Lucene search
K

271 matches found

OSV
OSV
added 2026/07/01 12:16 a.m.4 views

UBUNTU-CVE-2026-54903

Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2, Oj.load is vulnerable to heap corruption when parsing a JSON string longer than 2 GB. An integer overflow in bufappendstring buf.h:61 converts the string length to a large negative sizet,...

6.3CVSS5.8AI score0.00253EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/26 5:49 p.m.9 views

CVE-2026-52950

A flaw was found in the Linux kernel, specifically within the drm/xe/dma-buf component. This Use-After-Free UAF vulnerability occurs due to an issue in a retry loop, where a buffer object is prematurely freed on error. An attacker could potentially exploit this to cause memory corruption, leading...

7.8CVSS6.3AI score0.00132EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/24 6:32 p.m.4 views

EUVD-2026-38818

In the Linux kernel, the following vulnerability has been resolved: drm/xe/dma-buf: fix UAF with retry loop Retry doesn't work here, since bo will be freed on error, leading to UAF. However, now that we do the alloc & init before the attach, we can now combine this as one unit and have the init d...

5.7AI score0.00132EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/24 4:30 p.m.9 views

EUVD-2026-38950

In the Linux kernel, the following vulnerability has been resolved: net: hamradio: 6pack: fix uninit-value in sixpackreceivebuf sixpackreceivebuf does not properly skip bytes with TTY error flags. The while loop iterates through the flags buffer but never advances the data pointer cp, and passes...

6AI score0.00164EPSS
Exploits0References8
CVE
CVE
added 2026/06/24 4:28 p.m.20 views

CVE-2026-52951

CVE-2026-52951 affects the Linux kernel, in the drm/xe/dma-buf subsystem, due to race conditions in the invalidate_mappings hook during BO (buffer object) handling. The issue arises when xe_bo_alloc() and an attach occur before xe_dma_buf_init_obj() completes, making the BO visible on the attachm...

7.8CVSS6AI score0.00132EPSS
Exploits0References7
OSV
OSV
added 2026/06/24 4:28 p.m.2 views

CVE-2026-52950 drm/xe/dma-buf: fix UAF with retry loop

In the Linux kernel, the following vulnerability has been resolved: drm/xe/dma-buf: fix UAF with retry loop Retry doesn't work here, since bo will be freed on error, leading to UAF. However, now that we do the alloc & init before the attach, we can now combine this as one unit and have the init d...

7.8CVSS5.8AI score0.00132EPSS
Exploits0References9
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.10 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: spi: spidev: fixed the lock inversion between spilock and buflock. The spidev driver previously used two mutexes, spilock and buflock, but their acquisition was done in different orders depending on the code path: - write/read:...

5.5CVSS5.8AI score0.00094EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: The issue related to synchronization in amdgpudmabufMoveNotify has been fixed. Invalidating a dmabuf will affect other users of the shared BO. In the scenario where Process A moves the BO, it needs to inform Process B...

5.5CVSS5.9AI score0.00122EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.12 views

PT-2026-51845

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the drm/xe/dma-buf subsystem involving race conditions when handling the invalidate mappings hook during buffer object initialization and attachment. These races occur...

7.8CVSS5.9AI score0.00132EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.6 views

PT-2026-51887

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A double-free flaw exists in the Transparent Inter-Process Communication TIPC module. The issue occurs within the tipc buf append function when it incorrectly handles memory after a sock...

9.8CVSS6.2AI score0.00351EPSS
Exploits0References89
OSV
OSV
added 2026/06/19 8:47 p.m.5 views

GHSA-475M-PH3X-64GP Oj: Integer Overflow in Oj.load 2GB String Handling

Summary Oj.load is vulnerable to heap corruption when parsing a JSON string longer than 2 GB. An integer overflow in bufappendstring buf.h:61 converts the string length to a large negative sizet, causing memcpy to copy an astronomically large amount of data out of bounds. This crashes the process...

