Lucene search
K

112 matches found

EUVD
EUVD
added 2026/05/06 12:30 p.m.7 views

EUVD-2026-27710

In the Linux kernel, the following vulnerability has been resolved: net: wan/fslucchdlc: Fix dmafreecoherent in uhdlcmemclean The priv-rxbuffer and priv-txbuffer are alloc'd together as contiguous buffers in uhdlcinit but freed as two buffers in uhdlcmemclean. Change the cleanup to only call...

5.8AI score0.00128EPSS
Exploits0References9
NVD
NVD
added 2026/05/06 12:16 p.m.7 views

CVE-2026-43169

In the Linux kernel, the following vulnerability has been resolved: drm/buddy: Prevent BUGON by validating rounded allocation When DRMBUDDYCONTIGUOUSALLOCATION is set, the requested size is rounded up to the next power-of-two via rounduppowoftwo. Similarly, for non-contiguous allocations with lar...

5.5CVSS0.00127EPSS
Exploits0References4
NVD
NVD
added 2026/05/06 12:16 p.m.5 views

CVE-2026-43149

In the Linux kernel, the following vulnerability has been resolved: net: wan/fslucchdlc: Fix dmafreecoherent in uhdlcmemclean The priv-rxbuffer and priv-txbuffer are alloc'd together as contiguous buffers in uhdlcinit but freed as two buffers in uhdlcmemclean. Change the cleanup to only call...

5.5CVSS0.00128EPSS
Exploits0References8
CVE
CVE
added 2026/05/06 11:27 a.m.15 views

CVE-2026-43169

The CVE-2026-43169 issue lies in the Linux kernel DRM_BUDDY code (drm/buddy) where contiguous allocations (and large non-contiguous allocations) are rounded up to a power of two or aligned, potentially producing a size > mm->size and triggering BUG_ON(order > mm->max_order). If such a...

5.5CVSS5.7AI score0.00127EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/05/06 11:27 a.m.25 views

CVE-2026-43149 net: wan/fsl_ucc_hdlc: Fix dma_free_coherent() in uhdlc_memclean()

In the Linux kernel, the following vulnerability has been resolved: net: wan/fslucchdlc: Fix dmafreecoherent in uhdlcmemclean The priv-rxbuffer and priv-txbuffer are alloc'd together as contiguous buffers in uhdlcinit but freed as two buffers in uhdlcmemclean. Change the cleanup to only call...

0.00128EPSS
Exploits0References8
CVE
CVE
added 2026/05/06 11:27 a.m.14 views

CVE-2026-43149

The CVE-2026-43149 issue affects the Linux kernel: the net: wan/fsl_ucc_hdlc driver allocated priv->rx_buffer and priv->tx_buffer as a single contiguous block in uhdlc_init(), but incorrectly freed them as two buffers in uhdlc_memclean() by calling dma_free_coherent() twice. The fix changes...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References8Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/06 11:27 a.m.5 views

CVE-2026-43149

In the Linux kernel, the following vulnerability has been resolved: net: wan/fslucchdlc: Fix dmafreecoherent in uhdlcmemclean The priv-rxbuffer and priv-txbuffer are alloc'd together as contiguous buffers in uhdlcinit but freed as two buffers in uhdlcmemclean. Change the cleanup to only call...

5.7AI score0.00128EPSS
Exploits0References9Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.10 views

PT-2026-37509

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the drm/buddy component where requested allocation sizes are rounded up using roundup pow of two when DRM BUDDY CONTIGUOUS ALLOCATION is set, or aligned via round up f...

5.5CVSS6.3AI score0.00127EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.10 views

PT-2026-37489

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the net: wan/fsl ucc hdlc component where priv-rx buffer and priv-tx buffer are allocated together as contiguous buffers in the uhdlc init function but are incorrectly...

5.5CVSS5.4AI score0.00128EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/27 12:0 a.m.6 views

Fedora 44 : python-cryptography (2026-aa318887d6)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-aa318887d6 advisory. Changelog Wed Apr 8 2026 Jeremy Cline - 46.0.7-1 - Update to 46.0.7 - SECURITY ISSUE: Fixed an issue where non-contiguous buffers could be passed to APIs tha...

