Lucene search
K

1255 matches found

Qualys Blog
Qualys Blog
added 2026/05/20 3:40 p.m.15 views

CVE-2026-46333: Local Root Privilege Escalation and Credential Disclosure in the Linux Kernel ptrace Path

The Qualys Threat Research Unit TRU has discovered and published the full advisory for CVE-2026-46333, a logic flaw in the Linux kernel's ptracemayaccess function that permits an unprivileged local user to disclose sensitive files and execute arbitrary commands as root on default installations of...

7.1CVSS6.3AI score0.0138EPSS
Exploits6
Rosalinux
Rosalinux
added 2026/05/20 7:5 a.m.38 views

Advisory ROSA-SA-2026-3289

software: kernel-6.1 6.1.152 OS: ROSA-CHROME unaffected versions = kernel-6.1-6.1.1.152-4 affected versions data.opnents field during buffer management. By exploiting the RDS TCP transport SORDSTRANSPORT=2 in conjunction with iouring, a local unprivileged attacker can cause memory corruption and...

7.8CVSS5.8AI score0.03663EPSS
Exploits17
Rosalinux
Rosalinux
added 2026/05/20 7:5 a.m.22 views

Advisory ROSA-SA-2026-3288

software: kernel-6.6 6.6.126 WASP: ROSA-CHROME unaffected versions = kernel-6.6-6.6.6.126-6 affected versions data.opnents field during buffer management. By exploiting the RDS TCP transport SORDSTRANSPORT=2 in conjunction with iouring, a local unprivileged attacker can cause memory corruption an...

7.8CVSS5.8AI score0.03663EPSS
Exploits17
Rosalinux
Rosalinux
added 2026/05/20 7:5 a.m.26 views

Advisory ROSA-SA-2026-3290

software: kernel-5.15 5.15.193 WASP: ROSA-CHROME unaffected versions = kernel-5.15-5.15.193-6 affected versions data.opnents field during buffer management. By exploiting the RDS TCP transport SORDSTRANSPORT=2 in conjunction with iouring, a local unprivileged attacker can cause memory corruption...

7.8CVSS5.8AI score0.03663EPSS
Exploits17
Rosalinux
Rosalinux
added 2026/05/20 7:5 a.m.10 views

Advisory ROSA-SA-2026-3287

software: kernel-6.12 6.12.74 WASP: ROSA-CHROME unaffected versions = kernel-6.12-6.12.74-13 affected versions data.opnents field during buffer management. By exploiting the RDS TCP transport SORDSTRANSPORT=2 in conjunction with iouring, a local unprivileged attacker can cause memory corruption a...

7.8CVSS5.8AI score0.03663EPSS
Exploits17
Oracle linux
Oracle linux
added 2026/05/20 12:0 a.m.12 views

Unbreakable Enterprise kernel security update

6.12.0-202.76.4.3 - ptrace: slightly saner 'getdumpable' logic Linus Torvalds Orabug: 39391434 CVE-2026-46333...

7.1CVSS6AI score0.0138EPSS
Exploits6
Positive Technologies
Positive Technologies
added 2026/05/20 12:0 a.m.10 views

PT-2026-42398

Name of the Vulnerable Software and Affected Versions FreeBSD versions 14.x Description A stack buffer overflow exists in the setcred2 system call. The issue occurs because a user-supplied list of supplementary groups is copied into a fixed-size kernel stack buffer before the privilege level of t...

7.8CVSS6.3AI score0.00409EPSS
Exploits1References22
Tenable Nessus
Tenable Nessus
added 2026/05/20 12:0 a.m.8 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021497)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021497 advisory. In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'getdumpable' logic The 'dumpability' of a task is fundamentally about the...

7.8CVSS6.2AI score0.0138EPSS
Exploits6References4
Tenable Nessus
Tenable Nessus
added 2026/05/20 12:0 a.m.15 views

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-021504)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021504 advisory. In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'getdumpable' logic The 'dumpability' of a task is fundamentally about the...

7.8CVSS6.2AI score0.0138EPSS
Exploits6References4
FreeBSD
FreeBSD
added 2026/05/20 12:0 a.m.18 views

FreeBSD -- Missing validation in ptrace(PT_SC_REMOTE)

Problem Description: ptracePTSCREMOTE failed to properly validate parameters for the syscall2 and syscall2 meta-system calls. As a result, a user with the ability to debug a process may trigger arbitrary code execution in the kernel, even if the target process has no special privileges. Impact: T...

