CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в libtar

An attacker who submits a crafted tar file with a size of 0 in the header struct field may be able to trigger a call to malloc0 for the variable gnulongname, resulting in an out-of-bounds read...

8.1CVSS6.9AI score0.00225EPSS

5.5CVSS6AI score0.00015EPSS

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Added a 0 size check to mtkdrmgemobj. Added a check in mtkdrmgeminit if we attempt to allocate a GEM object of 0 bytes. Currently, no such check exists, and the kernel will panic if a user-space application attempts...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: net: Handling of integer overflows in kmallocreserve The committed change was as follows: c ptr = kmallocsize; if ptr size = ksizeptr; size = kmallocsizeroundupsize; ptr = kmallocsize; This caused various crashes, as reported ...

5.8AI score0.00028EPSS

7.1CVSS6.8AI score0.00006EPSS

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerabilities have been resolved: ppp: fixed illegal access in pppasyncencode syzbot reported an issue in pppasyncencode 1 In this case, pppoesendmsg is called with a zero size. Then pppasyncencode is called with an empty skb. BUG: KMSAN: uninit-value in...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: f2fs: fixed to avoid updating zero-sized extents in the extent cache. As reported by syzbot: F2FS-fs loop0: updateextenttreerange: extent len is zero, type: 0, extent 0, 0, 0, age 0, 0. ------------ Cut here ------------ Kernel b...

5.2AI score0.00068EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•1 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: scsi: scsi.debug: Do not call kcalloc if size argument is zero. If the size argument to kcalloc is zero, it returns ZEROSIZEPTR. Therefore, for the subsequent NULL pointer check to work on the returned pointer, kcalloc must no...

5.5CVSS5.5AI score0.00018EPSS

5.5CVSS6.4AI score0.00008EPSS

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: thermal/int340xthermal: handles datavault when the value is ZEROSIZEPTR. In some cases, GDDV returns a packet with a buffer of zero length. This causes kmemdup to return ZEROSIZEPTR 0x10. As a result, datavaultread encounters a...

AstraLinux•added 2026/05/20 5:53 a.m.•1 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: - In blkdeviomapbegin, the EOF check has been refined. - In blkdeviomapbegin, the offset is rounded down to the logical block size before being stored in iomap-offset. It is also checked that the value remains within the inode...

5.5CVSS6.3AI score0.00033EPSS

Tenable Nessus•added 2026/05/15 12:0 a.m.•9 views

Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2026-33814)

The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-33814 advisory. - When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing...

7.5CVSS5.6AI score0.00018EPSS

SUSE CVE•added 2026/05/09 2:41 a.m.•3 views

SUSE CVE-2026-43187

In the Linux kernel, the following vulnerability has been resolved: xfs: delete attr leaf freemap entries when empty Back in commit 2a2b5932db6758 "xfs: fix attr leaf header freemap.size underflow", Brian Foster observed that it's possible for a small freemap at the end of the end of the xattr...

8.8CVSS5.7AI score0.00091EPSS

Exploits0References3

NVD•added 2026/05/06 12:16 p.m.•0 views

CVE-2026-43187

8.8CVSS0.00091EPSS

Exploits0References8

CVE•added 2026/05/06 11:27 a.m.•5 views

CVE-2026-43187

Summary: CVE-2026-43187 affects the Linux kernel XFS freemap handling in xattr leaf entries. The root cause is a bug in the freemap update logic in _leaf_add that can leave behind zero‑length freemap entries with a nonzero base, and later entries could be updated incorrectly so freemap entries ov...

8.8CVSS5.8AI score0.00091EPSS

Exploits0References8Affected Software1

Cvelist•added 2026/05/06 11:27 a.m.•22 views

CVE-2026-43187 xfs: delete attr leaf freemap entries when empty

8.8CVSS0.00091EPSS

Exploits0References8

NVD•added 2026/05/06 10:16 a.m.•5 views

CVE-2026-43118

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix zero size inode with non-zero size after log replay When logging that an inode exists, as part of logging a new name or logging new dir entries for a directory, we always set the generation of the logged inode item to ...

5.5CVSS0.00013EPSS

Exploits0References3

Cvelist•added 2026/05/06 7:40 a.m.•25 views

CVE-2026-43118 btrfs: fix zero size inode with non-zero size after log replay

0.00013EPSS

Exploits0References3

ATTACKERKB•added 2026/05/06 7:40 a.m.•4 views

CVE-2026-43118

5.8AI score0.00013EPSS

Exploits0References4Affected Software1

CNNVD•added 2026/05/06 12:0 a.m.•5 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the incorrect update of isize when logging replay is performed. This issue may lead to inode with...

5.5CVSS5.8AI score0.00013EPSS