Lucene search
K

353 matches found

RedhatCVE
RedhatCVE
added 2026/06/26 7:34 a.m.8 views

CVE-2026-53164

A flaw was found in the Linux kernel's input/output memory management unit IOMMU Direct Memory Access DMA subsystem, specifically within the software IOMMU bounce buffer SWIOTLB mechanism. This vulnerability occurs when the system attempts to map a zero-length memory region, which can be triggere...

5.5CVSS5.9AI score0.00166EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/xe/migrate: prevents infinite recursion. If the buf + offset is not aligned to XECAHELINEBYTES, we fall back to using a bounce buffer. However, the bounce buffer is allocated on the stack, and the only alignment requirement...

5.5CVSS6AI score0.00128EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: media: go7007: fix a memleak in go7007loadencoder In go7007loadencoder, the variable bounce i.e., go-bootfw is allocated without subsequent deallocation. After the following call chain: saa7134go7007init | | - go7007bootencoder |...

5.5CVSS5.7AI score0.00289EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.9 views

FreeBSD : Erlang/OTP -- FTP passive-mode client does not validate server response IP (d87e0681-64d4-11f1-ab11-4c526214c986)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the d87e0681-64d4-11f1-ab11-4c526214c986 advisory. https://github.com/erlang/otp/security/advisories/GHSA-24cv-hwgr-37fq reports: The FTP client in passiv...

6.5CVSS5.5AI score0.00234EPSS
Exploits0References3
NVD
NVD
added 2026/06/10 4:17 p.m.14 views

CVE-2026-48858

Server-Side Request Forgery SSRF vulnerability in Erlang/OTP ftp ftpinternal module allows FTP bounce attacks and SSRF via an unvalidated PASV response IP address. The ftpinternal:handlectrlresult/2 PASV handler mode=passive, ipfamily=inet, ftpextension=false extracts the IP address from the...

6.5CVSS0.00234EPSS
Exploits0References6
CVE
CVE
added 2026/06/10 2:35 p.m.29 views

CVE-2026-48858

The CVE-2026-48858 entry describes a Server-Side Request Forgery (SSRF) flaw in Erlang/OTP ftp’s PASV path: the ftp_internal PASV handler accepts the server’s 227 response IP and passes it to gen_tcp:connect without validating it against the control connection peer, unlike EPSV handlers. This ena...

6.5CVSS5.6AI score0.00234EPSS
Exploits0References6Affected Software3
Vulnrichment
Vulnrichment
added 2026/06/10 2:35 p.m.10 views

CVE-2026-48858 ftp client PASV response IP not validated against control peer, enabling SSRF and FTP bounce attacks

Server-Side Request Forgery SSRF vulnerability in Erlang/OTP ftp ftpinternal module allows FTP bounce attacks and SSRF via an unvalidated PASV response IP address. The ftpinternal:handlectrlresult/2 PASV handler mode=passive, ipfamily=inet, ftpextension=false extracts the IP address from the...

6.3CVSS5.6AI score0.00234EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/10 2:35 p.m.11 views

EUVD-2026-36055

Server-Side Request Forgery SSRF vulnerability in Erlang/OTP ftp ftpinternal module allows FTP bounce attacks and SSRF via an unvalidated PASV response IP address. The ftpinternal:handlectrlresult/2 PASV handler mode=passive, ipfamily=inet, ftpextension=false extracts the IP address from the...

6.3CVSS5.6AI score0.00234EPSS
Exploits0References6
FreeBSD
FreeBSD
added 2026/06/10 12:0 a.m.6 views

Erlang/OTP -- FTP passive-mode client does not validate server response IP

https://github.com/erlang/otp/security/advisories/GHSA-24cv-hwgr-37fq reports: The FTP client in passive mode did not validate the IP address returned in the server's response, allowing a compromised or malicious server to redirect the data connection to an arbitrary host. This enables server-sid...

6.5CVSS5.6AI score0.00234EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:39 p.m.9 views

CVE-2026-7798

The FluentCRM – Email Newsletter, Automation, Email Marketing, Email Campaigns, Optins, Leads, and CRM Solution plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 2.9.87 via the 'SubscribeURL' parameter. This makes it possible for...