8.7CVSS5.9AI score0.00253EPSS
Exploits0References2
RubySec
RubySec
added 2026/06/19 12:0 a.m.5 views

Oj - Integer Overflow in Oj.load 2GB String Handling

Summary Oj.load is vulnerable to heap corruption when parsing a JSON string longer than 2 GB. An integer overflow in bufappendstring buf.h:61 converts the string length to a large negative sizet, causing memcpy to copy an astronomically large amount of data out of bounds. This crashes the process...

6.3CVSS5.9AI score0.00253EPSS
Exploits0References1Affected Software1
SUSE CVE
SUSE CVE
added 2026/06/09 2:20 a.m.11 views

SUSE CVE-2026-46312

In the Linux kernel, the following vulnerability has been resolved: media: videobuf2: Set vmaflags in vb2dmasgmmap vb2dmacontig sets VMA flags VMDONTEXPAND and VMDONTDUMP and I do not see a reason why vb2dmasg should behave differently. This avoids hitting WARNON!vma-vmflags & VMDONTEXPAND; in...

5.5CVSS5.4AI score0.00114EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/08 3:50 p.m.12 views

EUVD-2026-35122

In the Linux kernel, the following vulnerability has been resolved: media: videobuf2: Set vmaflags in vb2dmasgmmap vb2dmacontig sets VMA flags VMDONTEXPAND and VMDONTDUMP and I do not see a reason why vb2dmasg should behave differently. This avoids hitting WARNON!vma-vmflags & VMDONTEXPAND; in...

5.4AI score0.00114EPSS
Exploits0References5
CVE
CVE
added 2026/06/08 3:50 p.m.40 views

CVE-2026-46312

CVE-2026-46312 is a Linux kernel vulnerability involving media: videobuf2 where vb2_dma_sg_mmap did not set the VMA flags, potentially triggering a WARN_ON in drm_gem_mmap_obj() during mmap() of an imported dma-buf. The fix adds proper VMA flag handling in vb2_dma_sg_mmap_mmap (consistent with vb...

5.5CVSS5.4AI score0.00114EPSS
Exploits0References5Affected Software1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.9 views

Google Android 安全漏洞

Google Android is an open-source operating system based on Linux, developed by Google Inc. There is a security vulnerability in Google Android, which stems from an integer overflow in the l2cfcrclonebuf function found in l2cfcr.cc. This vulnerability may lead to controlled heap corruption within...

8CVSS5.7AI score0.00107EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/05/29 1:15 a.m.13 views

SUSE CVE-2026-46201

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix dma-buf attachment leak in xegemprimeimport When xedmabufinitobj fails, the attachment from dmabufdynamicattach is not detached. Add dmabufdetach before returning the error. Note: we cannot use goto outerr here becaus...

5.5CVSS5.8AI score0.00138EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.17 views

Linux Distros Unpatched Vulnerability : CVE-2026-46201

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/xe: Fix dma-buf attachment leak in xegemprimeimport When xedmabufinitobj fails, the attachment from dmabufdynamicattach is not detached. Add dmabufdetach...

7.8CVSS7.1AI score0.00138EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/28 9:8 p.m.12 views

CVE-2026-46201

A flaw was found in the Linux kernel's drm/xe subsystem. When handling dma-buf attachments, a resource leak occurs if the initialization of a dma-buf object fails, as the attachment is not properly detached. This oversight can lead to resource exhaustion, potentially allowing a local attacker to...

7.8CVSS5.8AI score0.00138EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/28 9:40 a.m.14 views

EUVD-2026-32828

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix dma-buf attachment leak in xegemprimeimport When xedmabufinitobj fails, the attachment from dmabufdynamicattach is not detached. Add dmabufdetach before returning the error. Note: we cannot use goto outerr here becaus...

5.8AI score0.00138EPSS
Exploits0References4
Rows per page
Query Builder