Lucene search
K

1026 matches found

Cvelist
Cvelist
added 5 days ago32 views

CVE-2026-41154 GPU DDK - Incorrect Index Calculation in CMA Cleanup Path of AllocOSPages_Sparse

Software installed and run as a non-privileged user may cause OOB kernel memory reads or writes through GPU API calls. When indexing pages larger than 4kB in the page freeing logic of the sparse memory implementation, incorrect buffer indexing leads to OOB access...

0.00131EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/25 6:19 p.m.6 views

CVE-2026-52959

A flaw was found in the Linux kernel's Secure Encrypted Virtualization SEV guest module. This vulnerability allows a malicious host to provide an invalid buffer size during an extended guest request. This incorrect handling of host-controlled page order during the cleanup process can lead to a...

7.8CVSS6AI score0.00093EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/25 6:18 p.m.6 views

CVE-2026-52966

A flaw was found in the Linux kernel's Direct Rendering Manager DRM subsystem. A logical error in the 'change handle' logic, specifically related to the replacement of IDR ID allocator pointers, could lead to a kernel warning or system panic. This issue could allow a local attacker to trigger a...

5.5CVSS5.8AI score0.00186EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/24 6:32 p.m.5 views

EUVD-2026-38827

In the Linux kernel, the following vulnerability has been resolved: virt: sev-guest: Do not use host-controlled page order in cleanup path When issuing an extended guest request SVMVMGEXITEXTGUESTREQUEST, getextreport allocates a buffer to retrieve a certificate blob from the host, keeping track ...

5.9AI score0.00093EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/24 6:32 p.m.5 views

EUVD-2026-38834

In the Linux kernel, the following vulnerability has been resolved: drm: Replace old pointer to new idr Commit 5e28b7b94408 introduced a logical error by failing to replace the newly generated IDR pointer to old id's pointer at the correct location within the "change handle" logic; this resulted ...

5.8AI score0.00186EPSS
Exploits0References4
CVE
CVE
added 2026/06/24 4:28 p.m.13 views

CVE-2026-52959

The CVE-2026-52959 issue affects the Linux kernel SEV guest module. During an extended guest request (SVM_VMGEXIT_EXT_GUEST_REQUEST), get_ext_report() allocates a buffer for a host certificate blob and stores its size in report_req->certs_len. The host may return SNP_GUEST_VMM_ERR_INVALID_LEN ...

7.8CVSS5.9AI score0.00093EPSS
Exploits0References3Affected Software1
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: soc: ti: k3-socinfo: Fixed the regmap leak that occurs during probe failures. The mmio regmap allocated during the probe never gets freed. We have switched to using the device-managed allocator, so that the regmap is released...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: mm/slab: Added alloctaggingslabfreehook for memcgallocabortsingle When CONFIGMEMALLOCPROFILINGDEBUG is enabled, the following warning may be observed: 3959.023862 ------------ Cut here ------------ 3959.023891 alloctag was not...

5.5CVSS5.8AI score0.00112EPSS
Exploits0References2
NVD
NVD
added 2026/06/24 8:16 a.m.26 views

CVE-2026-52923

In the Linux kernel, the following vulnerability has been resolved: ipc: limit nextid allocation to the valid ID range The checkpoint/restore sysctl path can request the next SysV IPC id through ids-nextid. ipcidralloc currently forwards that request to idralloc with an open-ended upper bound. If...

7.8CVSS0.00127EPSS
Exploits0References11
ATTACKERKB
ATTACKERKB
added 2026/06/24 7:14 a.m.5 views

CVE-2026-52923

In the Linux kernel, the following vulnerability has been resolved: ipc: limit nextid allocation to the valid ID range The checkpoint/restore sysctl path can request the next SysV IPC id through ids-nextid. ipcidralloc currently forwards that request to idralloc with an open-ended upper bound. If...

7.8CVSS5.6AI score0.00127EPSS
Exploits0References9Affected Software1
OSV
OSV
added 2026/06/24 7:14 a.m.2 views

CVE-2026-52923 ipc: limit next_id allocation to the valid ID range

In the Linux kernel, the following vulnerability has been resolved: ipc: limit nextid allocation to the valid ID range The checkpoint/restore sysctl path can request the next SysV IPC id through ids-nextid. ipcidralloc currently forwards that request to idralloc with an open-ended upper bound. If...

7.8CVSS5.8AI score0.00127EPSS
Exploits0References14
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.15 views

PT-2026-51853

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the sev-guest component when issuing an extended guest request SVM VMGEXIT EXT GUEST REQUEST. The get ext report function allocates a buffer to retrieve a certificate...

7.8CVSS6AI score0.00093EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.13 views

PT-2026-51716

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the checkpoint/restore sysctl path where the ipc idr alloc function forwards requests to idr alloc with an open-ended upper bound. When the valid SysV IPC id space is...

7.8CVSS5.7AI score0.00127EPSS
Exploits0References402
AstraLinux
AstraLinux
added 2026/06/23 11:48 a.m.7 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: net: skb: Fixed the cross-cache free of KFENCE-alocated skb heads. The value of SKBSMALLHEADCACHESIZE is intentionally set to a non-power-of-2 value e.g., 704 on x8664 to avoid collisions with generic kmalloc bucket sizes. This...

5.5CVSS6.2AI score0.00259EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: mm: slub: Fix the invocation of flushcpuslab and freeslab in the task context. The commit 5a836bf6b09f “mm: slub: Move the invocation of flushcpuslab and freeslab out of the IRQ context” fixes this issue by moving all invocations...

7.8CVSS6AI score0.00242EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/10 5:24 p.m.18 views

OpenTelemetry Operator for Kubernetes's ServiceMonitor bearerTokenFile reads arbitrary local file and sends contents as bearer auth

Affected Repository: github.com/open-telemetry/opentelemetry-operator Component: cmd/otel-allocator TargetAllocator Companion: Prometheus Operator API types CRDs Summary OpenTelemetry Operator's TargetAllocator watches ServiceMonitor resources via the Prometheus Operator CR watcher and converts...

5.6AI score0.00017EPSS
Exploits0References3Affected Software1
Snyk
Snyk
added 2026/06/10 5:24 p.m.3 views

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure via the bearerTokenFile field in the ServiceMonitor resource. An attacker can exfiltrate sensitive files from the pod filesystem by configuring a ServiceMonitor to reference arbitrary files and directing the scrape...

7.7CVSS5.9AI score0.00017EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/10 5:24 p.m.4 views

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure via the bearerTokenFile field in the ServiceMonitor resource. An attacker can exfiltrate sensitive files from the pod filesystem by configuring a ServiceMonitor to reference arbitrary files and directing the scrape...

7.7CVSS5.9AI score0.00017EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/03 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2026-46029

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mm/slab: return NULL early from kmallocnolock in NMI on UP On UP kernels !CONFIGSMP,...

7CVSS6.6AI score0.00147EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/03 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-45990

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: slub: fix data loss and overflow in krealloc Commit 2cd8231796b5 mm/slub: allow to set node...

5.5CVSS6.2AI score0.00133EPSS
Exploits0References2
Rows per page
Query Builder