5.4CVSS5.5AI score0.00645EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2026/05/28 8:10 a.m.8 views

crypto: nx - fix bounce buffer leaks in nx842_crypto_{alloc,free}_ctx

...

7.8CVSS5.4AI score0.00129EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/28 3:53 a.m.9 views

SUSE CVE-2026-46066

In the Linux kernel, the following vulnerability has been resolved: ceph: fix numops off-by-one when crypto allocation fails movedirtyfolioinpagearray may fail if the file is encrypted, the dirty folio is not the first in the batch, and it fails to allocate a bounce buffer to hold the ciphertext...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/28 3:53 a.m.13 views

SUSE CVE-2026-46068

In the Linux kernel, the following vulnerability has been resolved: crypto: nx - fix bounce buffer leaks in nx842cryptoalloc,freectx The bounce buffers are allocated with getfreepages using BOUNCEBUFFERORDER order 2 = 4 pages, but both the allocation error path and nx842cryptofreectx release the...

3.3CVSS5.8AI score0.00129EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/27 8:10 p.m.11 views

CVE-2026-46068

A flaw was found in the Linux kernel's crypto:nx component. This vulnerability involves incorrect memory management during the deallocation of bounce buffers, where an improper function is used. This can lead to memory leaks, which may result in system instability or a Denial of Service DoS...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/27 6:40 p.m.17 views

CVE-2026-46066

A flaw was found in the Linux kernel's Ceph filesystem. When writing to encrypted CephFS files, a failure to allocate a bounce buffer for a dirty folio can lead to an off-by-one error in the numops counter. This inconsistency can cause a kernel panic, resulting in a Denial of Service DoS for the...

5.5CVSS5.9AI score0.00121EPSS
Exploits0References4
NVD
NVD
added 2026/05/27 2:17 p.m.10 views

CVE-2026-46068

In the Linux kernel, the following vulnerability has been resolved: crypto: nx - fix bounce buffer leaks in nx842cryptoalloc,freectx The bounce buffers are allocated with getfreepages using BOUNCEBUFFERORDER order 2 = 4 pages, but both the allocation error path and nx842cryptofreectx release the...

7.8CVSS0.00129EPSS
Exploits0References5
OSV
OSV
added 2026/05/27 2:17 p.m.4 views

UBUNTU-CVE-2026-46068

In the Linux kernel, the following vulnerability has been resolved: crypto: nx - fix bounce buffer leaks in nx842cryptoalloc,freectx The bounce buffers are allocated with getfreepages using BOUNCEBUFFERORDER order 2 = 4 pages, but both the allocation error path and nx842cryptofreectx release the...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References6
OSV
OSV
added 2026/05/27 2:17 p.m.4 views

UBUNTU-CVE-2026-46066

In the Linux kernel, the following vulnerability has been resolved: ceph: fix numops off-by-one when crypto allocation fails movedirtyfolioinpagearray may fail if the file is encrypted, the dirty folio is not the first in the batch, and it fails to allocate a bounce buffer to hold the ciphertext...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/05/27 12:57 p.m.42 views

CVE-2026-46068 crypto: nx - fix bounce buffer leaks in nx842_crypto_{alloc,free}_ctx

In the Linux kernel, the following vulnerability has been resolved: crypto: nx - fix bounce buffer leaks in nx842cryptoalloc,freectx The bounce buffers are allocated with getfreepages using BOUNCEBUFFERORDER order 2 = 4 pages, but both the allocation error path and nx842cryptofreectx release the...

0.00129EPSS
Exploits0References5
CVE
CVE
added 2026/05/27 12:57 p.m.24 views

CVE-2026-46068

CVE-2026-46068 affects the Linux kernel's crypto nx path: bounce buffers allocated with _get_free_pages() (BOUNCE_BUFFER_ORDER) are freed with free_page() instead of free_pages(), causing memory leaks. The fix uses free_pages() with the matching order in nx842_crypto {alloc,free}_ctx. Affected: L...

7.8CVSS5.9AI score0.00129EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder