Lucene search
K

49 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: netlink: prevents potential Spectre v1 exploits Most netlink attributes are parsed and validated via nlavalidateparse or validatenla. c u16 type = nlatypenla; if type == 0 || type maxtype / Error or continue / The @type value is...

7.8CVSS6.1AI score0.00199EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: ipv4: Prevent potential spectre v1 exploits in fibmetricsmatch if !type continue; if type RTAXMAX return false; ... fival = fi-fibmetrics-metricstype - 1; Since @type is used as an array index, we need to prevent CPU speculation ...

5.5CVSS6.1AI score0.00246EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.6 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011217)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011217 advisory. In the Linux kernel, the following vulnerability has been resolved: xfrm/compat: prevent potential spectre v1 gadget in xfrmxlate32attr int type = nlatypenla...

2.5CVSS5.8AI score0.00243EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.3 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-990020)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990020 advisory. In the Linux kernel, the following vulnerability has been resolved: dm ioctl: prevent potential spectre v1 gadget It appears like cmd could be a Spectre v1 gadget as...

5.5CVSS6.3AI score0.00295EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/10/21 12:0 a.m.5 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987624)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987624 advisory. In the Linux kernel, the following vulnerability has been resolved: dm ioctl: prevent potential spectre v1 gadget It appears like cmd could be a Spectre v1 gadget as...

5.5CVSS6.3AI score0.00295EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.2 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987266)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987266 advisory. In the Linux kernel, the following vulnerability has been resolved: kvm: avoid speculation-based attacks from out-of-range memslot accesses KVM's mechanism for...

7.1CVSS6.2AI score0.00259EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.2 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-986427)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986427 advisory. In the Linux kernel, the following vulnerability has been resolved: kvm: avoid speculation-based attacks from out-of-range memslot accesses KVM's mechanism for...

7.1CVSS6.2AI score0.00259EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/08/11 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2023-52746

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: xfrm/compat: prevent potential spectre v1 gadget in xfrmxlate32attr int type = nlatypenla...

2.5CVSS5.6AI score0.00243EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/08 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2021-47277

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - kvm: avoid speculation-based attacks from out-of-range memslot accesses KVM's mechanism for accessing guest memory translates a guest physical address gpa to a...

7.1CVSS6.9AI score0.00259EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/08 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2023-52996

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipv4: prevent potential spectre v1 gadget in fibmetricsmatch if !type continue; if type RTAXMAX return false; ... fival = fi-fibmetrics-metricstype - 1; @type...

5.5CVSS6.5AI score0.00246EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/07 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2023-53000

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netlink: prevent potential spectre v1 gadgets Most netlink attributes are parsed and validated from nlavalidateparse or validatenla u16 type = nlatypenla...

7.8CVSS6.7AI score0.00199EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2025/07/14 12:20 a.m.7 views

kernel: dm ioctl: prevent potential spectre v1 gadget

A vulnerability was found in the Linux kernel's dm-ioctl interface in the lookupioctl function, which accepts a user-provided cmd value that is used to index the ioctls array directly. This issue could lead to an out-of-bounds access if the CPU speculatively executes the array access before cmd i...

5.5CVSS7.2AI score0.00295EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/07/01 12:41 a.m.7 views

kernel: dm ioctl: prevent potential spectre v1 gadget

A vulnerability was found in the Linux kernel's dm-ioctl interface in the lookupioctl function, which accepts a user-provided cmd value that is used to index the ioctls array directly. This issue could lead to an out-of-bounds access if the CPU speculatively executes the array access before cmd i...

5.5CVSS7.2AI score0.00295EPSS
Exploits0References5
OSV
OSV
added 2025/06/10 3:23 p.m.13 views

CLSA-2025-1749568993 kernel: Fix of 24 CVEs

vsock: Keep the binding until socket destruction CVE-2025-21756 - mt76: fix use-after-free by removing a non-RCU wcid pointer CVE-2022-49328 - bpf, testrun: Fix alignment problem in bpfprogtestrunskb CVE-2022-49840 - ASoC: core: Fix use-after-free in sndsocexit CVE-2022-49842 - net: sched: Fix...

7.8CVSS7.3AI score0.00844EPSS
Exploits3References1
OSV
OSV
added 2025/06/10 1:27 p.m.14 views

CLSA-2025-1749562017 kernel: Fix of 24 CVEs

vsock: Keep the binding until socket destruction CVE-2025-21756 - mt76: fix use-after-free by removing a non-RCU wcid pointer CVE-2022-49328 - bpf, testrun: Fix alignment problem in bpfprogtestrunskb CVE-2022-49840 - ASoC: core: Fix use-after-free in sndsocexit CVE-2022-49842 - net: sched: Fix...

7.8CVSS7.3AI score0.00844EPSS
Exploits3References1
OSV
OSV
added 2025/03/27 5:15 p.m.2 views

DEBIAN-CVE-2023-52997

In the Linux kernel, the following vulnerability has been resolved: ipv4: prevent potential spectre v1 gadget in ipmetricsconvert if !type continue; if type RTAXMAX return -EINVAL; ... metricstype - 1 = val; @type being used as an array index, we need to prevent cpu speculation or risk leaking...

5.5CVSS5.3AI score0.00247EPSS
Exploits0References1
OSV
OSV
added 2025/03/27 5:15 p.m.1 views

DEBIAN-CVE-2023-53000

In the Linux kernel, the following vulnerability has been resolved: netlink: prevent potential spectre v1 gadgets Most netlink attributes are parsed and validated from nlavalidateparse or validatenla u16 type = nlatypenla; if type == 0 || type maxtype / error or continue / @type is then used as a...

7.8CVSS5.4AI score0.00199EPSS
Exploits0References1
OSV
OSV
added 2025/03/27 5:15 p.m.2 views

DEBIAN-CVE-2023-52996

In the Linux kernel, the following vulnerability has been resolved: ipv4: prevent potential spectre v1 gadget in fibmetricsmatch if !type continue; if type RTAXMAX return false; ... fival = fi-fibmetrics-metricstype - 1; @type being used as an array index, we need to prevent cpu speculation or ri...

5.5CVSS5.4AI score0.00246EPSS
Exploits0References1
OSV
OSV
added 2025/03/27 4:43 p.m.8 views

CVE-2023-52997 ipv4: prevent potential spectre v1 gadget in ip_metrics_convert()

In the Linux kernel, the following vulnerability has been resolved: ipv4: prevent potential spectre v1 gadget in ipmetricsconvert if !type continue; if type RTAXMAX return -EINVAL; ... metricstype - 1 = val; @type being used as an array index, we need to prevent cpu speculation or risk leaking...

5.5CVSS5.9AI score0.00247EPSS
Exploits0References9
Debian CVE
Debian CVE
added 2025/03/27 4:43 p.m.7 views

CVE-2023-52997

In the Linux kernel, the following vulnerability has been resolved: ipv4: prevent potential spectre v1 gadget in ipmetricsconvert if !type continue; if type RTAXMAX return -EINVAL; ... metricstype - 1 = val; @type being used as an array index, we need to prevent cpu speculation or risk leaking...

5.5CVSS5.3AI score0.00247EPSS
Exploits0
Rows per page
Query Builder