8.4CVSS6AI score0.00196EPSS
Exploits0
FreeBSD Advisory
FreeBSD Advisory
added 2026/05/20 12:0 a.m.7 views

FreeBSD-SA-26:21.ptrace

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-26:21.ptrace Security Advisory The FreeBSD Project Topic: Missing validation in ptracePTSCREMOTE Category: core Module: ptrace Announced: 2026-05-20 Credits:...

8.4CVSS6.5AI score0.00196EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/20 12:0 a.m.14 views

FreeBSD Security Advisory - FreeBSD-SA-26:21.ptrace

FreeBSD Security Advisory - ptracePTSCREMOTE failed to properly validate parameters for the syscall2 and syscall2 meta-system calls. As a result, a user with the ability to debug a process may trigger arbitrary code execution in the kernel, even if the target process has no special privileges...

8.4CVSS6.3AI score0.00196EPSS
Exploits0
OSV
OSV
added 2026/05/19 5:4 p.m.5 views

SUSE-SU-2026:21735-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and Micro 6.1 kernel was updated to fix one issue - CVE-2026-46333: ptrace: slightly saner 'getdumpable' logic bsc1265308...

7.8CVSS6AI score0.0138EPSS
Exploits6References3
OSV
OSV
added 2026/05/19 4:10 p.m.10 views

CLSA-2026-1779202006 Fix CVE(s): CVE-2026-43284, CVE-2026-46300, CVE-2026-46333

Ubuntu: 4.15.0-256.267 CVE-2026-46333 - ptrace: require CAPSYSPTRACE when task has no mm CVE-2026-46333 CVE-2026-46300 - net: skbuff: propagate shared-frag marker through copy/coalesce/gro/shift paths CVE-2026-46300 CVE-2026-43284 - xfrm: esp: avoid in-place decrypt on shared skb frags...

8.8CVSS6AI score0.93235EPSS
Exploits45References1
Rosalinux
Rosalinux
added 2026/05/19 3:54 p.m.17 views

Advisory ROSA-SA-2026-3286

Software: kernel-ml 5.15.207 OS: rosa-server79 unaffected versions = kernel-ml-5.15.207-1.0.1.res7 affected versions kernel-ml-5.15.207-1.0.1.res7 CVE-ID: CVE-2026-31431 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Vulnerability in the Linux kernel crypto subsystem crypto: algifaead. Attempts to perfor...

8.8CVSS7.1AI score0.96267EPSS
Exploits260
OSV
OSV
added 2026/05/19 3:51 p.m.5 views

SUSE-SU-2026:21721-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2026-46333:ptrace: slightly saner 'getdumpable' logic bsc1265308...

7.8CVSS6AI score0.0138EPSS
Exploits6References3
OSV
OSV
added 2026/05/19 8:58 a.m.11 views

CLSA-2026-1779181085 kernel-uek: Fix of CVE-2026-46333

ptrace: require CAPSYSPTRACE when task has no mm CVE-2026-46333...

7.8CVSS6AI score0.0138EPSS
Exploits6References1
OSV
OSV
added 2026/05/19 8:54 a.m.11 views

CLSA-2026-1779180837 kernel: Fix of CVE-2026-46333

ptrace: require CAPSYSPTRACE when task has no mm CVE-2026-46333...

7.8CVSS6AI score0.0138EPSS
Exploits6References1
OSV
OSV
added 2026/05/19 8:45 a.m.4 views

CLSA-2026-1779180310 kernel: Fix of CVE-2026-46333

ptrace: require CAPSYSPTRACE when task has no mm CVE-2026-46333...

7.8CVSS6AI score0.0138EPSS
Exploits6References1
OSV
OSV
added 2026/05/19 8:31 a.m.8 views

CLSA-2026-1779179460 kernel: Fix of CVE-2026-46333

ptrace: require CAPSYSPTRACE when task has no mm CVE-2026-46333...

7.8CVSS5.8AI score0.0138EPSS
Exploits6References1
Rows per page
Query Builder