Lucene search
K

1254 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/09 3:56 a.m.8 views

CVE-2026-41163

bubblewrap is a low-level unprivileged sandboxing tool. From version 0.11.0 to before version 0.11.2, if bubblewrap is installed in setuid mode then the user can use ptrace to attach to bubblewrap and control the unprivileged part of the sandbox setup phase. This allows the attacker to arbitraril...

8.7CVSS5.7AI score0.00274EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/09 3:56 a.m.6 views

CVE-2026-41163 bubblewrap vulnerable to privilege escalation in setuid mode via ptrace

bubblewrap is a low-level unprivileged sandboxing tool. From version 0.11.0 to before version 0.11.2, if bubblewrap is installed in setuid mode then the user can use ptrace to attach to bubblewrap and control the unprivileged part of the sandbox setup phase. This allows the attacker to arbitraril...

8.7CVSS5.7AI score0.00274EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/09 3:56 a.m.20 views

EUVD-2026-28884

bubblewrap is a low-level unprivileged sandboxing tool. From version 0.11.0 to before version 0.11.2, if bubblewrap is installed in setuid mode then the user can use ptrace to attach to bubblewrap and control the unprivileged part of the sandbox setup phase. This allows the attacker to arbitraril...

8.7CVSS5.7AI score0.00274EPSS
Exploits0References2
CVE
CVE
added 2026/05/09 3:56 a.m.97 views

CVE-2026-41163

CVE-2026-41163 affects bubblewrap when installed in setuid mode from version 0.11.0 up to before 0.11.2. The vulnerability arises because an attacker can use ptrace to attach to bubblewrap and manipulate the unprivileged portion of the sandbox setup phase, enabling the attacker to perform privile...

8.7CVSS5.7AI score0.00274EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2026/05/09 3:56 a.m.6 views

CVE-2026-41163

bubblewrap is a low-level unprivileged sandboxing tool. From version 0.11.0 to before version 0.11.2, if bubblewrap is installed in setuid mode then the user can use ptrace to attach to bubblewrap and control the unprivileged part of the sandbox setup phase. This allows the attacker to arbitraril...

8.7CVSS5.7AI score0.00274EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/05/09 3:56 a.m.12 views

CVE-2026-41163

bubblewrap is a low-level unprivileged sandboxing tool. From version 0.11.0 to before version 0.11.2, if bubblewrap is installed in setuid mode then the user can use ptrace to attach to bubblewrap and control the unprivileged part of the sandbox setup phase. This allows the attacker to arbitraril...

8.7CVSS5.7AI score0.00274EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.5 views

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-007041)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007041 advisory. In the Linux kernel, the following vulnerability has been resolved: riscv: process: Fix kernel gp leakage childregs represents the registers which are active for the...

7.1CVSS7AI score0.00264EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/02/18 12:25 a.m.2 views

SUSE CVE-2026-23114

In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: ptrace: Fix SVE writes on !SME systems When SVE is supported but SME is not supported, a ptrace write to the NTARMSVE regset can place the tracee into an invalid state where non-streaming SVE register data is stored...

5.5CVSS5.7AI score0.001EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/02/16 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-23114

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - arm64/fpsimd: ptrace: Fix SVE writes on !SME systems When SVE is supported but SME is not supported, a ptrace write to the NTARMSVE regset can place the tracee...

5.5CVSS6AI score0.001EPSS
Exploits0References3
NVD
NVD
added 2026/02/14 3:16 p.m.10 views

CVE-2026-23114

In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: ptrace: Fix SVE writes on !SME systems When SVE is supported but SME is not supported, a ptrace write to the NTARMSVE regset can place the tracee into an invalid state where non-streaming SVE register data is stored...

5.5CVSS0.001EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/02/14 3:16 p.m.5 views

CVE-2026-23114

In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: ptrace: Fix SVE writes on !SME systems When SVE is supported but SME is not supported, a ptrace write to the NTARMSVE regset can place the tracee into an invalid state where non-streaming SVE register data is stored...

5.5CVSS5.7AI score0.001EPSS
Exploits0References4
OSV
OSV
added 2026/02/14 3:16 p.m.3 views

UBUNTU-CVE-2026-23114

In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: ptrace: Fix SVE writes on !SME systems When SVE is supported but SME is not supported, a ptrace write to the NTARMSVE regset can place the tracee into an invalid state where non-streaming SVE register data is stored...

5.5CVSS5.7AI score0.001EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2026/02/14 3:9 p.m.4 views

CVE-2026-23114

In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: ptrace: Fix SVE writes on !SME systems When SVE is supported but SME is not supported, a ptrace write to the NTARMSVE regset can place the tracee into an invalid state where non-streaming SVE register data is stored...

5.5CVSS5.4AI score0.001EPSS
Exploits0
Cvelist
Cvelist
added 2026/02/14 3:9 p.m.29 views

CVE-2026-23114 arm64/fpsimd: ptrace: Fix SVE writes on !SME systems

In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: ptrace: Fix SVE writes on !SME systems When SVE is supported but SME is not supported, a ptrace write to the NTARMSVE regset can place the tracee into an invalid state where non-streaming SVE register data is stored...

0.001EPSS
Exploits0References2
CVE
CVE
added 2026/02/14 3:9 p.m.19 views

CVE-2026-23114

Summary (CVE-2026-23114) The Linux kernel arm64 FPSIMD/SVE state management vulnerability arises when SVE is supported but SME is not: a ptrace write to the NT_ARM_SVE regset can place the tracee in an invalid state, storing non-streaming SVE data in FP_STATE_SVE format while TIF_SVE is not set. ...

5.5CVSS5.3AI score0.001EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/14 3:9 p.m.5 views

CVE-2026-23114

In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: ptrace: Fix SVE writes on !SME systems When SVE is supported but SME is not supported, a ptrace write to the NTARMSVE regset can place the tracee into an invalid state where non-streaming SVE register data is stored...

5.3AI score0.001EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/02/14 3:9 p.m.8 views

CVE-2026-23114 arm64/fpsimd: ptrace: Fix SVE writes on !SME systems

In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: ptrace: Fix SVE writes on !SME systems When SVE is supported but SME is not supported, a ptrace write to the NTARMSVE regset can place the tracee into an invalid state where non-streaming SVE register data is stored...

5.5CVSS5.3AI score0.001EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/02/14 12:0 a.m.6 views

PT-2026-8107

In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: ptrace: Fix SVE writes on !SME systems When SVE is supported but SME is not supported, a ptrace write to the NT ARM SVE regset can place the tracee into an invalid state where non-streaming SVE register data is stor...

5.3AI score0.001EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/02/14 12:0 a.m.8 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper handling of SVE writes by ptrace in the arm64/fpsimd architecture. This vulnerability may lead...

5.5CVSS6AI score0.001EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.9 views

MiracleLinux 9 : kernel-5.14.0-162.12.1.el9_1 (AXSA:2023-4976:04)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-4976:04 advisory. kernel: watch queue race condition can lead to privilege escalation CVE-2022-2959 kernel: memory corruption in AX88179178A based USB ethernet device...

7.8CVSS7.2AI score0.21314EPSS
Exploits1References7
Rows per page
Query Builder