USN-8390-1: Linux kernel vulnerability

It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...

EUVD-2026-15312

In the Linux kernel, the following vulnerability has been resolved: arm64: gcs: Do not set PTESHARED on GCS mappings if FEATLPA2 is enabled When FEATLPA2 is enabled, bits 8-9 of the PTE replace the shareability attribute with bits 50-51 of the output address. The PAGEGCS,RO definitions include th...

Linux Distros Unpatched Vulnerability : CVE-2026-23345

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - arm64: gcs: Do not set PTESHARED on GCS mappings if FEATLPA2 is enabled When FEATLPA2 is enabled, bits 8-9 of the PTE replace the shareability attribute with bi...

CVE-2026-24045

Docmost is open-source collaborative wiki and documentation software. From 0.20.0 and before 0.25.0, the public share page functionality in Docmost does not properly HTML-escape page titles before inserting them into meta tags and the title tag. This allows Stored Cross-Site Scripting XSS attacks...

CVE-2026-24045

Docmost is open-source collaborative wiki and documentation software. From 0.20.0 and before 0.25.0, the public share page functionality in Docmost does not properly HTML-escape page titles before inserting them into meta tags and the title tag. This allows Stored Cross-Site Scripting XSS attacks...

CVE-2026-23100

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix hugetlbpmdshared Patch series "mm/hugetlb: fixes for PMD table sharing incl. using mmugather", v3. One functional fix, one performance regression fix, and two related comment fixes. I cleaned up my prototype I...

CVE-2026-23100 mm/hugetlb: fix hugetlb_pmd_shared()

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix hugetlbpmdshared Patch series "mm/hugetlb: fixes for PMD table sharing incl. using mmugather", v3. One functional fix, one performance regression fix, and two related comment fixes. I cleaned up my prototype I...

EUVD-2021-15367

Malware in sbrugna...

PT-2025-14314 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.13.7 Description: A NULL pointer dereference issue has been identified in the Linux kernel. The issue occurs when the update mmu cache range function is called by update mmu cache, and the vmf parameter is NUL...

CVE-2024-57883 mm: hugetlb: independent PMD page table shared count

In the Linux kernel, the following vulnerability has been resolved: mm: hugetlb: independent PMD page table shared count The folio refcount may be increased unexpectly through trygetfolio by caller such as splithugepages. In hugepmdunshare, we use refcount to check whether a pmd page table is...

UBUNTU-CVE-2022-42327

x86: unintended memory sharing between guests On Intel systems that support the "virtualize APIC accesses" feature, a guest can read and write the global shared xAPIC page by moving the local APIC out of xAPIC mode. Access to this shared page bypasses the expected isolation that should exist...

CVE-2021-28710

certain VT-d IOMMUs may not work in shared page table mode For efficiency reasons, address translation control structures page tables may and, on suitable hardware, by default will be shared between CPUs, for second-level translation EPT, and IOMMUs. These page tables are presently set up to alwa...

CVE-2021-28710

certain VT-d IOMMUs may not work in shared page table mode For efficiency reasons, address translation control structures page tables may and, on suitable hardware, by default will be shared between CPUs, for second-level translation EPT, and IOMMUs. These page tables are presently set up to alwa...

CVE-2021-28710

certain VT-d IOMMUs may not work in shared page table mode For efficiency reasons, address translation control structures page tables may and, on suitable hardware, by default will be shared between CPUs, for second-level translation EPT, and IOMMUs. These page tables are presently set up to alwa...

CVE-2021-28710

certain VT-d IOMMUs may not work in shared page table mode For efficiency reasons, address translation control structures page tables may and, on suitable hardware, by default will be shared between CPUs, for second-level translation EPT, and IOMMUs. These page tables are presently set up to alwa...

CVE-2021-28710

CVE-2021-28710 affects the Xen hypervisor on x86 VT-d IOMMUs when sharing page tables. The bug arises because the top-level strip of the 3-level page tables was skipped while inserting the root page-table address into the hardware pagetable base register, allowing a guest to write to leaf page-ta...

CVE-2021-28710

certain VT-d IOMMUs may not work in shared page table mode For efficiency reasons, address translation control structures page tables may and, on suitable hardware, by default will be shared between CPUs, for second-level translation EPT, and IOMMUs. These page tables are presently set up to alwa...

ALPINE-CVE-2020-15565

An issue was discovered in Xen through 4.13.x, allowing x86 Intel HVM guest OS users to cause a host OS denial of service or possibly gain privileges because of insufficient cache write-back under VT-d. When page tables are shared between IOMMU and CPU, changes to them require flushing of both...

UBUNTU-CVE-2020-15565

An issue was discovered in Xen through 4.13.x, allowing x86 Intel HVM guest OS users to cause a host OS denial of service or possibly gain privileges because of insufficient cache write-back under VT-d. When page tables are shared between IOMMU and CPU, changes to them require flushing of both...

DEBIAN-CVE-2017-12190

The biomapuseriov and biounmapuser functions in block/bio.c in the Linux kernel before 4.13.8 do unbalanced refcounting when a SCSI I/O vector has small consecutive buffers belonging to the same page. The bioaddpcpage function merges them into one, but the page reference is never dropped. This...