Lucene search
K

43 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.9 views

Oracle Linux 8 : kernel (ELSA-2026-27811)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-27811 advisory. - selinux: RHEL-only hotfix for execmem regression Ondrej Mosnacek RHEL-179435 CVE-2026-46054 - selinux: fix overlayfs mmap and mprotect access checks Ondrej...

7.1CVSS6AI score0.00118EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/22 9:59 a.m.5 views

kernel: selinux: fix overlayfs mmap() and mprotect() access checks

A flaw was found in the Linux kernel's SELinux security module when handling overlayfs. The existing security model for overlayfs does not properly enforce access controls for mmap and mprotect operations. This oversight could allow a local attacker to bypass intended security policies, potential...

7.1CVSS5.8AI score0.00118EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/11 7:53 a.m.11 views

kernel: selinux: fix overlayfs mmap() and mprotect() access checks

A flaw was found in the Linux kernel's SELinux security module when handling overlayfs. The existing security model for overlayfs does not properly enforce access controls for mmap and mprotect operations. This oversight could allow a local attacker to bypass intended security policies, potential...

7.1CVSS5.4AI score0.00118EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/05/28 3:53 a.m.15 views

SUSE CVE-2026-46054

In the Linux kernel, the following vulnerability has been resolved: selinux: fix overlayfs mmap and mprotect access checks The existing SELinux security model for overlayfs is to allow access if the current task is able to access the top level file the "user" file and the mounter's credentials ar...

5.5CVSS5.8AI score0.00118EPSS
Exploits0References5
NVD
NVD
added 2026/05/27 2:17 p.m.15 views

CVE-2026-46054

In the Linux kernel, the following vulnerability has been resolved: selinux: fix overlayfs mmap and mprotect access checks The existing SELinux security model for overlayfs is to allow access if the current task is able to access the top level file the "user" file and the mounter's credentials ar...

7.1CVSS0.00118EPSS
Exploits0References12
OSV
OSV
added 2026/05/27 2:17 p.m.10 views

UBUNTU-CVE-2026-46054

In the Linux kernel, the following vulnerability has been resolved: selinux: fix overlayfs mmap and mprotect access checks The existing SELinux security model for overlayfs is to allow access if the current task is able to access the top level file the "user" file and the mounter's credentials ar...

7.1CVSS5.8AI score0.00118EPSS
Exploits0References7
OSV
OSV
added 2026/05/27 12:57 p.m.1 views

CVE-2026-46054 selinux: fix overlayfs mmap() and mprotect() access checks

In the Linux kernel, the following vulnerability has been resolved: selinux: fix overlayfs mmap and mprotect access checks The existing SELinux security model for overlayfs is to allow access if the current task is able to access the top level file the "user" file and the mounter's credentials ar...

7.1CVSS5.9AI score0.00118EPSS
Exploits0References15
Cvelist
Cvelist
added 2026/05/27 12:57 p.m.48 views

CVE-2026-46054 selinux: fix overlayfs mmap() and mprotect() access checks

In the Linux kernel, the following vulnerability has been resolved: selinux: fix overlayfs mmap and mprotect access checks The existing SELinux security model for overlayfs is to allow access if the current task is able to access the top level file the "user" file and the mounter's credentials ar...

7.1CVSS0.00118EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/27 12:57 p.m.9 views

CVE-2026-46054

In the Linux kernel, the following vulnerability has been resolved: selinux: fix overlayfs mmap and mprotect access checks The existing SELinux security model for overlayfs is to allow access if the current task is able to access the top level file the "user" file and the mounter's credentials ar...

7.1CVSS5.8AI score0.00118EPSS
Exploits0References6Affected Software1
EUVD
EUVD
added 2026/05/27 12:57 p.m.14 views

EUVD-2026-32436

In the Linux kernel, the following vulnerability has been resolved: selinux: fix overlayfs mmap and mprotect access checks The existing SELinux security model for overlayfs is to allow access if the current task is able to access the top level file the "user" file and the mounter's credentials ar...

5.8AI score0.00118EPSS
Exploits0References2
CVE
CVE
added 2026/05/27 12:57 p.m.85 views

CVE-2026-46054

CVE-2026-46054 affects the Linux kernel SELinux overlayfs access checks for mmap() and mprotect(). The issue arises from insufficient enforcement of backing-file access between the user file and backing file, potentially bypassing policies. A patch introduces security_mmap_backing_file() to enfor...

7.1CVSS5.8AI score0.00118EPSS
Exploits0References12Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.21 views

Linux Distros Unpatched Vulnerability : CVE-2026-46054

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - selinux: fix overlayfs mmap and mprotect access checks The existing SELinux security model for overlayfs is to allow access if the current task is able to acces...

7.1CVSS6.2AI score0.00118EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.18 views

PT-2026-43921

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The SELinux security model for overlayfs allows access if the current task can access the top-level user file and the mounter's credentials are sufficient for the lower-level backing fil...

7.1CVSS5.9AI score0.00118EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/04/24 10:9 p.m.6 views

CVE-2026-31654

A flaw was found in the Linux kernel. When a shared memory mapping is created for /dev/zero, a memory leak can occur if the virtual memory area VMA allocation fails. This happens because a newly allocated file, intended to back the mapping, is not properly released in the error path, leading to...

5.5CVSS5.3AI score0.00113EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2026/02/25 9:3 a.m.8 views

Cloud Hypervisor: Host File Exfiltration via QCOW Backing File Abuse

...

10CVSS5.9AI score0.005EPSS
Exploits1
Cvelist
Cvelist
added 2026/02/21 5:36 a.m.27 views

CVE-2026-27211 Cloud Hypervisor: Host File Exfiltration via QCOW Backing File Abuse

Cloud Hypervisor is a Virtual Machine Monitor for Cloud workloads. Versions 34.0 through 50.0 arevulnerable to arbitrary host file exfiltration constrained by process privileges when using virtio-block devices backed by raw images. A malicious guest can overwrite its disk header with a crafted...

9.1CVSS0.005EPSS
Exploits1References7
OSV
OSV
added 2026/02/21 5:36 a.m.9 views

CVE-2026-27211 Cloud Hypervisor: Host File Exfiltration via QCOW Backing File Abuse

Cloud Hypervisor is a Virtual Machine Monitor for Cloud workloads. Versions 34.0 through 50.0 arevulnerable to arbitrary host file exfiltration constrained by process privileges when using virtio-block devices backed by raw images. A malicious guest can overwrite its disk header with a crafted...

9.1CVSS5.7AI score0.005EPSS
Exploits1References9
Vulnrichment
Vulnrichment
added 2026/02/21 5:36 a.m.3 views

CVE-2026-27211 Cloud Hypervisor: Host File Exfiltration via QCOW Backing File Abuse

Cloud Hypervisor is a Virtual Machine Monitor for Cloud workloads. Versions 34.0 through 50.0 arevulnerable to arbitrary host file exfiltration constrained by process privileges when using virtio-block devices backed by raw images. A malicious guest can overwrite its disk header with a crafted...

9.1CVSS5.5AI score0.005EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-2544

Malware in sbrugna...

5.6CVSS6.9AI score0.00373EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-40767

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In OpenStack Nova before 27.4.1, 28 before 28.2.1, and 29 before 29.1.1, by supplying a raw format image that is actually a crafted QCOW2 image with a backing...

6.5CVSS6.5AI score0.00941EPSS
Exploits1References2
Rows per page
Query Builder