Lucene search
+L

695 matches found

Tenable Nessus
Tenable Nessus
added 2026/07/06 12:0 a.m.22 views

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2026-50374)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50374 advisory. - net/sched: fix pedit partial COW leading to page cache corruption Rajat Gupta Orabug: 39680880 CVE-2026-46331 - net: skbuff: fix missing zerocop...

9.8CVSS7.2AI score0.96267EPSS
Exploits298References9
RedHat Linux
RedHat Linux
added 2026/07/01 9:48 a.m.11 views

kernel: cachestat: fix page cache statistics permission checking

In the Linux kernel, the following vulnerability has been resolved: cachestat: fix page cache statistics permission checking When the 'cachestat' system call was added in commit cf264e1329fb "cachestat: implement cachestat syscall", it was meant to be a much more convenient and performant version...

5.5CVSS6.2AI score0.00199EPSS
Exploits0References5
GithubExploit
GithubExploit
added 2026/07/01 2:19 a.m.72 views

Exploit for CVE-2026-46331

CVE-2026-46331 pedit COW – Linux net/sched Packet-Editor Pag...

7.8CVSS6AI score0.00321EPSS
Exploits11
GithubExploit
GithubExploit
added 2026/06/30 6:15 p.m.61 views

Exploit for Write-what-where Condition in Linux Linux_Kernel

CVE-KERNEL · Linux Kernel LPE Chain Multi-C...

8.8CVSS7.1AI score0.93235EPSS
Exploits42
RedHat Linux
RedHat Linux
added 2026/06/30 11:30 a.m.23 views

kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel

A flaw was found in the Linux kernel's XFRM ESP-in-TCP subsystem. Unsafe in-place cryptographic processing allows a low-privileged local attacker to write arbitrary bytes into the page cache of read-only files, including sensitive system files. An attacker can exploit this to overwrite privileged...

7.8CVSS7.4AI score0.03663EPSS
Exploits11References5
RedHat Linux
RedHat Linux
added 2026/06/30 11:30 a.m.9 views

kernel: "Dirty Frag" ESP XFRM variant is a new universal Local Privilege Escalation (LPE) vulnerability in the Linux kernel

A flaw was found in the Linux kernel's xfrm-ESP and RxRPC subsystems. Unsafe in-place cryptographic processing of shared socket buffer fragments allows a low-privileged local attacker to corrupt page-cache contents of readable files, including sensitive system files, and gain root privileges. The...

8.8CVSS7.1AI score0.93235EPSS
Exploits31References6
GithubExploit
GithubExploit
added 2026/06/29 11:4 p.m.86 views

Exploit for CVE-2026-46331

cve-2026-46331-audit Read-only audit script for CVE-2026-46...

7.8CVSS5.8AI score0.00321EPSS
Exploits11
OSV
OSV
added 2026/06/29 7:43 a.m.5 views

SUSE-SU-2026:22507-1 Security update for the Linux Kernel (Live Patch 5 for SUSE Linux Enterprise 16)

This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.26.1 fixes various security issues The following security issues were fixed: - CVE-2026-23278: netfilter: nftables: always walk all pending catchall elements bsc1260907. - CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay...

9.8CVSS6.7AI score0.0049EPSS
Exploits8References16
Tenable Nessus
Tenable Nessus
added 2026/06/29 12:0 a.m.7 views

TencentOS Server 3: kernel (TSSA-2026:0544)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0544 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

7.8CVSS6.4AI score0.00321EPSS
Exploits11References2
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-53167

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fuse: limit FUSENOTIFYRETRIEVE to uptodate folios FUSENOTIFYRETRIEVE must be limited to uptodate folios; !uptodate folios can contain uninitialized data. Since...

5.5CVSS5.4AI score0.00122EPSS
Exploits0References4
GithubExploit
GithubExploit
added 2026/06/27 2:23 p.m.77 views

pagecache-lpe-containment-kit

Page-Cache LPE Containment Kit Detect, contain, and verify...

