Lucene search
K

152 matches found

Tenable Nessus
Tenable Nessus
added 5 days ago6 views

Linux Distros Unpatched Vulnerability : CVE-2026-53286

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - idpf: fix double free and use-after-free in aux device error paths When auxiliarydeviceadd fails in idpfplugvportauxdev or idpfplugcoreauxdev, the errauxdevadd...

6AI score0.00169EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-53188

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/core: Validate the passed in fops for ibgetucaps Sashiko pointed out it is not safe to rely only on the devt because char/block alias so if the user finds ...

8.8CVSS6AI score0.00136EPSS
Exploits0References3
OSV
OSV
added 2026/06/26 8:17 p.m.3 views

UBUNTU-CVE-2026-53286

In the Linux kernel, the following vulnerability has been resolved: idpf: fix double free and use-after-free in aux device error paths When auxiliarydeviceadd fails in idpfplugvportauxdev or idpfplugcoreauxdev, the errauxdevadd label calls auxiliarydeviceuninit and falls through to errauxdevinit...

5.7AI score0.00169EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/26 8:49 a.m.5 views

CVE-2026-53188

A flaw was found in the Linux kernel's RDMA/core component. This vulnerability arises from insufficient validation of file operations fops passed to the ibgetucaps function. A local attacker could exploit this by creating a block device with a device number devt that aliases a character device...

8.8CVSS5.8AI score0.00136EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/06/26 2:10 a.m.6 views

SUSE CVE-2026-53187

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Validate cpuid against nrcpuids in DMAH alloc The cpuid attribute supplied by user space through UVERBSATTRALLOCDMAHCPUID is passed directly to cpumasktestcpu without first verifying that the value is within the valid...

7.1CVSS5.8AI score0.00129EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/25 11:53 p.m.5 views

CVE-2026-53187

A flaw was found in the Linux kernel's RDMA/core component. A local attacker could supply an invalid cpuid through the UVERBSATTRALLOCDMAHCPUID attribute without proper validation. This improper validation could lead to an out-of-bounds read of the cpumask bitmap. On systems configured with...

7.1CVSS5.8AI score0.00129EPSS
Exploits0References4
NVD
NVD
added 2026/06/25 9:16 a.m.5 views

CVE-2026-53187

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Validate cpuid against nrcpuids in DMAH alloc The cpuid attribute supplied by user space through UVERBSATTRALLOCDMAHCPUID is passed directly to cpumasktestcpu without first verifying that the value is within the valid...

7.1CVSS0.00129EPSS
Exploits0References3
NVD
NVD
added 2026/06/25 9:16 a.m.5 views

CVE-2026-53188

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Validate the passed in fops for ibgetucaps Sashiko pointed out it is not safe to rely only on the devt because char/block alias so if the user finds a block device with the same devt it can masquerade as a ucap cdev fd...

8.8CVSS0.00136EPSS
Exploits0References3
OSV
OSV
added 2026/06/25 9:16 a.m.3 views

UBUNTU-CVE-2026-53187

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Validate cpuid against nrcpuids in DMAH alloc The cpuid attribute supplied by user space through UVERBSATTRALLOCDMAHCPUID is passed directly to cpumasktestcpu without first verifying that the value is within the valid...

7.1CVSS5.7AI score0.00129EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/25 8:39 a.m.3 views

EUVD-2026-39278

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Validate cpuid against nrcpuids in DMAH alloc The cpuid attribute supplied by user space through UVERBSATTRALLOCDMAHCPUID is passed directly to cpumasktestcpu without first verifying that the value is within the valid...

5.7AI score0.00129EPSS
Exploits0References3
CVE
CVE
added 2026/06/25 8:39 a.m.9 views

CVE-2026-53187

The CVE-2026-53187 issue affects the Linux kernel RDMA/core: the cpu_id supplied via UVERBS_ATTR_ALLOC_DMAH_CPU_ID is passed to cpumask_test_cpu() without validating it against nr_cpu_ids, leading to an out-of-bounds read of the cpumask bitmap. On kernels built with CONFIG_DEBUG_PER_CPU_MAPS this...

7.1CVSS5.7AI score0.00129EPSS
Exploits0References3
CVE
CVE
added 2026/06/25 8:39 a.m.6 views

CVE-2026-53188

The CVE-2026-53188 entry concerns a Linux kernel RDMA/core flaw where fops passed to ib_get_ucaps() could be spoofed via a block device sharing a dev_t with a character device (char/block alias). The root cause is insufficient validation of f_ops, allowing a local attacker with access to device n...

8.8CVSS5.8AI score0.00136EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/25 8:39 a.m.25 views

CVE-2026-53188 RDMA/core: Validate the passed in fops for ib_get_ucaps()

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Validate the passed in fops for ibgetucaps Sashiko pointed out it is not safe to rely only on the devt because char/block alias so if the user finds a block device with the same devt it can masquerade as a ucap cdev fd...

8.8CVSS0.00136EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/25 8:39 a.m.25 views

CVE-2026-53187 RDMA/core: Validate cpu_id against nr_cpu_ids in DMAH alloc

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Validate cpuid against nrcpuids in DMAH alloc The cpuid attribute supplied by user space through UVERBSATTRALLOCDMAHCPUID is passed directly to cpumasktestcpu without first verifying that the value is within the valid...

7.1CVSS0.00129EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/25 8:39 a.m.4 views

EUVD-2026-39279

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Validate the passed in fops for ibgetucaps Sashiko pointed out it is not safe to rely only on the devt because char/block alias so if the user finds a block device with the same devt it can masquerade as a ucap cdev fd...

5.8AI score0.00136EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/25 8:39 a.m.4 views

CVE-2026-53188

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Validate the passed in fops for ibgetucaps Sashiko pointed out it is not safe to rely only on the devt because char/block alias so if the user finds a block device with the same devt it can masquerade as a ucap cdev fd...

8.8CVSS5.7AI score0.00136EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: The reference count of the device should always be dropped in ibdelsubdeviceandput. Since nldevdeldev introduced in commit 060c642b2ab8 “RDMA/nldev: Add support for adding/deleting a sub IB device through netlink” grab...

7.8CVSS6AI score0.00119EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fixed the null-ptr-deref issue in ibcorecleanup. KASAN reported a null-ptr-deref error: KASAN: Null pointer dereferencing in the range 0x0000000000000118–0x000000000000011f. CPU: 1; PID: 379. Hardware name: QEMU Standa...

5.5CVSS6.2AI score0.00172EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/core: Ensure that “ibport” is valid when accessing the sysfs node. The “ibport” structure must be set before adding the sysfs kobject, and reset after removing it. Otherwise, the system may crash when accessing the sysfs...

5.5CVSS5.6AI score0.00145EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/core: Set the send and receive CQ pointers before forwarding them to the driver. Preset both receive and send CQ pointers prior to calling the drivers, and overwrite them again until the mlx4 is changed. Do not overwrite...

7.8CVSS6.2AI score0.00219EPSS
Exploits0References2
Rows per page
Query Builder