Lucene search
K

3359 matches found

Cvelist
Cvelist
added 2026/05/27 12:57 p.m.39 views

CVE-2026-46063 x86/shstk: Prevent deadlock during shstk sigreturn

In the Linux kernel, the following vulnerability has been resolved: x86/shstk: Prevent deadlock during shstk sigreturn During sigreturn the shadow stack signal frame is popped. The kernel does this by reading the shadow stack using normal read accesses. When it can't assume the memory is shadow...

0.00094EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/27 12:57 p.m.14 views

EUVD-2026-32445

In the Linux kernel, the following vulnerability has been resolved: x86/shstk: Prevent deadlock during shstk sigreturn During sigreturn the shadow stack signal frame is popped. The kernel does this by reading the shadow stack using normal read accesses. When it can't assume the memory is shadow...

5.8AI score0.00094EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/27 12:57 p.m.9 views

CVE-2026-46063

In the Linux kernel, the following vulnerability has been resolved: x86/shstk: Prevent deadlock during shstk sigreturn During sigreturn the shadow stack signal frame is popped. The kernel does this by reading the shadow stack using normal read accesses. When it can't assume the memory is shadow...

5.8AI score0.00094EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2026/05/27 12:57 p.m.34 views

CVE-2026-46063

The CVE-2026-46063 issue affects the Linux kernel with x86 shadow stack (shstk) handling of sigreturn. Root cause: during a shadow-stack sigframe read, the kernel previously held the mmap lock while verifying VMA flags to distinguish shadow stack memory. A page fault during this read could trigge...

5.5CVSS5.8AI score0.00094EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/05/27 12:55 p.m.34 views

CVE-2026-45987

Technical details about CVE-2026-45987 are not publicly provided in the connected documents. No explicit affected products, root cause, or fixes are present beyond generic patch notes; monitor for updates.

5.5CVSS5.7AI score0.00123EPSS
Exploits0References8Affected Software1
Debian CVE
Debian CVE
added 2026/05/27 12:55 p.m.9 views

CVE-2026-45987

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Sync interrupt shadow to cached vmcb12 after VMRUN of L2 After VMRUN in guest mode, nestedsynccontrolfromvmcb02 syncs fields written by the CPU from vmcb02 to the cached vmcb12. This is because the cached vmcb12 is use...

5.5CVSS5.7AI score0.00123EPSS
Exploits0
Cvelist
Cvelist
added 2026/05/27 12:55 p.m.42 views

CVE-2026-45987 KVM: nSVM: Sync interrupt shadow to cached vmcb12 after VMRUN of L2

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Sync interrupt shadow to cached vmcb12 after VMRUN of L2 After VMRUN in guest mode, nestedsynccontrolfromvmcb02 syncs fields written by the CPU from vmcb02 to the cached vmcb12. This is because the cached vmcb12 is use...

0.00123EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/05/27 12:16 p.m.42 views

CVE-2026-45876 arm64/gcs: Fix error handling in arch_set_shadow_stack_status()

In the Linux kernel, the following vulnerability has been resolved: arm64/gcs: Fix error handling in archsetshadowstackstatus allocgcs returns an error-encoded pointer on failure, which comes from dommap, not NULL. The current NULL check fails to detect errors, which could lead to using an invali...

0.00153EPSS
Exploits0References3
CVE
CVE
added 2026/05/27 12:16 p.m.27 views

CVE-2026-45876

CVE-2026-45876 affects the Linux kernel (arm64 architecture) in the arch_set_shadow_stack_status flow. The bug arises from error handling in alloc_gcs(), which can return an error-encoded pointer from do_mmap() instead of NULL. A NULL-based check fails to detect these errors, risking use of an in...

5.5CVSS5.8AI score0.00153EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2026/05/27 12:16 p.m.15 views

CVE-2026-45876

In the Linux kernel, the following vulnerability has been resolved: arm64/gcs: Fix error handling in archsetshadowstackstatus allocgcs returns an error-encoded pointer on failure, which comes from dommap, not NULL. The current NULL check fails to detect errors, which could lead to using an invali...

5.5CVSS5.7AI score0.00153EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/05/27 12:0 a.m.8 views

CVE-2026-36538

Netis AC1200 Router NC21 V4.0.1.4296 contains a hard-coded root credential stored in /etc/shadow.sample. The password for the root account is set to the trivially weak value root, allowing an attacker with access to the device to authenticate as root and gain full control of the underlying...

5.8AI score0.00301EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/05/27 12:0 a.m.11 views

CVE-2026-45876

arm64/gcs: Fix error handling in archsetshadowstackstatus...

5.8AI score0.00153EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/27 12:0 a.m.41 views

CVE-2026-36538

Netis AC1200 Router NC21 V4.0.1.4296 contains a hard-coded root credential stored in /etc/shadow.sample. The password for the root account is set to the trivially weak value root, allowing an attacker with access to the device to authenticate as root and gain full control of the underlying...

0.00301EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.12 views

PT-2026-43705

Netis AC1200 Router NC21 V4.0.1.4296 contains a hard-coded root credential stored in /etc/shadow.sample. The password for the root account is set to the trivially weak value root, allowing an attacker with access to the device to authenticate as root and gain full control of the underlying...

5.8AI score0.00301EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.14 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of NULL pointer checks in the archsetshadowstackstatus function within the arm64 GCS...

5.8AI score0.00153EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.15 views

PT-2026-43743

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the arch set shadow stack status function where error handling is insufficient. The alloc gcs function, which relies on do mmap, returns an error-encoded pointer upon...

5.9AI score0.00153EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.12 views

PT-2026-43854

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description In the KVM nSVM component, the nested sync control from vmcb02 function fails to synchronize the int state field, specifically bit 0 SVM INTERRUPT SHADOW MASK, from vmcb02 to the cached...

5.5CVSS5.9AI score0.00123EPSS
Exploits0
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.12 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from KVM nSVM failing to synchronize the interrupt shadow with the cached vmcb12 after VMRUN,...

5.8AI score0.00123EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/05/27 12:0 a.m.10 views

CVE-2026-45987

KVM: nSVM: Sync interrupt shadow to cached vmcb12 after VMRUN of L2...

5.8AI score0.00123EPSS
Exploits0References2
CVE
CVE
added 2026/05/27 12:0 a.m.24 views

CVE-2026-36538

Netis AC1200 Router NC21 (firmware v4.0.1.4296) is affected by a hard-coded root credential stored in /etc/shadow.sample, with the root password set to root. This enables an attacker with device access to authenticate as root and take full control of the OS. The connected Red Hat/NVD entries corr...

7.3CVSS5.8AI score0.00301EPSS
Exploits0References1
Rows per page
Query Builder