Lucene search
K

371 matches found

RedHat Linux
RedHat Linux
added 2 days ago6 views

kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM component. A local attacker with privileges on the host system could exploit a vulnerability in how KVM handles shadow page table entries SPTEs during memory-mapped I/O MMIO operations. By manipulating guest page table entrie...

8.1CVSS6AI score0.00184EPSS
Exploits0References5
OSV
OSV
added 2026/07/02 12:0 a.m.4 views

UBUNTU-CVE-2026-53342

In the Linux kernel, the following vulnerability has been resolved: arm64: mm: call pagetable dtor when freeing hot-removed page tables Since 5e8eb9aeeda3 "arm64: mm: always call PTE/PMD ctor in createpgdmapping" page-table allocation on ARM64 always calls pagetablepte,pmd,pud,p4dctor. This sets...

5.7AI score0.00154EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/07/01 7:21 p.m.6 views

CVE-2026-53342

A flaw was found in the Linux kernel, specifically within the ARM64 architecture's memory management. This vulnerability occurs because the system fails to properly deallocate page tables that have been hot-removed, leading to memory leaks. This can result in incorrect memory usage statistics and...

5.8AI score0.00154EPSS
Exploits0References4
CVE
CVE
added 2026/06/26 7:41 p.m.12 views

CVE-2026-53312

In CVE-2026-53312, a Linux kernel iommu/riscv vulnerability is resolved: an integer overflow in the invalidation path could cause an infinite loop when handling sign-extended page tables (ULONG_MAX) during a gather/end computation. The fix moves the +1 away from the potentially overflowed compari...

5.5CVSS5.9AI score0.00112EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.18 views

Linux Distros Unpatched Vulnerability : CVE-2026-53109

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - powerpc/pgtable-frag: Fix bad page state in ptefragdestroy powerpc uses ptfragrefcount as a reference counter for tracking it's pte and pmd page table fragments...

6AI score0.00161EPSS
Exploits0References4
CVE
CVE
added 2026/06/24 4:30 p.m.5 views

CVE-2026-53057

The CVE-2026-53057 entry describes a Linux kernel IOMMU issue for RISCV: after updating DDT/PDT entries, the system must invalidate TLB and context cache entries. The fix adds riscv_iommu_iodir_iotinval() to perform the required IOTINVAL-based invalidations in accordance with the RISC-V IOMMU spe...

8.8CVSS5.7AI score0.00127EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.2 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: drm/panthor: Fixed UAF issues on kernel BO VA nodes. If the MMU is down, panthorvmunmaprange might return an error. We expect the page table to still be updated; if the MMU is blocked, the rest of the GPU should also be blocke...

5.9AI score0.00171EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: IOMMU: Disable SVA when CONFIGX86 is set The patch series “Fix stale IOTLB entries for kernel address space”, version 7, proposes a fix for a security vulnerability related to IOMMU Shared Virtual Addressing SVA. In an SVA contex...

7.8CVSS5.8AI score0.00145EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: arm64: Set UXN on swapper page tables This issue was accidentally fixed upstream via c3cee924bd85 "arm64: head: cover the entire kernel image in the initial ID map", as part of a major refactoring of the arm64 boot process. This...

5.5CVSS5.9AI score0.00171EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: MIPS: pgalloc: fixed a memory leak caused by pgdfree The pgd page is freed by the generic implementation pgdfree since commit f9cb654cb550 „asm-generic: pgalloc: provides a generic pgdfree”, however, there are scenarios in which...

5.5CVSS5.9AI score0.00245EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm/userfaultfd: PTEs are reset when using close, especially for entries protected by wr. The userfaultfd unregistration process includes a step to remove the wr-protect bits from all relevant pgtable entries. However, this only...

5.5CVSS6.2AI score0.00239EPSS
Exploits0References2
NVD
NVD
added 2026/06/19 10:16 a.m.15 views

CVE-2026-34192

Software installed and run as a non-privileged user may conduct improper GPU system calls to cause an error path leading to UAF of GPU page tables. The vulnerability allows physical memory allocated for MMU page tables to be used after being freed. This was caused by an error path that would not...

7.7CVSS0.0011EPSS
Exploits0References1
CVE
CVE
added 2026/06/19 9:23 a.m.24 views

CVE-2026-34192

CVE-2026-34192 affects GPU driver components (GPU DDK) where MMU page tables are freed without proper cleanup in an error path, allowing a non-privileged user to trigger use-after-free of physical memory. The issue is caused by _MMU_AllocLevel error recovery paths that leave dangling page table e...

7.7CVSS5.8AI score0.0011EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/19 9:23 a.m.32 views

CVE-2026-34192 GPU DDK - _MMU_AllocLevel error recovery paths leave dangling page table entries

Software installed and run as a non-privileged user may conduct improper GPU system calls to cause an error path leading to UAF of GPU page tables. The vulnerability allows physical memory allocated for MMU page tables to be used after being freed. This was caused by an error path that would not...

0.0011EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/19 9:23 a.m.9 views

EUVD-2026-38001

Software installed and run as a non-privileged user may conduct improper GPU system calls to cause an error path leading to UAF of GPU page tables. The vulnerability allows physical memory allocated for MMU page tables to be used after being freed. This was caused by an error path that would not...

5.8AI score0.0011EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.18 views

PT-2026-50865

Name of the Vulnerable Software and Affected Versions GPU DDK affected versions not specified Description Software run by a non-privileged user can execute improper GPU system calls to trigger an error path, resulting in a Use-After-Free UAF of GPU page tables. This occurs because an error recove...

7.7CVSS5.7AI score0.0011EPSS
Exploits0References5
OSV
OSV
added 2026/06/18 2:17 p.m.4 views

ALPINE-CVE-2026-42488

Some shadow paging errors paths will switch the page-tables without updating the currently running vCPU reference. This causes a mismatch between the loaded page-tables and the mapcache metadata which can lead to corruption of the mapcache...

8.1CVSS5.8AI score0.00353EPSS
Exploits0References1
NVD
NVD
added 2026/06/18 2:17 p.m.10 views

CVE-2026-42488

Some shadow paging errors paths will switch the page-tables without updating the currently running vCPU reference. This causes a mismatch between the loaded page-tables and the mapcache metadata which can lead to corruption of the mapcache...

8.1CVSS0.00353EPSS
Exploits0References3
CVE
CVE
added 2026/06/18 1:47 p.m.35 views

CVE-2026-42488

CVE-2026-42488 concerns the Xen hypervisor. Some shadow paging error paths can switch page-tables without updating the running vCPU reference, causing a mismatch between loaded page-tables and mapcache metadata and potentially leading to mapcache corruption. Affected products/versions are implied...

8.1CVSS5.3AI score0.00353EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/18 1:47 p.m.8 views

EUVD-2026-37891

Some shadow paging errors paths will switch the page-tables without updating the currently running vCPU reference. This causes a mismatch between the loaded page-tables and the mapcache metadata which can lead to corruption of the mapcache...

8.1CVSS5.4AI score0.00353EPSS
Exploits0References1
Rows per page
Query Builder