Lucene search
K

3340 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.1 views

Astra Linux – Vulnerability in Linux

The arch/x86/kvm/mmu/pagingtmpl.h file in the Linux kernel before version 5.12.11 incorrectly calculates the access permissions of a shadow page, resulting in a missing guest protection page fault...

5.5CVSS6.5AI score0.00469EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

With shadow paging enabled, the INVPCID instruction results in a call to kvmmmuinvpcidgva. If INVPCID is executed with CR0.PG=0, the invlpg callback is not set, and the result is a NULL pointer dereference...

6.9CVSS6.7AI score0.00318EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Immediately reset the MMU context when the SMM flag is cleared The MMU context should be reset immediately when the SMM flag of the vCPU is cleared, so that the SMM flag in the MMU context is always synchronized with th...

6.6CVSS6.2AI score0.00232EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: habanalabs: fixed a possible memory leak in MMU DR fini. This patch corrects what appears to be a copy-paste error. A memory leak will occur if the host-resident shadow is NULL which is likely to happen since the DR and HR are no...

5.5CVSS6.1AI score0.00228EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Shadow

Shadow: TOCTOU time-of-check time-of-use race condition when copying and removing directory trees...

4.7CVSS6.1AI score0.00308EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Shadow

A vulnerability was discovered in Shadow 4.5. The newgidmap function part of shadow-utils is setuid, allowing an unprivileged user to be placed in a user namespace where setgroups2 is allowed. This enables an attacker to remove themselves from a supplementary group, potentially granting them acce...

5.3CVSS6.3AI score0.01596EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux 5.15

In the efirtasmwrapper of efi-rt-wrapper.S, there is a possible way to bypass shadow stack protection due to a logical error in the code. This could result in a local escalation of privileges without the need for additional execution privileges. User interaction is not required for exploitation...

7.8CVSS6.8AI score0.00189EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/fbdev-dma: Added shadow buffering for deferred I/O. DMA areas are not necessarily backed by struct page, so we cannot rely on it for deferred I/O. Allocate a shadow buffer for drivers that require deferred I/O and use it a...

5.5CVSS6.1AI score0.00187EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: RISCV: Fixed a race condition when vmap stack overflow occurs. Currently, when detecting vmap stack overflow, RISCV first switches to the so-called shadow stack, and then uses this shadow stack to call getoverflowstack, in order ...

7CVSS6.4AI score0.00191EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: KVM: s390: vsie: fix race condition during shadow creation Currently, it is possible to encounter a crash when kvms390vsiegmapnotifier is called, with gmap-private being set to zero. This issue arises because we add gmap-private ...

4.7CVSS5.5AI score0.00175EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: arm64/entry: DAIF was unmasked in cpuswitchto, and called on the irqstack. cpuswitchto and callonirqstack manipulate the SP to switch to different stacks, along with the Shadow Call Stack if it is enabled. These two stack...

7.1CVSS6.5AI score0.00142EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in SQLite3

Before version 3.32.0, SQLite allowed a virtual table to be renamed to the name of one of its shadow tables, which are related to alter.c and build.c...

5.5CVSS6.7AI score0.0062EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: powerpc/kasan: Fixed an issue where the early region was not updated correctly. The shadow’s page table is not updated when PTERPNSHIFT is 24 and PAGESHIFT is 12. This not only causes false positives but also false negatives, ...

7.8CVSS6.4AI score0.00245EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Shadow

A flaw was discovered in shadow-utils. When requesting a new password, shadow-utils asks for the password twice. If the password is incorrect on the second attempt, shadow-utils fails in clearing the buffer used to store the first entry. This may allow an attacker with sufficient access to retrie...

5.5CVSS6.7AI score0.00257EPSS
Exploits0References2
NVD
NVD
added 2026/06/18 7:16 p.m.11 views

CVE-2026-47833

setupBpmLogs follows symlink for bpm.log open and chown — container-to-host privilege escalation via /etc/shadow. A compromised process inside a bpm container can cause root to chown an arbitrary host file to vcap and append bpm JSON log lines to it. The chown alone lets the attacker take ownersh...

6.9CVSS0.00125EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/18 6:30 p.m.10 views

EUVD-2026-37929

setupBpmLogs follows symlink for bpm.log open and chown — container-to-host privilege escalation via /etc/shadow. A compromised process inside a bpm container can cause root to chown an arbitrary host file to vcap and append bpm JSON log lines to it. The chown alone lets the attacker take ownersh...

6.9CVSS5.4AI score0.00125EPSS
Exploits0References1
CVE
CVE
added 2026/06/18 6:30 p.m.20 views

CVE-2026-47833

The CVE-2026-47833 issue affects bpm-release (all versions prior to v1.4.30). A compromised process inside a bpm container can trigger setupBpmLogs to follow a symlink for bpm.log, then perform chown on a host file to the user vcap, enabling container-to-host privilege escalation via the host’s /...

6.9CVSS5.5AI score0.00125EPSS
Exploits0References1
NVD
NVD
added 2026/06/18 2:17 p.m.9 views

CVE-2026-42488

Some shadow paging errors paths will switch the page-tables without updating the currently running vCPU reference. This causes a mismatch between the loaded page-tables and the mapcache metadata which can lead to corruption of the mapcache...

8.1CVSS0.00353EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/18 1:47 p.m.17 views

CVE-2026-42488 x86: mismatched mapcache metadata

Some shadow paging errors paths will switch the page-tables without updating the currently running vCPU reference. This causes a mismatch between the loaded page-tables and the mapcache metadata which can lead to corruption of the mapcache...

0.00353EPSS
Exploits0References1
CVE
CVE
added 2026/06/18 1:47 p.m.32 views

CVE-2026-42488

CVE-2026-42488 concerns the Xen hypervisor. Some shadow paging error paths can switch page-tables without updating the running vCPU reference, causing a mismatch between loaded page-tables and mapcache metadata and potentially leading to mapcache corruption. Affected products/versions are implied...

8.1CVSS5.3AI score0.00353EPSS
Exploits0References3
Rows per page
Query Builder