8.8CVSS6.6AI score0.00321EPSS
Exploits17
GithubExploit
GithubExploit
added 2026/06/26 6:57 p.m.280 views

Exploit for CVE-2026-46331

🚨 CVE-2026-46331 - Linux Kernel COW Bug Linux Kernel n...

6.6AI score0.00321EPSS
Exploits11
NVD
NVD
added 2026/06/26 3:16 p.m.16 views

CVE-2026-45257

The KTLS receive path decrypted each record in place, assuming that the mbufs holding received data were anonymous and safe to modify. This assumption does not hold for data placed on a socket by sendfile2, which can reference file-backed memory directly through non-anonymous MEXTPG pages or...

7.8CVSS0.00154EPSS
Exploits0References4
CVE
CVE
added 2026/06/26 2:50 p.m.133 views

CVE-2026-45257

CVE-2026-45257 : FreeBSD KTLS receive path decrypts in place, enabling an unprivileged local user to overwrite a file’s page cache via sendfile(2) data over a loopback connection when KTLS receive is enabled. This can corrupt the backing file and allow privilege escalation by overwriting setuid/t...

7.8CVSS5.8AI score0.00154EPSS
Exploits0References4Affected Software1
The Hacker News
The Hacker News
added 2026/06/26 1:57 p.m.26 views

New Linux pedit COW Exploit Enables Root Access by Poisoning Cached Binaries

A flaw in the Linux kernel's traffic-control subsystem can let a local unprivileged user gain root on affected systems. CVE-2026-46331, nicknamed "pedit COW ," is an out-of-bounds write in the packet-editing action actpedit that corrupts shared page-cache memory. A public, working exploit appeare...

6.1AI score0.00321EPSS
Exploits11
SUSE CVE
SUSE CVE
added 2026/06/26 2:11 a.m.8 views

SUSE CVE-2026-53167

In the Linux kernel, the following vulnerability has been resolved: fuse: limit FUSENOTIFYRETRIEVE to uptodate folios FUSENOTIFYRETRIEVE must be limited to uptodate folios; !uptodate folios can contain uninitialized data. Since FUSENOTIFYRETRIEVE is intended to only return data that is already in...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/26 2:11 a.m.9 views

SUSE CVE-2026-53168

In the Linux kernel, the following vulnerability has been resolved: fuse: reject fusenotify pagecache ops on directories The operations FUSENOTIFYSTORE and FUSENOTIFYRETRIEVE allow the FUSE daemon to actively write/read pagecache contents. For directories with FOPENCACHEDIR, the pagecache is used...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.13 views

SUSE SLES15: kernel-livepatch-6_4_0-150600_23_95-default / etc (SUSE-SU-2026:2520-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2520-1 advisory. This update for the SUSE Linux Enterprise Kernel 6.4.0-150600.23.95 fixes various security issues The following security issues were fixed: -...

9.8CVSS6.7AI score0.0049EPSS
Exploits8References17
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.8 views

SUSE SLES15 Security Update : kernel (Live Patch 24 for SUSE Linux Enterprise 15 SP6) (SUSE-SU-2026:2608-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2608-1 advisory. This update for the SUSE Linux Enterprise Kernel 6.4.0-150600.23.103 fixes various security issues The following security issues were fixed: -...

9.8CVSS6.7AI score0.0049EPSS
Exploits8References17
OSV
OSV
added 2026/06/25 11:39 a.m.8 views

SUSE-SU-2026:22427-1 Security update for the Linux Kernel (Live Patch 22 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-45.1 fixes various security issues The following security issues were fixed: - CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache bsc1261640. - CVE-2026-31504: net: fix fanout UAF in packetrelease via NETDEVUP race bsc126308...

9.8CVSS6.7AI score0.0049EPSS
Exploits8References12
Rows per page
Query Builder