CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

259 matches found

EUVD-2026-38034

In the Linux kernel, the following vulnerability has been resolved: bpf: Free reuseport cBPF prog after RCU grace period. Eulgyu Kim reported the splat below with a repro. 0 The repro sets up a UDP reuseport group with a cBPF prog and replaces it with a new one while another thread is sending a U...

5.7AI score0.00165EPSS

Exploits0References8

CVE•added 5 days ago•15 views

CVE-2026-52910

The CVE concerns the Linux kernel: a reuseport cBPF program could be freed without waiting for an RCU grace period, via sk_reuseport_prog_free() when detaching from the setsockopt path. The underlying issue is that bpf_release_orig_filter() and bpf_prog_free() destruct the cBPF program too early,...

5.7AI score0.00165EPSS

Exploits0References8

AstraLinux•added 5 days ago•5 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: bpf: Enforce expectedattachtype for tailcall compatibility Yinhao et al. recently reported: Our fuzzer tool discovered an uninitialized pointer issue in the bpfprogtestrunxdp function within the Linux kernel’s BPF subsystem. This...

5.6AI score0.00174EPSS

Exploits0References2

EUVD•added 2026/05/27 3:33 p.m.•11 views

EUVD-2026-32255

In the Linux kernel, the following vulnerability has been resolved: bpf: Limit bpf program signature size Practical BPF signatures are significantly smaller than KMALLOCMAXCACHESIZE Allowing larger sizes opens the door for abuse by passing excessive size values and forcing the kernel into expensi...

5.8AI score0.00121EPSS

Exploits0References4

NVD•added 2026/05/27 2:17 p.m.•11 views

CVE-2026-45971

5.5CVSS0.00121EPSS

Exploits0References3

Cvelist•added 2026/05/27 12:18 p.m.•38 views

CVE-2026-45971 bpf: Limit bpf program signature size

0.00121EPSS

Exploits0References3

NVD•added 2026/05/27 11:16 a.m.•16 views

CVE-2026-45839

In the Linux kernel, the following vulnerability has been resolved: bpf: reject negative CO-RE accessor indices in bpfcoreparsespec CO-RE accessor strings are colon-separated indices that describe a path from a root BTF type to a target field, e.g. "0:1:2" walks through nested struct members...

0.00161EPSS

Exploits0References7

Positive Technologies•added 2026/05/27 12:0 a.m.•12 views

PT-2026-43834

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The map direct value addr function of the instruction array map incorrectly adds an offset to the resulting address. This occurs because the resolve pseudo ldimm64 function subsequently...

5.5CVSS5.2AI score0.00107EPSS

Exploits0References8

Positive Technologies•added 2026/05/27 12:0 a.m.•15 views

PT-2026-43673

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Linux kernel where the bpf core parse spec function fails to reject negative CO-RE Compile Once - Run Everywhere accessor indices. CO-RE accessor strings use...

9.8CVSS6AI score0.03663EPSS

Exploits14References285

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: bpf: Fix tailcallreachable rejection for interpreter when jit failed During testing of f263a81451c1 “bpf: Track subprog poke descriptors correctly and fix use-after-free” under various failure conditions, for example, when...

5.5CVSS5.9AI score0.00226EPSS

Exploits0References2

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: BPF: crypto: Use the correct destructor kfunc type With CONFIGCFI enabled, the kernel strictly ensures that indirect function calls use a function pointer type that matches the target function. I encountered the following type...

5.5CVSS5.8AI score0.00122EPSS

Exploits0References1

AstraLinux•added 2026/05/03 11:59 p.m.•8 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: bpf: Detecting IP == ksym.end as part of the BPF program Now, since bpfthrow is the first call instruction with noreturn semantics within the verifier, this also leads to the elimination of dead code in unprecedented ways. For...

6.6CVSS5.5AI score0.00248EPSS

Exploits0References2

Tenable Nessus•added 2026/04/21 12:0 a.m.•4 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013208)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013208 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf: Fix requestsock leak in sk lookup helpers A customer reported a requestsocket leak in a Cali...

5.5CVSS6.2AI score0.00259EPSS

Exploits0References4

RedhatCVE•added 2026/03/25 4:14 p.m.•3 views

CVE-2026-23383

A flaw was found in the Linux kernel's BPF Berkeley Packet Filter JIT Just-In-Time compiler on arm64 architectures. The BPF JIT allocator incorrectly requests a 4-byte alignment for its buffer, while a critical target field within the bpfplt structure requires 8-byte alignment. This misalignment...

7CVSS6AI score0.00129EPSS

Exploits0References4

SUSE CVE•added 2026/03/22 12:24 a.m.•7 views

SUSE CVE-2026-23271

In the Linux kernel, the following vulnerability has been resolved: perf: Fix perfeventoverflow vs perfremovefromcontext race Make sure that perfeventoverflow runs with IRQs disabled for all possible callchains. Specifically the software events can end up running it with only preemption disabled...

5.3CVSS5.7AI score0.00096EPSS

Exploits0References23

EUVD•added 2026/03/20 9:32 a.m.•3 views

EUVD-2026-13605

5.6AI score0.00096EPSS

Exploits0References5

NVD•added 2026/03/20 9:16 a.m.•4 views

CVE-2026-23271

7.8CVSS0.00096EPSS

Exploits0References6