Lucene search
K

55 matches found

CVE
CVE
added 2025/12/24 10:55 a.m.14 views

CVE-2023-53989

CVE-2023-53989 (Linux kernel, arm64) The issue is a faulty VA-range sanity check in mm/create_mapping_noalloc() and mm/update_mapping_prot() that could incorrectly trigger on certain regions. The historical condition ((virt >= PAGE_END) && (virt

6.1AI score0.00173EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/12/16 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-68192

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: usb: qmiwwan: initialize MAC header offset in qmimuxrxfixup Raw IP packets have no MAC header, leaving skb-macheader uninitialized. This can trigger kernel...

6.2AI score0.00177EPSS
Exploits0References3
Amazon
Amazon
added 2025/12/08 12:0 a.m.7 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: NFSD: Avoid calling OPDESC with ops-opnum == OPILLEGAL CVE-2023-53680 Affected Packages: kernel Note: This advisory is applicable to Amazon Linux 2 - Kernel-5.4 Extra. Visit this page to learn more about Amazon...

7.8CVSS6.3AI score0.00144EPSS
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-59942

Malicious code in bioql PyPI...

6.3AI score0.00128EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/10/01 11:23 p.m.4 views

SUSE CVE-2025-39904

In the Linux kernel, the following vulnerability has been resolved: arm64: kexec: initialize kexecbuf struct in loadothersegments Patch series "kexec: Fix invalid field access". The kexecbuf structure was previously declared without initialization. commit bf454ec31add "kexecfile: allow to place...

5.5CVSS6.5AI score0.00121EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/09/16 4:11 p.m.7 views

CVE-2022-50341 cifs: fix oops during encryption

In the Linux kernel, the following vulnerability has been resolved: cifs: fix oops during encryption When running xfstests against Azure the following oops occurred on an arm64 system Unable to handle kernel write to read-only memory at virtual address ffff0001221cf000 Mem abort info: ESR =...

0.00096EPSS
Exploits0References6
CVE
CVE
added 2025/08/22 4:3 p.m.52 views

CVE-2025-38670

CVE-2025-38670 affects ARM64 Linux kernel. The vulnerability arises in cpu_switch_to() and call_on_irq_stack() where masking and saving the DAIF state and SCS pointers are not atomic across stack switches, allowing a race during task/IRQ stack transitions. Interrupts (SErrors/Debug Exceptions) ca...

7.1CVSS6.5AI score0.00142EPSS
Exploits0References9Affected Software1
Debian CVE
Debian CVE
added 2025/08/22 4:3 p.m.5 views

CVE-2025-38670

In the Linux kernel, the following vulnerability has been resolved: arm64/entry: Mask DAIF in cpuswitchto, callonirqstack cpuswitchto and callonirqstack manipulate SP to change to different stacks along with the Shadow Call Stack if it is enabled. Those two stack changes cannot be done atomically...

7.1CVSS6.1AI score0.00142EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/08 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2018-18021

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - arch/arm64/kvm/guest.c in KVM in the Linux kernel before 4.18.12 on the arm64 platform mishandles the KVMSETONREG ioctl. This is exploitable by attackers who ca...

7.1CVSS7.2AI score0.0057EPSS
Exploits0References2
CVE
CVE
added 2025/07/04 1:37 p.m.50 views

CVE-2025-38232

CVE-2025-38232 : A race between NFSD registration and exports_proc causes kernel oopses when exportfs -r and mounting nfsd happen concurrently. The description specifies that the bug arises because nfsd creates the proc entry at init and cleans up at exit, leading to a race with exports_proc. The...

4.7CVSS6.3AI score0.0013EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2025/06/18 11:15 a.m.6 views

DEBIAN-CVE-2022-50230

In the Linux kernel, the following vulnerability has been resolved: arm64: set UXN on swapper page tables This issue was fixed upstream by accident in c3cee924bd85 "arm64: head: cover entire kernel image in initial ID map" as part of a large refactoring of the arm64 boot flow. This simple fix is...

