1037 matches found
CVE-2026-45851
A flaw was found in the Linux kernel's Extensible Firmware Interface EFI subsystem. An error in memory reservation for the unaccepted memory table can occur if its starting address is not page-aligned. This vulnerability could lead to the memory table being overwritten or inaccessible, resulting ...
SUSE CVE-2026-45851
In the Linux kernel, the following vulnerability has been resolved: efi: Fix reservation of unaccepted memory table The reserveunaccepted function incorrectly calculates the size of the memblock reservation for the unaccepted memory table. It aligns the size of the table, but fails to account for...
EUVD-2026-32317
In the Linux kernel, the following vulnerability has been resolved: efi: Fix reservation of unaccepted memory table The reserveunaccepted function incorrectly calculates the size of the memblock reservation for the unaccepted memory table. It aligns the size of the table, but fails to account for...
CVE-2026-45851 efi: Fix reservation of unaccepted memory table
In the Linux kernel, the following vulnerability has been resolved: efi: Fix reservation of unaccepted memory table The reserveunaccepted function incorrectly calculates the size of the memblock reservation for the unaccepted memory table. It aligns the size of the table, but fails to account for...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the efi module failing to correctly calculate the alignment size when retaining unvalidated memor...
USN-8289-2: Linux kernel (NVIDIA) vulnerabilities
It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...
Ubuntu Pro FIPS-updates 24.04 LTS : Linux kernel (FIPS) vulnerabilities (USN-8296-1)
The remote Ubuntu Pro FIPS-updates 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8296-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...
CLSA-2026-1779434490 kernel: Fix of 100 CVEs
tracing: Verify event formats that have "%p.." CVE-2025-37938 - HID: pidff: Fix null pointer dereference in pidfffindfields CVE-2025-37862 - scsi: st: Fix array overflow in stsetup CVE-2025-37857 - drm/amdkfd: debugfs hanghws skip GPU with MES CVE-2025-37853 - mm/vmscan: don't try to reclaim...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: arm64: efi: Make efirtlock a rawspinlock Running a rt-kernel base on 6.2.0-rc3-rt1 on an Ampere Altra outputs the following: BUG: A sleeping function is called from an invalid context at kernel/locking/spinlockrt.c:46 inatomic: 1...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: EFI: Do not map the entire mokvar table to determine its size. Currently, when validating the mokvar table, we re-map the entire table on each iteration of the loop, adding space as we discover new entries. If the table grows to ...
Astra Linux - уязвимость в edk2
The BootPerformanceTable pointer is retrieved from an NVRAM variable within PEI. It is recommended that the PcdFirmwarePerformanceDataTableS3Support be set to FALSE...
Astra Linux - уязвимость в linux, linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: efi/capsule-loader: corrected incorrect allocation size gcc-14 notes that the allocation using sizeofvoid on 32-bit architectures is insufficient for a 64-bit physaddrt: drivers/firmware/efi/capsule-loader.c: In the function...
Astra Linux - уязвимость в edk2
In Ubuntu’s EDK2, a insecure default setting was left enabled, allowing UEFI Shell to be used. This enables an attacker with access to the operating system to bypass Secure Boot...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: EFI: In runtime mode, a potential overflow of the size of the soft-reserved region has been fixed. If there are pages worth ≥ 4GB in a soft-reserved region, the value of mdsize will be reduced...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021588)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021588 advisory. In the Linux kernel, the following vulnerability has been resolved: fbdev: efifb: Register sysfs groups through driver core The driver core can register and cleanup...
edk2: EDK2: Improper Input Validation allows arbitrary command execution
A flaw was found in EDK2 EFI Development Kit 2. This vulnerability allows an attacker to cause arbitrary command execution and impact Confidentiality, Integrity, and Availability via improper input validation by local access...
CVE-2026-34963
barebox version prior to 2026.04.0 contains multiple memory-safety vulnerabilities in the EFI PE loader in efi/loader/pe.c where integer overflow in virtual image size computation using 32-bit arithmetic on section VirtualAddress and size values allows undersized heap allocation, and PE section...
EUVD-2026-29347
barebox version prior to 2026.04.0 contains multiple memory-safety vulnerabilities in the EFI PE loader in efi/loader/pe.c where integer overflow in virtual image size computation using 32-bit arithmetic on section VirtualAddress and size values allows undersized heap allocation, and PE section...
CVE-2026-34963
barebox version prior to 2026.04.0 contains multiple memory-safety vulnerabilities in the EFI PE loader in efi/loader/pe.c where integer overflow in virtual image size computation using 32-bit arithmetic on section VirtualAddress and size values allows undersized heap allocation, and PE section...
CVE-2026-34963
barebox version prior to 2026.04.0 contains multiple memory-safety vulnerabilities in the EFI PE loader in efi/loader/pe.c where integer overflow in virtual image size computation using 32-bit arithmetic on section VirtualAddress and size values allows undersized heap allocation, and PE section...