CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2026/05/27 3:33 p.m.•4 views

EUVD-2026-32393

In the Linux kernel, the following vulnerability has been resolved: bpf: Require frozen map for calculating map hash Currently, bpfmapgetinfobyfd calculates and caches the hash of the map regardless of the map's frozen state. This leads to a TOCTOU bug where userspace can call BPFOBJGETINFOBYFD t...

5.7AI score0.00022EPSS

NVD•added 2026/05/27 2:17 p.m.•4 views

CVE-2026-45927

0.00022EPSS

Cvelist•added 2026/05/27 12:18 p.m.•28 views

CVE-2026-45967 bpf: Return proper address for non-zero offsets in insn array

In the Linux kernel, the following vulnerability has been resolved: bpf: Return proper address for non-zero offsets in insn array The mapdirectvalueaddr function of the instruction array map incorrectly adds offset to the resulting address. This is a bug, because later the resolvepseudoldimm64...

0.00024EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: - BPF: The rcureadlockTraceheld function in bpfmaplookuppercpuelem needs to be checked. The bpfmaplookuppercpuelem helper function is also available for sleepable BPF programs. When BPF JIT is disabled or on a 32-bit host,...

5.5CVSS6.4AI score0.0007EPSS

RedHat Linux•added 2026/05/19 9:4 a.m.•5 views

kernel: bpf: Check rcu_read_lock_trace_held() in bpf_map_lookup_percpu_elem()

In the Linux kernel, the following vulnerability has been resolved: bpf: Check rcureadlocktraceheld in bpfmaplookuppercpuelem bpfmaplookuppercpuelem helper is also available for sleepable bpf program. When BPF JIT is disabled or under 32-bit host, bpfmaplookuppercpuelem will not be inlined. Using...

5.5CVSS6.2AI score0.0007EPSS

Exploits0References5

AstraLinux•added 2026/05/03 11:59 p.m.•1 views

Astra Linux - уязвимость в linux, linux-6.1, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: BPF: Check rcureadlockTraceheld before calling BPF map helpers. These three BPFmaplookup,update,deleteelem helpers are also available for sleepable BPF programs. Therefore, add the corresponding lock assertions for sleepable B...

7.8CVSS6.4AI score0.00006EPSS

GithubExploit•added 2026/04/12 10:41 a.m.•14 views

Exploit for Out-of-bounds Read in Linux Linux_Kernel

CVE-2026-31413: One Byte in the BPF Verifier to Container Esca...

7.8CVSS7.6AI score0.00011EPSS

Exploits2

Tenable Nessus•added 2026/01/22 12:0 a.m.•3 views

Azure Linux 3.0 Security Update: kernel (CVE-2025-38202)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38202 advisory. - In the Linux kernel, the following vulnerability has been resolved: bpf: Check rcureadlocktraceheld in...

5.5CVSS5.3AI score0.0007EPSS

F5 Networks•added 2026/01/12 4:45 p.m.•7 views

K000159060: Linux kernel vulnerability CVE-2024-56615

Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: bpf: fix OOB devmap writes when deleting elements Jordy reported issue against XSKMAP which also applies to DEVMAP - the index used for accessing map entry, due to being a signed integer, causes the...

7.8CVSS5.3AI score0.00025EPSS

Exploits0

Tenable Nessus•added 2025/12/26 12:0 a.m.•1 views

Linux Distros Unpatched Vulnerability : CVE-2025-68355

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Fix exclusive map memory leak When exclproghash is 0 and exclproghashsize is non-zero, the map also needs to be freed. Otherwise, the map memory will not b...

5.4AI score0.00025EPSS

SUSE CVE•added 2025/12/25 12:24 a.m.•1 views

SUSE CVE-2025-68355

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix exclusive map memory leak When exclproghash is 0 and exclproghashsize is non-zero, the map also needs to be freed. Otherwise, the map memory will not be reclaimed, just like the memory leak problem reported by syzbot 1...

5.5CVSS6.5AI score0.00025EPSS

OSV•added 2025/12/24 11:15 a.m.•0 views

UBUNTU-CVE-2025-68355

5.7AI score0.00025EPSS

UbuntuCve•added 2025/12/24 11:15 a.m.•2 views

CVE-2025-68355

5.7AI score0.00025EPSS

RedHat Linux•added 2025/11/11 8:21 a.m.•1 views

kernel: bpf: avoid holding freeze_mutex during mmap operation

In the Linux kernel, the following vulnerability has been resolved: bpf: avoid holding freezemutex during mmap operation We use map-freezemutex to prevent races between mapfreeze and memory mapping BPF map contents with writable permissions. The way we naively do this means we'll hold freezemutex...

5.5CVSS6.8AI score0.00019EPSS

Exploits0References5

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2025-6392

Malicious code in bioql PyPI...

5.5CVSS7AI score0.00019EPSS

Exploits0References8

Tenable Nessus•added 2025/09/25 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2025-39886

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Tell memcg to use allowspinning=false path in bpftimerinit Currently, calling bpfmapkmallocnode from bpfasyncinit can cause various locking issues; see the...

5.5CVSS6.2AI score0.00018EPSS

NVD•added 2025/09/18 4:15 p.m.•1 views

CVE-2023-53441

In the Linux kernel, the following vulnerability has been resolved: bpf: cpumap: Fix memory leak in cpumapupdateelem Syzkaller reported a memory leak as follows: BUG: memory leak unreferenced object 0xff110001198ef748 size 192: comm "syz-executor.3", pid 17672, jiffies 4298118891 age 9.906s hex...

5.5CVSS0.00018EPSS

Tenable Nessus•added 2025/09/16 12:0 a.m.•1 views

Linux Distros Unpatched Vulnerability : CVE-2022-50259

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: fix race in sockmapfree sockmapfree calls releasesocksk without owning a...

4.7CVSS5.8AI score0.00016EPSS

Tenable Nessus•added 2025/08/12 12:0 a.m.•1 views

Linux Distros Unpatched Vulnerability : CVE-2025-38202

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Check rcureadlocktraceheld in bpfmaplookuppercpuelem bpfmaplookuppercpuelem helper is also available for sleepable bpf program. When BPF JIT is disabled or...

5.5CVSS6.4AI score0.0007EPSS