Lucene search
+L

84 matches found

osv
osv
added 2026/07/08 5:17 p.m.3 views

DEBIAN-CVE-2026-29008

U-Boot through 2026.04-rc3 contains an integer underflow vulnerability in the tcprxstatemachine function net/tcp.c that allows a network-adjacent attacker to crash the bootloader by sending a malformed TCP SYN+ACK packet with a manipulated data offset field causing payloadlen to become negative...

8.7CVSS6.1AI score0.00446EPSS
Exploits0References1
osv
osv
added 2026/07/08 4:14 p.m.4 views

CVE-2026-29008 U-Boot 2026.04-rc3 Integer Underflow DoS via tcp_rx_state_machine()

U-Boot through 2026.04-rc3 contains an integer underflow vulnerability in the tcprxstatemachine function net/tcp.c that allows a network-adjacent attacker to crash the bootloader by sending a malformed TCP SYN+ACK packet with a manipulated data offset field causing payloadlen to become negative...

8.7CVSS6.1AI score0.00446EPSS
Exploits0References7
osv
osv
added 2026/07/01 2:16 p.m.3 views

UBUNTU-CVE-2026-53346

In the Linux kernel, the following vulnerability has been resolved: rust: arm64: set uwtable llvm module flag for CONFIGUNWINDTABLES Due to a rustc bug 1 the -Cforce-unwind-tables=y flag only emits the uwtable annotation for functions, but not for the module. This means that compiler-generated...

5.7AI score0.00156EPSS
Exploits0References7
osv
osv
added 2026/06/26 7:40 p.m.3 views

CVE-2026-53283 iommu/amd: Bounds-check devid in __rlookup_amd_iommu()

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Bounds-check devid in rlookupamdiommu iommudeviceregister walks every device on the PCI bus via busforeachdev and calls amdiommuprobedevice for each. The inlined checkdevice path computes the device's sbdf, calls...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References6
ptsecurity
ptsecurity
added 2026/06/26 12:0 a.m.13 views

PT-2026-52922

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.18.22 Description An issue exists in the AMD IOMMU implementation where the rlookup amd iommu function indexes the rlookup table using the devid variable without performing a bounds check. When a PCI device has...

5.5CVSS6.1AI score0.00121EPSS
Exploits0References14
susecve
susecve
added 2026/06/09 2:21 a.m.12 views

SUSE CVE-2026-46284

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix early boot crash on parameters without '=' separator If hugepages, hugepagesz, or defaulthugepagesz are specified on the kernel command line without the '=' separator, early parameter parsing passes NULL to...

5.5CVSS5.4AI score0.00121EPSS
Exploits0References3
osv
osv
added 2026/06/08 3:41 p.m.1 views

CVE-2026-46284 mm/hugetlb: fix early boot crash on parameters without '=' separator

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix early boot crash on parameters without '=' separator If hugepages, hugepagesz, or defaulthugepagesz are specified on the kernel command line without the '=' separator, early parameter parsing passes NULL to...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References6
cve
cve
added 2026/06/08 3:41 p.m.23 views

CVE-2026-46284

CVE-2026-46284 affects the Linux kernel mm/hugetlb parameter parsing path. When hugepages, hugepagesz, or default_hugepagesz are supplied on the kernel command line without an '=' separator, early-boot parameter parsing passes NULL to hugetlb_add_param(), which dereferences NULL in strlen(), pote...

5.5CVSS5.4AI score0.00121EPSS
Exploits0References3Affected Software1
euvd
euvd
added 2026/06/08 3:41 p.m.13 views

EUVD-2026-35149

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix early boot crash on parameters without '=' separator If hugepages, hugepagesz, or defaulthugepagesz are specified on the kernel command line without the '=' separator, early parameter parsing passes NULL to...

5.4AI score0.00121EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/06/08 12:0 a.m.20 views

PT-2026-47356

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.12-1.1 Description A crash can occur during early boot if the kernel command line parameters hugepages, hugepagesz, or default hugepagesz are...

