Lucene search
K

64 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Landlock: Do not lose track of restrictions on credtransfer. When a process’s credstruct is replaced, this mechanism almost always invokes the credprepare LSM hook. However, in one special case when KEYCTLSESSIONTOPARENT updates...

5.5CVSS6.1AI score0.00289EPSS
Exploits2References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: nfs/localio: Restore credentials before releasing pageio data. Otherwise, if the nfsd filecache code releases the nfsdfile immediately, it may trigger the BUGON condition cred == current-cred in putcred, when putting...

5.5CVSS5.7AI score0.00135EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: nfsd: Fixed a cred reference leak in nfsdnllistenersetdoit. nfsdnllistenersetdoit uses getcurrentcred without using putcred. As can be seen from other calls, svcxprtcreatefromsa does not require an additional reference count...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: smb: client: Rejects descriptions of keys of type cifs.spnego from the user space. Keys of type cifs.spnego contain fields that carry authority information, such as pid, uid, creduid, and upcalltarget. The cifs.upcall function...

7.8CVSS6.1AI score0.00353EPSS
Exploits4References2
NVD
NVD
added 2026/06/01 5:17 p.m.40 views

CVE-2026-46243

In the Linux kernel, the following vulnerability has been resolved: smb: client: reject userspace cifs.spnego descriptions cifs.spnego key descriptions contain authority-bearing fields such as pid, uid, creduid, and upcalltarget that cifs.upcall treats as kernel-originating inputs. However,...

7.8CVSS0.00353EPSS
Exploits4References36
ATTACKERKB
ATTACKERKB
added 2026/06/01 4:22 p.m.10 views

CVE-2026-46243

In the Linux kernel, the following vulnerability has been resolved: smb: client: reject userspace cifs.spnego descriptions cifs.spnego key descriptions contain authority-bearing fields such as pid, uid, creduid, and upcalltarget that cifs.upcall treats as kernel-originating inputs. However,...

5.8AI score0.00353EPSS
Exploits4References9Affected Software1
EUVD
EUVD
added 2026/05/08 3:31 p.m.10 views

EUVD-2026-28700

In the Linux kernel, the following vulnerability has been resolved: nfsd: Fix cred ref leak in nfsdnllistenersetdoit. nfsdnllistenersetdoit uses getcurrentcred without putcred. As we can see from other callers, svcxprtcreatefromsa does not require the extra refcount. nfsdnllistenersetdoit is alwa...

5.8AI score0.00122EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/05/08 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-43394

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nfsd: Fix cred ref leak in nfsdnllistenersetdoit. nfsdnllistenersetdoit uses getcurrentcred without putcred. As we can see from other callers, svcxprtcreatefrom...

5.5CVSS6.1AI score0.00122EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of getcurrentcred in nfsdnllistenersetdoit, followed by the omission of calling putcred...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/03/25 4:56 p.m.3 views

SUSE CVE-2026-23297

In the Linux kernel, the following vulnerability has been resolved: nfsd: Fix cred ref leak in nfsdnlthreadssetdoit. syzbot reported memory leak of struct cred. 0 nfsdnlthreadssetdoit passes getcurrentcred to nfsdsvc, but putcred is not called after that. The cred is finally passed down to...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/03/25 2:54 p.m.5 views

CVE-2026-23297

A flaw was found in the Linux kernel's nfsd component. A local user could exploit this vulnerability due to a missing putcred call in the nfsdnlthreadssetdoit function. This oversight leads to a memory leak of struct cred objects, which can result in a denial of service by exhausting available...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References4
NVD
NVD
added 2026/03/25 11:16 a.m.3 views

CVE-2026-23297

In the Linux kernel, the following vulnerability has been resolved: nfsd: Fix cred ref leak in nfsdnlthreadssetdoit. syzbot reported memory leak of struct cred. 0 nfsdnlthreadssetdoit passes getcurrentcred to nfsdsvc, but putcred is not called after that. The cred is finally passed down to...

5.5CVSS0.00122EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/03/25 10:26 a.m.18 views

CVE-2026-23297 nfsd: Fix cred ref leak in nfsd_nl_threads_set_doit().

In the Linux kernel, the following vulnerability has been resolved: nfsd: Fix cred ref leak in nfsdnlthreadssetdoit. syzbot reported memory leak of struct cred. 0 nfsdnlthreadssetdoit passes getcurrentcred to nfsdsvc, but putcred is not called after that. The cred is finally passed down to...

0.00122EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/03/25 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-23297

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nfsd: Fix cred ref leak in nfsdnlthreadssetdoit. syzbot reported memory leak of struct cred. 0 nfsdnlthreadssetdoit passes getcurrentcred to nfsdsvc, but putcre...

5.5CVSS6.1AI score0.00122EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2026/02/17 12:0 a.m.182 views

📄 Qualcomm CVP Kernel Driver Pointer Disclosure / Privilege Escalation

This advisory describes a local privilege escalation vulnerability affecting the Qualcomm CVP kernel driver msmcvp, exposed through the /dev/cvp device node on Android systems using Qualcomm SoCs. The vulnerability originates from an improperly obfuscated kernel pointer returned to user space as ...

5.5CVSS5.7AI score0.00069EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.2 views

MiracleLinux 4 : kernel-2.6.32-696.3.1.el6 (AXSA:2017-1700:04)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2017-1700:04 advisory. The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the operating system:...

7.5CVSS7AI score0.04666EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.3 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002211)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002211 advisory. The scmsetcred function in include/net/scm.h in the Linux kernel before 3.8.11 uses incorrect uid and gid values during credentials passing, which allows local users...

6.9CVSS6.5AI score0.00418EPSS
Exploits0References16
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-20650

Malicious code in bioql PyPI...

7.8CVSS6.2AI score0.01677EPSS
Exploits3References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-24725

Malicious code in bioql PyPI...

5.3CVSS6.5AI score0.002EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-53211

Malicious code in bioql PyPI...

5.5CVSS7.2AI score0.00201EPSS
Exploits0References3
Rows per page
Query Builder