CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

91 matches found

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: rustbinder: Avoid reading the written value in the offset array. When sending a transaction, its offset array is first copied into the target process’s virtual memory area vma. Then, the values are read back from there. This is...

7.8CVSS5.6AI score0.00099EPSS

Exploits0References1

AstraLinux•added 2026/05/20 5:53 a.m.•4 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: rustbinder: fixed oneway spam detection The spam detection logic in TreeRange was executed before the current request was inserted into the tree. As a result, the new request wasn’t taken into account in the spam calculation...

5.5CVSS5.7AI score0.00121EPSS

Exploits0References1

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: rustbinder: Calling setnotificationdone without holding the proc lock. Consider the following sequence of events when a death listener is triggered: 1. The remote process dies and sends a BRDEADBINDER message. 2. The local proces...

5.5CVSS5.3AI score0.0009EPSS

Exploits0References1

AstraLinux•added 2026/05/20 5:53 a.m.•4 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: rustbinder: Check ownership before using vma When installing missing pages or updating them, Rust Binder will look up the vma in the memory management unit by address, and then call vminsertpage or zappagerangesingle. However, if...

7.8CVSS5.7AI score0.00128EPSS

Exploits0References1

AstraLinux•added 2026/05/20 5:53 a.m.•6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: rustbinder: The spinlock call in rustshrinkfreepage has been removed. When porting Rust Binder to version 6.18, I overlooked including the commit fb56fdf8b9a2 “mm/listlru: split the lock to per-cgroup scope” in the consideration...

5.5CVSS5.4AI score0.00102EPSS

Exploits0References2

Tenable Nessus•added 2026/05/20 12:0 a.m.•8 views

Linux Distros Unpatched Vulnerability : CVE-2026-43433

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: rustbinder: avoid reading the written value in offsets array When sending a transaction, its...

7.8CVSS5.7AI score0.00099EPSS

Exploits0References2

Tenable Nessus•added 2026/05/20 12:0 a.m.•10 views

Linux Distros Unpatched Vulnerability : CVE-2026-43434

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: rustbinder: check ownership before using vma When installing missing pages or zapping them,...

7.8CVSS5.7AI score0.00128EPSS

Exploits0References2

SUSE CVE•added 2026/05/13 3:34 a.m.•6 views

SUSE CVE-2026-43435

In the Linux kernel, the following vulnerability has been resolved: rustbinder: fix oneway spam detection The spam detection logic in TreeRange was executed before the current request was inserted into the tree. So the new request was not being factored in the spam calculation. Fix this by moving...

5.7AI score0.00121EPSS

Exploits0References3

SUSE CVE•added 2026/05/11 2:13 p.m.•6 views

SUSE CVE-2026-43433

In the Linux kernel, the following vulnerability has been resolved: rustbinder: avoid reading the written value in offsets array When sending a transaction, its offsets array is first copied into the target proc's vma, and then the values are read back from there. This is normally fine because th...

7.8CVSS5.7AI score0.00099EPSS

Exploits0References3

RedhatCVE•added 2026/05/08 11:55 p.m.•9 views

CVE-2026-43435

A flaw was found in the Linux kernel's rustbinder component. The oneway spam detection logic in both TreeRange and ArrayRange was incorrectly implemented or missing, allowing large spamming transactions to go undetected. A local attacker could exploit this vulnerability to cause a Denial of Servi...

5.5CVSS5.8AI score0.00121EPSS

Exploits0References4

RedhatCVE•added 2026/05/08 11:52 p.m.•6 views

CVE-2026-43434

A flaw was found in the rustbinder component of the Linux kernel. When installing or zapping pages, rustbinder may incorrectly look up and use a Virtual Memory Area VMA if it has been closed and replaced at the same address. This can allow a local attacker to write to normally read-only binder...

7.8CVSS5.7AI score0.00128EPSS

Exploits0References4

RedhatCVE•added 2026/05/08 11:51 p.m.•7 views

CVE-2026-43433

A flaw was found in the Linux kernel's rustbinder component. If a local process gains the ability to write to its own virtual memory area VMA, it could exploit a time-of-check to time-of-use TOCTOU vulnerability. This allows the process to alter the offsets array during a transaction before it is...

7.8CVSS5.8AI score0.00099EPSS

Exploits0References4

EUVD•added 2026/05/08 3:31 p.m.•10 views

EUVD-2026-28739

5.7AI score0.00099EPSS

Exploits0References4

EUVD•added 2026/05/08 3:31 p.m.•7 views

EUVD-2026-28741

5.7AI score0.00121EPSS

Exploits0References4

EUVD•added 2026/05/08 3:31 p.m.•9 views

EUVD-2026-28740

In the Linux kernel, the following vulnerability has been resolved: rustbinder: check ownership before using vma When installing missing pages or zapping them, Rust Binder will look up the vma in the mm by address, and then call vminsertpage or zappagerangesingle. However, if the vma is closed an...

5.7AI score0.00128EPSS

Exploits0References4