161 matches found
kernel: KVM: x86: Fix shadow paging use-after-free due to unexpected role
A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM x86 shadow paging mechanism. This vulnerability occurs when a host page directory entry PDE mapping is changed from within the guest, leading to an unexpected role mismatch in shadow paging. This mismatch can cause a...
kernel: KVM: x86: Fix shadow paging use-after-free due to unexpected role
A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM x86 shadow paging mechanism. This vulnerability occurs when a host page directory entry PDE mapping is changed from within the guest, leading to an unexpected role mismatch in shadow paging. This mismatch can cause a...
UBUNTU-CVE-2026-53359
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix shadow paging use-after-free due to unexpected role Commit 0cb2af2ea66ad "KVM: x86: Fix shadow paging use-after-free due to unexpected GFN" fixed a shadow paging mismatch between stored and computed GFNs; the bug...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Flush the cache for the PASID table before using it. When writing the address of a newly allocated, zero-initialized PASID table to a PASID directory entry, do so after flushing the CPU cache for this PASID table, not...
Linux Distros Unpatched Vulnerability : CVE-2026-10645
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Zephyr's ext2 directory-entry parser does not fully validate on-disk directory entry structure before copying the entry name and advancing traversal state. In...
CVE-2026-10645
The Zephyr ext2 filesystem driver subsys/fs/ext2 trusted the on-disk directory entry fields dereclen and denamelen when walking a directory block. ext2fetchdirentry guarded only with denamelen EXT2MAXFILENAME, but denamelen is a uint8t and EXT2MAXFILENAME is 255, so the check is always false; the...
CVE-2025-70099
A NULL pointer dereference in the ext4direngetnamelen function in include/ext4dir.h of lwext4 1.0.0 allows attackers to cause a denial of service by supplying a specially crafted EXT4 filesystem image with malformed directory entries. During directory iteration, the code may fail to validate the...
CVE-2026-46175
Summary of CVE-2026-46175 (f2fs FGGC issue) : In the Linux kernel’s f2fs filesystem, Foreground Garbage Collection (FGGC) of node blocks could leave the fsync and dentry marks uncleared, causing fsck to misinterpret migrated data as fsync-written. The root cause is that the marks were not cleared...
SUSE CVE-2026-45862
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Flush cache for PASID table before using it When writing the address of a freshly allocated zero-initialized PASID table to a PASID directory entry, do that after the CPU cache flush for this PASID table, not before i...
PT-2026-43729
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the iommu/vt-d component where the address of a freshly allocated zero-initialized PASID table is written to a PASID directory entry before the CPU cache flush occurs...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: isofs: Fixed out-of-bound access for corrupted isofs images. When an isofs image is corrupted, isofsread inode can read data beyond the end of the buffer. It is necessary to sanity-check the length of the directory entry befor...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: exfat: Fixed the infinite loop in exfatreaddir. If the file system is corrupted in such a way that a cluster links itself to another cluster in the cluster chain, and there is an unused directory entry in the cluster, the variabl...
PT-2026-37386
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the OCFS2 file system where the ocfs2 validate inode block function fails to validate the size of inline data when reading an inode from disk. In cases of filesystem...
CVE-2026-6386
In order to apply a particular protection key to an address range, the kernel must update the corresponding page table entries. The subroutine which handled this failed to take into account the presence of 1GB largepage mappings created using the shmcreatelargepage3 interface. In particular, it...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007302)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007302 advisory. In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix OOB in nilfssetdetype The size of the nilfstypebymode array in the fs/nilfs2/dir.c fi...
kernel: smb: client: Fix use-after-free in cifs_fill_dirent
A use-after-free flaw was found in cifsfilldirent in fs/cifs/readdir.c in smb client in the Linux Kernel. This flaw could allow an attacker to crash the system due to race problem. This vulnerability could even lead to a kernel information leak problem...
CLSA-2026-1771077729 kernel: Fix of 107 CVEs
net/ieee802154: don't warn zero-sized rawsendmsg CVE-2022-50706 - bpf: Don't redirect packets with invalid pktlen CVE-2022-49975 - media: uvcvideo: Fix 1-byte out-of-bounds read in uvcparseformat CVE-2025-38680 - ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network...
kernel: smb: client: Fix use-after-free in cifs_fill_dirent
A use-after-free flaw was found in cifsfilldirent in fs/cifs/readdir.c in smb client in the Linux Kernel. This flaw could allow an attacker to crash the system due to race problem. This vulnerability could even lead to a kernel information leak problem...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Added a sanity check for the file name. The length of the file name should be smaller than the directory entry size...
kernel-rt security update
An update is available for kernel-rt. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel-rt packages provide the Real Time Linux Kernel, which enables...