Lucene search
K

31 matches found

AstraLinux
AstraLinux
added 2026/06/02 3:27 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: smb: client: rejecting descriptions of cifs.spnego in user space Descriptions of cifs.spnego keys contain fields that carry authority, such as pid, uid, creduid, and upcalltarget. The cifs.upcall treats these fields as...

7.8CVSS6.4AI score0.00353EPSS
Exploits4References3
Tenable Nessus
Tenable Nessus
added 2026/06/02 12:0 a.m.24 views

Linux Distros Unpatched Vulnerability : CVE-2026-46243

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smb: client: reject userspace cifs.spnego descriptions cifs.spnego key descriptions contain authority- bearing fields such as pid, uid, creduid, and upcalltarge...

7.8CVSS6.7AI score0.00353EPSS
Exploits4References3
NVD
NVD
added 2026/06/01 5:17 p.m.48 views

CVE-2026-46243

In the Linux kernel, the following vulnerability has been resolved: smb: client: reject userspace cifs.spnego descriptions cifs.spnego key descriptions contain authority-bearing fields such as pid, uid, creduid, and upcalltarget that cifs.upcall treats as kernel-originating inputs. However,...

7.8CVSS0.00353EPSS
Exploits4References43
EUVD
EUVD
added 2026/06/01 4:22 p.m.16 views

EUVD-2026-33668

In the Linux kernel, the following vulnerability has been resolved: smb: client: reject userspace cifs.spnego descriptions cifs.spnego key descriptions contain authority-bearing fields such as pid, uid, creduid, and upcalltarget that cifs.upcall treats as kernel-originating inputs. However,...

7.8CVSS5.8AI score0.00353EPSS
Exploits4References8
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.10 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fixed the issue of loading the RxGK token to check bounds. The rxrpcpreparsexdryfsrxgk function reads the raw key length and ticket length from the XDR token as u32 values. It then rounds up each value by 4 before using th...

7.8CVSS6.1AI score0.00143EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/19 12:0 a.m.31 views

PT-2026-45478

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11 Linux kernel versions prior to 6.18.34 Linux kernel versions prior to 6.12.92 Linux kernel versions prior to 6.6.142 Linux kernel versions prior to 6.1.175 Linux kernel versions prior to 5.15.209 Linux...

7.8CVSS6.8AI score0.00353EPSS
Exploits4
NVD
NVD
added 2026/04/24 3:16 p.m.7 views

CVE-2026-31641

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix RxGK token loading to check bounds rxrpcpreparsexdryfsrxgk reads the raw key length and ticket length from the XDR token as u32 values and passes each through roundupx, 4 before using the rounded value for validation a...

7.8CVSS0.00143EPSS
Exploits0References7
OSV
OSV
added 2026/04/24 3:16 p.m.6 views

DEBIAN-CVE-2026-31641

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix RxGK token loading to check bounds rxrpcpreparsexdryfsrxgk reads the raw key length and ticket length from the XDR token as u32 values and passes each through roundupx, 4 before using the rounded value for validation a...

7.8CVSS5.7AI score0.00143EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/24 2:44 p.m.7 views

CVE-2026-31641

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix RxGK token loading to check bounds rxrpcpreparsexdryfsrxgk reads the raw key length and ticket length from the XDR token as u32 values and passes each through roundupx, 4 before using the rounded value for validation a...

5.7AI score0.00143EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/04/24 2:44 p.m.37 views

CVE-2026-31641 rxrpc: Fix RxGK token loading to check bounds

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix RxGK token loading to check bounds rxrpcpreparsexdryfsrxgk reads the raw key length and ticket length from the XDR token as u32 values and passes each through roundupx, 4 before using the rounded value for validation a...

7.8CVSS0.00143EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/04/24 2:44 p.m.5 views

CVE-2026-31641

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix RxGK token loading to check bounds rxrpcpreparsexdryfsrxgk reads the raw key length and ticket length from the XDR token as u32 values and passes each through roundupx, 4 before using the rounded value for validation a...

7.8CVSS5.6AI score0.00143EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.2 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000566)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000566 advisory. Memory leak in the keylinkend function in security/keys/keyring.c in the Linux kernel before 4.1.4 allows local users to cause a denial of service memory consumption...

4.9CVSS6.9AI score0.0048EPSS
Exploits0References19
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.5 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001268)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001268 advisory. The KEYS subsystem in the Linux kernel through 4.13.7 mishandles use of addkey for a key that already exists but is uninstantiated, which allows local users to cause...

5.5CVSS6.8AI score0.00531EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.6 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003032)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003032 advisory. The KEYS subsystem in the Linux kernel through 4.13.7 mishandles use of addkey for a key that already exists but is uninstantiated, which allows local users to cause...

5.5CVSS6.8AI score0.00531EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.3 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003159)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003159 advisory. security/keys/keyctl.c in the Linux kernel before 4.11.5 does not consider the case of a NULL payload in conjunction with a nonzero length value, which allows local...

5.5CVSS6.1AI score0.00452EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.3 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001971)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001971 advisory. Memory leak in the keylinkend function in security/keys/keyring.c in the Linux kernel before 4.1.4 allows local users to cause a denial of service memory consumption...

4.9CVSS6.9AI score0.0048EPSS
Exploits0References19
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.3 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002143)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002143 advisory. Memory leak in the keylinkend function in security/keys/keyring.c in the Linux kernel before 4.1.4 allows local users to cause a denial of service memory consumption...

4.9CVSS6.9AI score0.0048EPSS
Exploits0References19
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.3 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002671)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002671 advisory. security/keys/keyctl.c in the Linux kernel before 4.11.5 does not consider the case of a NULL payload in conjunction with a nonzero length value, which allows local...

5.5CVSS6.1AI score0.00452EPSS
Exploits0References12
SUSE CVE
SUSE CVE
added 2023/02/15 4:56 a.m.4 views

SUSE CVE-2016-8650

The mpipowm function in lib/mpi/mpi-pow.c in the Linux kernel through 4.8.11 does not ensure that memory is allocated for limb data, which allows local users to cause a denial of service stack memory corruption and panic via an addkey system call for an RSA key with a zero exponent...

8.8CVSS6AI score0.00406EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:38 a.m.5 views

SUSE CVE-2017-15274

security/keys/keyctl.c in the Linux kernel before 4.11.5 does not consider the case of a NULL payload in conjunction with a nonzero length value, which allows local users to cause a denial of service NULL pointer dereference and OOPS via a crafted addkey or keyctl system call, a different...

5.5CVSS5.9AI score0.00452EPSS
Exploits0References36
Rows per page
Query Builder