Lucene search
K

161 matches found

RedHat Linux
RedHat Linux
added 15 hours ago5 views

kernel: KVM: x86: Fix shadow paging use-after-free due to unexpected role

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM x86 shadow paging mechanism. This vulnerability occurs when a host page directory entry PDE mapping is changed from within the guest, leading to an unexpected role mismatch in shadow paging. This mismatch can cause a...

7.1AI score0.00176EPSS
Exploits3References6
RedHat Linux
RedHat Linux
added 5 days ago4 views

kernel: KVM: x86: Fix shadow paging use-after-free due to unexpected role

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM x86 shadow paging mechanism. This vulnerability occurs when a host page directory entry PDE mapping is changed from within the guest, leading to an unexpected role mismatch in shadow paging. This mismatch can cause a...

6.5AI score0.00176EPSS
Exploits3References6
OSV
OSV
added 2026/07/04 12:17 p.m.6 views

UBUNTU-CVE-2026-53359

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix shadow paging use-after-free due to unexpected role Commit 0cb2af2ea66ad "KVM: x86: Fix shadow paging use-after-free due to unexpected GFN" fixed a shadow paging mismatch between stored and computed GFNs; the bug...

6AI score0.00176EPSS
Exploits3References10
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Flush the cache for the PASID table before using it. When writing the address of a newly allocated, zero-initialized PASID table to a PASID directory entry, do so after flushing the CPU cache for this PASID table, not...

7.8CVSS5.7AI score0.00149EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-10645

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Zephyr's ext2 directory-entry parser does not fully validate on-disk directory entry structure before copying the entry name and advancing traversal state. In...

5.5CVSS6.2AI score0.00205EPSS
Exploits1References2
NVD
NVD
added 2026/06/23 1:16 a.m.12 views

CVE-2026-10645

The Zephyr ext2 filesystem driver subsys/fs/ext2 trusted the on-disk directory entry fields dereclen and denamelen when walking a directory block. ext2fetchdirentry guarded only with denamelen EXT2MAXFILENAME, but denamelen is a uint8t and EXT2MAXFILENAME is 255, so the check is always false; the...

5.5CVSS0.00205EPSS
Exploits1References2
NVD
NVD
added 2026/06/01 9:16 p.m.18 views

CVE-2025-70099

A NULL pointer dereference in the ext4direngetnamelen function in include/ext4dir.h of lwext4 1.0.0 allows attackers to cause a denial of service by supplying a specially crafted EXT4 filesystem image with malformed directory entries. During directory iteration, the code may fail to validate the...

7.5CVSS0.0035EPSS
Exploits0References4
CVE
CVE
added 2026/05/28 9:36 a.m.43 views

CVE-2026-46175

Summary of CVE-2026-46175 (f2fs FGGC issue) : In the Linux kernel’s f2fs filesystem, Foreground Garbage Collection (FGGC) of node blocks could leave the fsync and dentry marks uncleared, causing fsck to misinterpret migrated data as fsync-written. The root cause is that the marks were not cleared...

7.1CVSS5.8AI score0.00124EPSS
Exploits0References3Affected Software1
SUSE CVE
SUSE CVE
added 2026/05/28 3:57 a.m.14 views

SUSE CVE-2026-45862

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Flush cache for PASID table before using it When writing the address of a freshly allocated zero-initialized PASID table to a PASID directory entry, do that after the CPU cache flush for this PASID table, not before i...

6.5CVSS5.7AI score0.00149EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.20 views

PT-2026-43729

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the iommu/vt-d component where the address of a freshly allocated zero-initialized PASID table is written to a PASID directory entry before the CPU cache flush occurs...

7.8CVSS5.4AI score0.00149EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: isofs: Fixed out-of-bound access for corrupted isofs images. When an isofs image is corrupted, isofsread inode can read data beyond the end of the buffer. It is necessary to sanity-check the length of the directory entry befor...

5.5CVSS5.5AI score0.00234EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: exfat: Fixed the infinite loop in exfatreaddir. If the file system is corrupted in such a way that a cluster links itself to another cluster in the cluster chain, and there is an unused directory entry in the cluster, the variabl...

5.5CVSS6.3AI score0.00218EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.8 views

PT-2026-37386

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the OCFS2 file system where the ocfs2 validate inode block function fails to validate the size of inline data when reading an inode from disk. In cases of filesystem...

7.8CVSS5.3AI score0.00131EPSS
Exploits0References18
NVD
NVD
added 2026/04/22 3:16 a.m.10 views

CVE-2026-6386

In order to apply a particular protection key to an address range, the kernel must update the corresponding page table entries. The subroutine which handled this failed to take into account the presence of 1GB largepage mappings created using the shmcreatelargepage3 interface. In particular, it...

6.2CVSS0.00162EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.7 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007302)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007302 advisory. In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix OOB in nilfssetdetype The size of the nilfstypebymode array in the fs/nilfs2/dir.c fi...

7.8CVSS6.3AI score0.00271EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/02/16 6:4 p.m.9 views

kernel: smb: client: Fix use-after-free in cifs_fill_dirent

A use-after-free flaw was found in cifsfilldirent in fs/cifs/readdir.c in smb client in the Linux Kernel. This flaw could allow an attacker to crash the system due to race problem. This vulnerability could even lead to a kernel information leak problem...

7CVSS5.8AI score0.00181EPSS
Exploits0References5
OSV
OSV
added 2026/02/14 2:2 p.m.38 views

CLSA-2026-1771077729 kernel: Fix of 107 CVEs

net/ieee802154: don't warn zero-sized rawsendmsg CVE-2022-50706 - bpf: Don't redirect packets with invalid pktlen CVE-2022-49975 - media: uvcvideo: Fix 1-byte out-of-bounds read in uvcparseformat CVE-2025-38680 - ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network...

7.8CVSS7.1AI score0.00319EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/01/28 3:14 p.m.6 views

kernel: smb: client: Fix use-after-free in cifs_fill_dirent

A use-after-free flaw was found in cifsfilldirent in fs/cifs/readdir.c in smb client in the Linux Kernel. This flaw could allow an attacker to crash the system due to race problem. This vulnerability could even lead to a kernel information leak problem...

7CVSS5.8AI score0.00181EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/01/27 5:1 a.m.9 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Added a sanity check for the file name. The length of the file name should be smaller than the directory entry size...

7.8CVSS6.3AI score0.00156EPSS
Exploits0References3
Rockylinux
Rockylinux
added 2026/01/24 9:3 a.m.13 views

kernel-rt security update

An update is available for kernel-rt. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel-rt packages provide the Real Time Linux Kernel, which enables...

7.8CVSS7.9AI score0.00183EPSS
Exploits0
Rows per page
Query Builder