Lucene search
K

3331 matches found

Cvelist
Cvelist
added 2026/05/28 9:35 a.m.32 views

CVE-2026-46113 KVM: x86: Fix shadow paging use-after-free due to unexpected GFN

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix shadow paging use-after-free due to unexpected GFN The shadow MMU computes GFNs for direct shadow pages using sp-gfn plus the SPTE index. This assumption breaks for shadow paging if the guest page tables are modifie...

8.8CVSS0.00126EPSS
Exploits0References6
CVE
CVE
added 2026/05/28 9:35 a.m.52 views

CVE-2026-46113

CVE-2026-46113 (Linux kernel KVM x86 shadow paging use-after-free) is a resolved vulnerability in the KVM shadow paging path. The issue arises when the shadow MMU computes GFNs for direct shadow pages using sp->gfn plus the SPTE index and guest page-table modifications between VM entries can c...

8.8CVSS5.7AI score0.00126EPSS
Exploits0References6Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/28 9:35 a.m.7 views

CVE-2026-46113

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix shadow paging use-after-free due to unexpected GFN The shadow MMU computes GFNs for direct shadow pages using sp-gfn plus the SPTE index. This assumption breaks for shadow paging if the guest page tables are modifie...

8.8CVSS5.7AI score0.00126EPSS
Exploits0References7Affected Software1
Microsoft CVE
Microsoft CVE
added 2026/05/28 8:10 a.m.7 views

KVM: nSVM: Sync interrupt shadow to cached vmcb12 after VMRUN of L2

...

5.5CVSS5.4AI score0.00123EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/28 3:57 a.m.9 views

SUSE CVE-2026-45876

In the Linux kernel, the following vulnerability has been resolved: arm64/gcs: Fix error handling in archsetshadowstackstatus allocgcs returns an error-encoded pointer on failure, which comes from dommap, not NULL. The current NULL check fails to detect errors, which could lead to using an invali...

5.8AI score0.00153EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/28 3:54 a.m.12 views

SUSE CVE-2026-45987

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Sync interrupt shadow to cached vmcb12 after VMRUN of L2 After VMRUN in guest mode, nestedsynccontrolfromvmcb02 syncs fields written by the CPU from vmcb02 to the cached vmcb12. This is because the cached vmcb12 is use...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/28 3:53 a.m.11 views

SUSE CVE-2026-46063

In the Linux kernel, the following vulnerability has been resolved: x86/shstk: Prevent deadlock during shstk sigreturn During sigreturn the shadow stack signal frame is popped. The kernel does this by reading the shadow stack using normal read accesses. When it can't assume the memory is shadow...

4.7CVSS5.8AI score0.00094EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/28 3:39 a.m.13 views

CVE-2026-45876

A flaw was found in the Linux kernel. Improper error handling in the archsetshadowstackstatus function, specifically related to allocgcs, could lead to the use of an invalid Global Context Structure GCS address. This issue may allow a local attacker to cause system instability or a denial of...

5.5CVSS5.8AI score0.00153EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/28 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-46063

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - x86/shstk: Prevent deadlock during shstk sigreturn During sigreturn the shadow stack signal frame is popped. The kernel does this by reading the shadow stack...

5.5CVSS6AI score0.00094EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.12 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the accidental reuse of freed memory due to an unexpected GFN in KVM x86 shadow paging...

8.8CVSS5.8AI score0.00126EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.20 views

PT-2026-44236

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the KVM x86 shadow paging mechanism. The shadow MMU calculates Guest Frame Numbers GFNs for direct shadow pages by adding the SPTE index to sp-gfn. This...

8.8CVSS5.9AI score0.00126EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/05/27 10:9 p.m.13 views

CVE-2026-45987

A flaw was found in the KVM Kernel-based Virtual Machine nSVM component of the Linux kernel. This vulnerability occurs when the interrupt shadow state is not correctly synchronized to the cached Virtual Machine Control Block VMCB after a Level 2 L2 guest virtual machine VM execution. A local...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/27 8:10 p.m.10 views

CVE-2026-46063

A flaw was found in the Linux kernel. A deadlock can occur during the shadow stack signal return shstk sigreturn process on x86 systems. This happens when the kernel attempts to read the shadow stack signal frame, and a page fault occurs, leading to a recursive attempt to acquire an mmap read loc...

5.5CVSS5.8AI score0.00094EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/27 3:33 p.m.9 views

EUVD-2026-32283

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Sync interrupt shadow to cached vmcb12 after VMRUN of L2 After VMRUN in guest mode, nestedsynccontrolfromvmcb02 syncs fields written by the CPU from vmcb02 to the cached vmcb12. This is because the cached vmcb12 is use...

5.7AI score0.00123EPSS
Exploits0References6
EUVD
EUVD
added 2026/05/27 3:33 p.m.9 views

EUVD-2026-32342

In the Linux kernel, the following vulnerability has been resolved: arm64/gcs: Fix error handling in archsetshadowstackstatus allocgcs returns an error-encoded pointer on failure, which comes from dommap, not NULL. The current NULL check fails to detect errors, which could lead to using an invali...

5.8AI score0.00153EPSS
Exploits0References4
NVD
NVD
added 2026/05/27 2:17 p.m.11 views

CVE-2026-46063

In the Linux kernel, the following vulnerability has been resolved: x86/shstk: Prevent deadlock during shstk sigreturn During sigreturn the shadow stack signal frame is popped. The kernel does this by reading the shadow stack using normal read accesses. When it can't assume the memory is shadow...

5.5CVSS0.00094EPSS
Exploits0References5
NVD
NVD
added 2026/05/27 2:17 p.m.11 views

CVE-2026-45987

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Sync interrupt shadow to cached vmcb12 after VMRUN of L2 After VMRUN in guest mode, nestedsynccontrolfromvmcb02 syncs fields written by the CPU from vmcb02 to the cached vmcb12. This is because the cached vmcb12 is use...

5.5CVSS0.00123EPSS
Exploits0References8
NVD
NVD
added 2026/05/27 2:17 p.m.18 views

CVE-2026-45876

In the Linux kernel, the following vulnerability has been resolved: arm64/gcs: Fix error handling in archsetshadowstackstatus allocgcs returns an error-encoded pointer on failure, which comes from dommap, not NULL. The current NULL check fails to detect errors, which could lead to using an invali...

5.5CVSS0.00153EPSS
Exploits0References3
OSV
OSV
added 2026/05/27 2:17 p.m.9 views

UBUNTU-CVE-2026-45876

In the Linux kernel, the following vulnerability has been resolved: arm64/gcs: Fix error handling in archsetshadowstackstatus allocgcs returns an error-encoded pointer on failure, which comes from dommap, not NULL. The current NULL check fails to detect errors, which could lead to using an invali...

5.5CVSS5.7AI score0.00153EPSS
Exploits0References3
OSV
OSV
added 2026/05/27 2:17 p.m.5 views

UBUNTU-CVE-2026-45987

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Sync interrupt shadow to cached vmcb12 after VMRUN of L2 After VMRUN in guest mode, nestedsynccontrolfromvmcb02 syncs fields written by the CPU from vmcb02 to the cached vmcb12. This is because the cached vmcb12 is use...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References6
Rows per page
Query Builder