9.8CVSS5.2AI score0.03663EPSS
Exploits39References337
euvd
euvd
added 2026/06/03 3:49 p.m.13 views

EUVD-2026-34111

In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Fix PF driver crash with kexec kernel booting During a kexec reboot the hardware is not power-cycled, so AF state from the old kernel can persist into the new kernel. When AF and PF drivers are built as modules, the...

5.8AI score0.00115EPSS
Exploits0References8
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: s390/vmem: Split pages when debug pagealloc is enabled. Since commit bb1520d581a3 “s390/mm: Start kernel with DAT enabled”, the kernel crashes early during boot when debug pagealloc is enabled. Symptoms: - Memory initialization:...

6.1AI score0.00155EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix bootup splat with separategpudrm modparam The drmgemforeachgpuvmbo call from lookupvma accesses drmgemobj.gpuva.list, which is not initialized when the drm driver does not support DRIVERGEMGPUVA feature. Enable it fo...

6.2AI score0.00181EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: rtc: cmos: Fix event handler registration ordering issue Since acpiinstallfixedeventhandler automatically enables the event handling mechanism upon success, it is incorrect to call it before the handler routine is ready to handle...

5.5CVSS6.3AI score0.00245EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/04/03 3:15 p.m.2 views

CVE-2026-23474

In the Linux kernel, the following vulnerability has been resolved: mtd: Avoid boot crash in RedBoot partition table parser Given CONFIGFORTIFYSOURCE=y and a recent compiler, commit 439a1bcac648 "fortify: Use builtindynamicobjectsize when available" produces the warning below and an oops. Searchi...

5.9AI score0.00142EPSS
Exploits0References9Affected Software1
cvelist
cvelist
added 2026/04/03 3:15 p.m.25 views

CVE-2026-23474 mtd: Avoid boot crash in RedBoot partition table parser

In the Linux kernel, the following vulnerability has been resolved: mtd: Avoid boot crash in RedBoot partition table parser Given CONFIGFORTIFYSOURCE=y and a recent compiler, commit 439a1bcac648 "fortify: Use builtindynamicobjectsize when available" produces the warning below and an oops. Searchi...

0.00142EPSS
Exploits0References8
osv
osv
added 2026/03/25 10:27 a.m.4 views

CVE-2026-23369 i2c: i801: Revert "i2c: i801: replace acpi_lock with I2C bus lock"

In the Linux kernel, the following vulnerability has been resolved: i2c: i801: Revert "i2c: i801: replace acpilock with I2C bus lock" This reverts commit f707d6b9e7c18f669adfdb443906d46cfbaaa0c1. Under rare circumstances, multiple udev threads can collect i801 device info on boot and walk...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References7
astralinux
astralinux
added 2026/01/27 5:1 a.m.4 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/exynos: exynos7drmdecon: added a check for virtual blinking vblank during IRQ handling. If there is support for another console device such as a TTY serial, the kernel occasionally panics during boot. The panic message and a...

5.5CVSS6.3AI score0.00161EPSS
Exploits0References3
astralinux
astralinux
added 2026/01/27 5:1 a.m.2 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: x86/cpu/hygon: Added resctrlcpudetect to the bspinit helper. Since 923f3a2b48bd “x86/resctrl: Query LLC monitoring properties once during boot”, resctrlcpudetect has been moved from the common CPU initialization code to the...

5.5CVSS6.4AI score0.00159EPSS
Exploits0References3
astralinux
astralinux
added 2026/01/27 5:1 a.m.5 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: arm64: Errata: Add missing sentinel entries to Spectre-BHB MIDR arrays The commit a5951389e58d arm64: errata: Add newer ARM cores to the spectrebhbloopaffected lists added some additional CPUs to the Spectre-BHB workaround. This...

5.5CVSS6.3AI score0.00161EPSS
Exploits0References3
Rows per page
Query Builder