CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

21 matches found

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fixed a use-after-free race condition in the fault handler. When a page fault occurs in a secret memory file created with memfdsecret2, the kernel will allocate a new folio for it, mark the underlying page as not...

5.7AI score0.00179EPSS

Exploits0References2

AstraLinux•added last week•2 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: secretmem: Disable memfdsecret if arch cannot set the direct map. The memfdsecret syscall returns -ENOSYS if !cansetdirectmap is true. This occurs, for example, in some arm64 configurations, where marking 4k PTEs in the direct ma...

5.5CVSS6.1AI score0.00222EPSS

Exploits0References2

RedhatCVE•added 2025/12/07 9:55 p.m.•8 views

CVE-2025-40272

A use-after-free race condition was found in the secretmem subsystem of the Linux kernel. When two tasks concurrently fault on the same page in a memfdsecret file, the losing task may free its folio before restoring the direct map entry. This allows the freed page to be reallocated while still...

5.8CVSS6.1AI score0.00179EPSS

Exploits0References4

EUVD•added 2025/12/07 12:30 a.m.•10 views

EUVD-2025-201583

In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fix use-after-free race in fault handler When a page fault occurs in a secret memory file created with memfdsecret2, the kernel will allocate a new folio for it, mark the underlying page as not-present in the direct...

5.8AI score0.00179EPSS

Exploits0References7

NVD•added 2025/12/06 10:15 p.m.•9 views

CVE-2025-40272

0.00179EPSS

Exploits0References6

OSV•added 2025/12/06 10:15 p.m.•6 views

DEBIAN-CVE-2025-40272

5.5AI score0.00179EPSS

Exploits0References1

OSV•added 2025/12/06 10:15 p.m.•3 views

UBUNTU-CVE-2025-40272

5.8AI score0.00179EPSS

Exploits0References34

CVE•added 2025/12/06 9:50 p.m.•24 views

CVE-2025-40272

CVE-2025-40272 affects Linux kernel mm/secretmem: a use-after-free race in the fault handler can occur when two tasks fault on the same secret memory page concurrently. The bug arises from freeing the folio before restoring the direct map, which could let a then-allocated page become accessible a...

5.9AI score0.00179EPSS

Exploits0References6

Cvelist•added 2025/12/06 9:50 p.m.•20 views

CVE-2025-40272 mm/secretmem: fix use-after-free race in fault handler

0.00179EPSS

Exploits0References6

OSV•added 2025/12/06 9:50 p.m.•10 views

CVE-2025-40272 mm/secretmem: fix use-after-free race in fault handler

6.2AI score0.00179EPSS

Exploits0References9

Debian CVE•added 2025/12/06 9:50 p.m.•9 views

CVE-2025-40272

5.5AI score0.00179EPSS

Exploits0

Positive Technologies•added 2025/06/12 12:0 a.m.•5 views

PT-2025-49373

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s handling of page faults within secret memory files created using memfd secret2. Concurrent page faults in the same page by multiple tasks can lead to ...

4.6CVSS6.2AI score0.00179EPSS

Exploits0

RedHat Linux•added 2025/05/13 8:28 a.m.•4 views

kernel: secretmem: disable memfd_secret() if arch cannot set direct map

In the Linux kernel, the following vulnerability has been resolved: secretmem: disable memfdsecret if arch cannot set direct map Return -ENOSYS from memfdsecret syscall if !cansetdirectmap. This is the case for example on some arm64 configurations, where marking 4k PTEs in the direct map not...

5.5CVSS6.8AI score0.00222EPSS

Exploits0References5