5.5CVSS5.4AI score0.00171EPSS
Exploits0References1
OSV
OSV
added 2025/06/18 11:15 a.m.6 views

UBUNTU-CVE-2022-50232

In the Linux kernel, the following vulnerability has been resolved: arm64: set UXN on swapper page tables This issue was fixed upstream by accident in c3cee924bd85 "arm64: head: cover entire kernel image in initial ID map" as part of a large refactoring of the arm64 boot flow. This simple fix is...

5.5CVSS5.7AI score0.00173EPSS
Exploits0References3
OSV
OSV
added 2025/06/18 11:3 a.m.4 views

CVE-2022-50206 arm64: fix oops in concurrently setting insn_emulation sysctls

In the Linux kernel, the following vulnerability has been resolved: arm64: fix oops in concurrently setting insnemulation sysctls emulationprochandler changes table-data for procdointvecminmax and can generate the following Oops if called concurrently with itself: | Unable to handle kernel NULL...

5.5CVSS6.1AI score0.00203EPSS
Exploits0References11
BDU FSTEC
BDU FSTEC
added 2025/06/09 12:0 a.m.8 views

The vulnerability of the `local_daif_inherit()` function in the `arch/arm64/include/asm/daifflags.h` header, which is part of the ARM 64-bit kernel support for the Linux operating system, allows a hacker to trigger a service failure.

The vulnerability of the localdaifinherit function in the arch/arm64/include/asm/daifflags.h header, which is part of the ARM 64-bit kernel support for Linux operating systems, is related to incorrect input validation. Exploiting this vulnerability could allow an attacker to trigger a system...

5.5CVSS6.6AI score0.00246EPSS
Exploits0References14Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/28 12:0 a.m.6 views

The vulnerability of the secondary_start_kernel() function in the arch/arm64/kernel/smp.c module of the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the secondarystartkernel function in the arch/arm64/kernel/smp.c module of the Linux operating system is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS6.2AI score0.00231EPSS
Exploits0References11Affected Software7
RedHat Linux
RedHat Linux
added 2025/05/13 8:28 a.m.4 views

kernel: arm64: mm: fix VA-range sanity check

A logic flaw was found in the Linux kernel's arm64 memory management subsystem. The virtual address range sanity check in createmappingnoalloc and updatemappingprot uses an incorrect condition that only excludes the KASAN shadow region and module region, rather than properly validating addresses...

5.8AI score0.00173EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/05/13 8:28 a.m.2 views

kernel: arm64: set __exception_irq_entry with __irq_entry as a default

A stack trace handling issue was found in ARM64 kernels. Without CONFIGFUNCTIONGRAPHTRACER, the IRQ entry function is not properly marked, causing filterirqstacks to fail and potentially causing stack depot overflow warnings under KASAN...

5.8AI score0.00171EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2025/05/03 2:51 a.m.4 views

SUSE CVE-2023-53043

In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: sc7280: Mark PCIe controller as cache coherent If the controller is not marked as cache coherent, then kernel will try to ensure coherency during dma-ops and that may cause data corruption. So, mark the PCIe nod...

5.5CVSS6.5AI score0.00163EPSS
Exploits0References3
OSV
OSV
added 2025/05/02 4:15 p.m.3 views

DEBIAN-CVE-2023-53043

In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: sc7280: Mark PCIe controller as cache coherent If the controller is not marked as cache coherent, then kernel will try to ensure coherency during dma-ops and that may cause data corruption. So, mark the PCIe nod...

5.5CVSS5.4AI score0.00163EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/04/14 12:0 a.m.8 views

The vulnerability of the poe_set() function in the arch/arm64/kernel/ptrace.c module, which is part of the ARM 64-bit kernel support in the Linux operating system, allows a attacker to gain access to protected information or cause service interruptions.

The vulnerability of the poeset function in the arch/arm64/kernel/ptrace.c module, which is part of the ARM 64-bit kernel support for the Linux operating system, relates to the use of uninitialized resources. Exploiting this vulnerability could allow an attacker to access protected information or...

6.1CVSS6.5AI score0.00175EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder