD
EUVD
added 2026/06/25 8:38 a.m.7 views

EUVD-2026-39265

In the Linux kernel, the following vulnerability has been resolved: ovl: keep err zero after successful ovlcacheget ovliteratemerged stores PTRERRcache in err before checking ISERRcache. On success err holds the truncated cache pointer and can be returned as a bogus non-zero error. The syzbot...

5.7AI score0.00129EPSS
Exploits0References2
CVE
CVE
added 2026/06/25 8:38 a.m.12 views

CVE-2026-53174

CVE-2026-53174 affects the Linux kernel overlay filesystem (ovl). The bug in ovl_iterate_merged() stores PTR_ERR(cache) in err before validating the cache with IS_ERR(cache), so on success err may hold a truncated cache pointer and be returned as a bogus non-zero error. The repro path goes throug...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/25 8:38 a.m.29 views

CVE-2026-53174 ovl: keep err zero after successful ovl_cache_get()

In the Linux kernel, the following vulnerability has been resolved: ovl: keep err zero after successful ovlcacheget ovliteratemerged stores PTRERRcache in err before checking ISERRcache. On success err holds the truncated cache pointer and can be returned as a bogus non-zero error. The syzbot...

7.8CVSS0.00129EPSS
Exploits0References2
OSV
OSV
added 2026/06/25 6:0 a.m.3 views

RLSA-2026:27812 Important: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: selinux: fix overlayfs mmap and mprotect access checks CVE-2026-46054 For more details about the security issues, including the...

7CVSS5.9AI score0.00118EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.13 views

PT-2026-52270

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ovl iterate merged function where the err variable is assigned the value of PTR ERRcache before verifying if cache is an error using IS ERRcache. When the operatio...

9.8CVSS6.9AI score0.03663EPSS
Exploits25References180
RedHat Linux
RedHat Linux
added 2026/06/22 10:33 a.m.4 views

kernel: selinux: fix overlayfs mmap() and mprotect() access checks

A flaw was found in the Linux kernel's SELinux security module when handling overlayfs. The existing security model for overlayfs does not properly enforce access controls for mmap and mprotect operations. This oversight could allow a local attacker to bypass intended security policies, potential...

7.1CVSS5.8AI score0.00118EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 6.1

On Ubuntu kernels that carry both c914c0e27eb0 and “UBUNTU: SAUCE: overlayfs: Skip permission checking for trusted.overlayfs. xattrs”, a non-privileged user may set privileged extended attributes on mounted files, causing those attributes to be applied to the upper files without the appropriate...

7.8CVSS7AI score0.15783EPSS
Exploits12References2
RedHat Linux
RedHat Linux
added 2026/06/11 7:53 a.m.11 views

kernel: selinux: fix overlayfs mmap() and mprotect() access checks

A flaw was found in the Linux kernel's SELinux security module when handling overlayfs. The existing security model for overlayfs does not properly enforce access controls for mmap and mprotect operations. This oversight could allow a local attacker to bypass intended security policies, potential...

7.1CVSS5.4AI score0.00118EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/05/28 3:53 a.m.15 views

SUSE CVE-2026-46054

In the Linux kernel, the following vulnerability has been resolved: selinux: fix overlayfs mmap and mprotect access checks The existing SELinux security model for overlayfs is to allow access if the current task is able to access the top level file the "user" file and the mounter's credentials ar...

5.5CVSS5.8AI score0.00118EPSS
Exploits0References5
CVE
CVE
added 2026/05/27 12:57 p.m.76 views

CVE-2026-46054

CVE-2026-46054 affects the Linux kernel SELinux overlayfs access checks for mmap() and mprotect(). The issue arises from insufficient enforcement of backing-file access between the user file and backing file, potentially bypassing policies. A patch introduces security_mmap_backing_file() to enfor...

7.1CVSS5.8AI score0.00118EPSS
Exploits0References12Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/27 12:57 p.m.9 views

CVE-2026-46054

In the Linux kernel, the following vulnerability has been resolved: selinux: fix overlayfs mmap and mprotect access checks The existing SELinux security model for overlayfs is to allow access if the current task is able to access the top level file the "user" file and the mounter's credentials ar...

7.1CVSS5.8AI score0.00118EPSS
Exploits0References6Affected Software1
EUVD
EUVD
added 2026/05/27 12:57 p.m.13 views

EUVD-2026-32436

In the Linux kernel, the following vulnerability has been resolved: selinux: fix overlayfs mmap and mprotect access checks The existing SELinux security model for overlayfs is to allow access if the current task is able to access the top level file the "user" file and the mounter's credentials ar...

5.8AI score0.00118EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/27 12:57 p.m.48 views

CVE-2026-46054 selinux: fix overlayfs mmap() and mprotect() access checks

In the Linux kernel, the following vulnerability has been resolved: selinux: fix overlayfs mmap and mprotect access checks The existing SELinux security model for overlayfs is to allow access if the current task is able to access the top level file the "user" file and the mounter's credentials ar...

7.1CVSS0.00118EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.17 views

PT-2026-43921

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The SELinux security model for overlayfs allows access if the current task can access the top-level user file and the mounter's credentials are sufficient for the lower-level backing fil...

7.1CVSS5.9AI score0.00118EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.21 views

Linux Distros Unpatched Vulnerability : CVE-2026-46054

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - selinux: fix overlayfs mmap and mprotect access checks The existing SELinux security model for overlayfs is to allow access if the current task is able to acces...

7.1CVSS6.1AI score0.00118EPSS
Exploits0References4
Rows per page
Query Builder