9.8CVSS5.5AI score0.00652EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/04/10 11:25 p.m.5 views

SUSE CVE-2026-39892

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. From 45.0.0 to before 46.0.7, if a non-contiguous buffer was passed to APIs which accepted Python buffers e.g. Hash.update, this could lead to buffer overflows. This vulnerability is fixed in...

5.3CVSS6AI score0.00652EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/04/09 9:58 p.m.6 views

CVE-2026-39892

A flaw was found in the cryptography library. This vulnerability occurs when a non-contiguous buffer is passed to certain application programming interfaces APIs that accept Python buffers, such as Hash.update. A remote attacker could exploit this to cause a buffer overflow, potentially leading t...

9.8CVSS6AI score0.00652EPSS
Exploits0References6
PyPA
PyPA
added 2026/04/08 9:17 p.m.9 views

PYSEC-2026-36

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. From 45.0.0 to before 46.0.7, if a non-contiguous buffer was passed to APIs which accepted Python buffers e.g. Hash.update, this could lead to buffer overflows. This vulnerability is fixed in...

9.8CVSS5.9AI score0.00652EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/04/08 9:17 p.m.8 views

PYSEC-2026-36

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. From 45.0.0 to before 46.0.7, if a non-contiguous buffer was passed to APIs which accepted Python buffers e.g. Hash.update, this could lead to buffer overflows. This vulnerability is fixed in...

9.8CVSS5.9AI score0.00652EPSS
Exploits0References2
NVD
NVD
added 2026/04/08 9:17 p.m.5 views

CVE-2026-39892

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. From 45.0.0 to before 46.0.7, if a non-contiguous buffer was passed to APIs which accepted Python buffers e.g. Hash.update, this could lead to buffer overflows. This vulnerability is fixed in...

9.8CVSS0.00652EPSS
Exploits0References21
UbuntuCve
UbuntuCve
added 2026/04/08 9:17 p.m.3 views

CVE-2026-39892

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. From 45.0.0 to before 46.0.7, if a non-contiguous buffer was passed to APIs which accepted Python buffers e.g. Hash.update, this could lead to buffer overflows. This vulnerability is fixed in...

9.8CVSS6AI score0.00652EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/08 8:49 p.m.22 views

CVE-2026-39892 cryptography has a buffer overflow if non-contiguous buffers were passed to APIs

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. From 45.0.0 to before 46.0.7, if a non-contiguous buffer was passed to APIs which accepted Python buffers e.g. Hash.update, this could lead to buffer overflows. This vulnerability is fixed in...

6.9CVSS0.00652EPSS
Exploits0References1
CVE
CVE
added 2026/04/08 8:49 p.m.67 views

CVE-2026-39892

CVE-2026-39892 affects the Python package cryptography. From 45.0.0 to before 46.0.7, passing a non-contiguous buffer to APIs that accept Python buffers (e.g., Hash.update()) could cause buffer overflows. The issue is fixed in version 46.0.7. Remediation: upgrade to cryptography 46.0.7 or later.

9.8CVSS6.1AI score0.00652EPSS
Exploits0References21Affected Software1
Debian CVE
Debian CVE
added 2026/04/08 8:49 p.m.4 views

CVE-2026-39892

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. From 45.0.0 to before 46.0.7, if a non-contiguous buffer was passed to APIs which accepted Python buffers e.g. Hash.update, this could lead to buffer overflows. This vulnerability is fixed in...

9.8CVSS5.5AI score0.00652EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/04/08 8:49 p.m.3 views

CVE-2026-39892

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. From 45.0.0 to before 46.0.7, if a non-contiguous buffer was passed to APIs which accepted Python buffers e.g. Hash.update, this could lead to buffer overflows. This vulnerability is fixed in...

9.8CVSS6.1AI score0.00652EPSS
Exploits0
Rows per page
Query Builder