Lucene search
K

6 matches found

Cvelist
Cvelist
added 2026/04/22 1:53 p.m.34 views

CVE-2026-31449 ext4: validate p_idx bounds in ext4_ext_correct_indexes

In the Linux kernel, the following vulnerability has been resolved: ext4: validate pidx bounds in ext4extcorrectindexes ext4extcorrectindexes walks up the extent tree correcting index entries when the first extent in a leaf is modified. Before accessing pathk.pidx-eiblock, there is no validation...

7.8CVSS0.00135EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.9 views

PT-2026-34354

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ext4 ext correct indexes function, which corrects index entries when the first extent in a leaf is modified. The function fails to validate that the p idx pointer...

7.8CVSS5.3AI score0.00135EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/02/21 5:36 a.m.6 views

CVE-2026-27211

Cloud Hypervisor is a Virtual Machine Monitor for Cloud workloads. Versions 34.0 through 50.0 arevulnerable to arbitrary host file exfiltration constrained by process privileges when using virtio-block devices backed by raw images. A malicious guest can overwrite its disk header with a crafted...

9.1CVSS5.6AI score0.005EPSS
Exploits1References8Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/21 12:0 a.m.8 views

PT-2026-21357

Name of the Vulnerable Software and Affected Versions Cloud Hypervisor versions 34.0 through 50.0 Description Cloud Hypervisor, a Virtual Machine Monitor for Cloud workloads, has an issue where a malicious guest can potentially access sensitive host files. This occurs when using virtio-block...

10CVSS5.2AI score0.005EPSS
Exploits1References17
ATTACKERKB
ATTACKERKB
added 2022/08/24 4:15 p.m.6 views

CVE-2021-4122

It was found that a specially crafted LUKS header could trick cryptsetup into disabling encryption during the recovery of the device. An attacker with physical access to the medium, such as a flash disk, could use this flaw to force a user into permanently disabling the encryption layer of that...

4.3CVSS6.7AI score0.0028EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2016/03/08 10:53 p.m.5 views

openstack-nova: Host data leak through resize/migration

An information-exposure flaw was found in the OpenStack Compute nova resize and migrate functionality. An authenticated user could write a malicious qcow header to an ephemeral or root disk, referencing a block device as a backing file. With a subsequent resize or migration, file system content o...

5.3CVSS5.7AI score0.02091EPSS
Exploits0References5
Rows per page
Query Builder