CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added yesterday•3 views

EUVD-2026-38929

In the Linux kernel, the following vulnerability has been resolved: dm cache: fix dirty mapping checking in passthrough mode switching As mentioned in commit 9b1cc9f251af "dm cache: share cache-metadata object across inactive and active DM tables", dm-cache assumed table reload occurs after...

5.7AI score

EUVD•added yesterday•4 views

EUVD-2026-38927

In the Linux kernel, the following vulnerability has been resolved: dm log: fix out-of-bounds write due to regioncount overflow The local variable regioncount in createlogcontext is declared as unsigned int 32-bit, but dmsectordivup returns sectort 64-bit. When a device-mapper target has a...

5.8AI score

AstraLinux•added 6 days ago•5 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: - dm clone: Fixed a UAF Use-after-Free in clonedtr. - Dmclone also has the same UAF issue when dmresume and dmdestroy are executed concurrently. Therefore, the timer is canceled again in clonedtr...

5.4AI score0.00206EPSS

Exploits0References1

AstraLinux•added 6 days ago•4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: dm mpath: Added the missing dmputdevice call when failing to obtain the scsi dh name. When commit fd81bc5cca8f “scsi: devicehandler: Returning an error pointer in scsidhattachedhandlername”, code was added to fail the parsing of...

5.5CVSS5.6AI score0.00112EPSS

Exploits0References1

AstraLinux•added 6 days ago•8 views

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: In the dmstats function, check for and propagate the allocpercpu failure. Check the return value of allocprecpu, and return an error from dmstatsinit if it fails. Update allocdev to fail if dmstatsinit does so. Otherwise, a NULL...

5.5CVSS5.6AI score0.00161EPSS

AstraLinux•added 6 days ago•3 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: dm integrity: Memory corruption occurs when tagsize is less than digestsize. It is possible to configure dm-integrity in such a way that the tagsize parameter is smaller than the actual digestsize. In this case, a portion of the...

7.8CVSS6.1AI score0.00263EPSS

AstraLinux•added 6 days ago•3 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: dm thin: Make getfirstthin use listfirstornullrcu instead of rcu-safe list first function. The documentation in rculist.h explains the absence of listemptyrcu and warns programmers against relying on a sequence of listempty -...

5.5CVSS6.2AI score0.0021EPSS

AstraLinux•added 6 days ago•3 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: dm: A NULL pointer dereference occurred in dmsuspend. There is a race condition between the suspension of the dm device and the loading of data into the table, which can lead to a NULL pointer dereference. This issue occurs when...

5.6AI score0.00184EPSS

SUSE CVE•added 2026/06/10 2:25 a.m.•7 views

SUSE CVE-2026-46327

In the Linux kernel, the following vulnerability has been resolved: dm: fix unlocked test for dmsuspendedmd The function dmblkreportzones tests if the device is suspended with the "dmsuspendedmd" call. However, this function is called without holding any locks, so the device may be suspended just...

RedhatCVE•added 2026/06/09 4:51 p.m.•7 views

CVE-2026-46327

A flaw was found in the Linux kernel's device mapper dm component. The dmblkreportzones function performs a check for the device's suspended state without proper locking. This allows the device to enter a suspended state immediately after the check, leading to an inconsistent state. This...

OSV•added 2026/06/09 2:16 p.m.•7 views

Exploits0References4

UBUNTU-CVE-2026-46327

7.8CVSS5.2AI score0.0012EPSS

EUVD•added 2026/06/09 12:25 p.m.•8 views

EUVD-2026-35428

5.4AI score0.0012EPSS

Exploits0References4

Debian CVE•added 2026/06/09 12:25 p.m.•9 views

CVE-2026-46327

7.8CVSS5.3AI score0.0012EPSS

Exploits0

CVE•added 2026/06/09 12:25 p.m.•19 views

CVE-2026-46327

In the Linux kernel dm subsystem, the vulnerability centers on dm_blk_report_zones checking for suspended state without holding locks, allowing a race where the device may be suspended immediately after the check. The fix moves the dm_suspended_md check to occur after dm_get_live_table, ensuring ...

SUSE CVE•added 2026/06/09 2:20 a.m.•10 views

Exploits0References4

SUSE CVE-2026-46294

In the Linux kernel, the following vulnerability has been resolved: dm: fix a buffer overflow in ioctl processing Tony Asleson using Claude found a buffer overflow in dm-ioctl in the function retrievestatus: 1. The code in retrievestatus checks that the output string fits into the output buffer a...

4.1CVSS5.8AI score0.00195EPSS

Positive Technologies•added 2026/06/09 12:0 a.m.•12 views

PT-2026-47785

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the Device Mapper component where the dm blk report zones function checks if a device is suspended using the dm suspended md call without holding the necessary...

7.8CVSS5.8AI score0.0012EPSS

Exploits0References14

Tenable Nessus•added 2026/06/09 12:0 a.m.•7 views

Linux Distros Unpatched Vulnerability : CVE-2026-46327

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dm: fix unlocked test for dmsuspendedmd The function dmblkreportzones tests if the device is suspended with the dmsuspendedmd call. However, this function is...

NVD•added 2026/06/08 5:16 p.m.•11 views

CVE-2026-46294

0.00195EPSS