CVE-2026-45942

In the Linux kernel, the following vulnerability has been resolved: ext4: fix e4b bitmap inconsistency reports A bitmap inconsistency issue was observed during stress tests under mixed huge-page workloads. Ext4 reported multiple e4b bitmap check failures like: ext4mbcomplexscangroup:2508: group...

CVE-2026-31648

Summary of CVE-2026-31648 (Linux kernel) • Affects the kernel vulnerability in filemap handling: nr_pages overflow in filemap_map_pages() can cause set_pte_range() to map beyond the size of a large folio, potentially corrupting page metadata. • Root cause (as documented): race condition between f...

Linux Distros Unpatched Vulnerability : CVE-2026-31450

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ext4: publish jinode after initialization ext4inodeattachjinode publishes ei-jinode to concurrent users. It used to set ei-jinode before jbd2journalinitjbdinode...

CVE-2025-40272

A use-after-free race condition was found in the secretmem subsystem of the Linux kernel. When two tasks concurrently fault on the same page in a memfdsecret file, the losing task may free its folio before restoring the direct map entry. This allows the freed page to be reallocated while still...

CVE-2025-40006 mm/hugetlb: fix folio is still mapped when deleted

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix folio is still mapped when deleted Migration may be raced with fallocating hole. removeinodesinglefolio will unmap the folio if the folio is still mapped. However, it's called without folio lock. If the folio is...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from improper handling of file mapping, which could lead to null pointer dereferencing...

kernel: mm: migrate: fix getting incorrect page mapping during page migration

A page mapping vulnerability was found in the Linux kernel. A call to the pagemapping function during a page migration may return an incorrect file mapping and cause a system crash if another thread is simultaneously attempting to offline the target page that is being migrated...

CLSA-2024-1728936982 kernel: Fix of 86 CVEs

drm/amd/pm: Fix negative array index read CVE-2024-46821 - drm/amd/display: Check gpioid before used as array index CVE-2024-46818 - drm/amd/display: Check linkindex before accessing dc-links CVE-2024-46813 - drm/amd/display: Fix index may exceed array range within fpuupdatebwboundingbox...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-52610: net/sched: actct: fix skb leak and crash on ooo frags bsc1221610. CVE-2023-52752: smb: client: fix use-after-free bug in cifsdebugdataprocshow...

CVE-2023-52490

In the Linux kernel, the following vulnerability has been resolved: mm: migrate: fix getting incorrect page mapping during page migration When running stress-ng testing, we found below kernel crash after a few hours: Unable to handle kernel NULL pointer dereference at virtual address...

PT-2023-31465

Name of the Vulnerable Software and Affected Versions WireMock with GUI versions 3.0.4.0 through 3.2.0.0 Description The issue concerns stored cross-site scripting SXSS through the recording feature. An attacker can host a malicious payload and perform a test mapping pointing to the attacker's...

Exploit for Path Traversal in Apache Http_Server

PoC exploit for CVE-2021-41773 and CVE-2021-42013, two vulnerabi...

CVE-2019-9345

CVE-2019-9345 affects the Android kernel (sdcardfs) and describes a local elevation of privilege due to shared mapping of OBB files that can breach profile data separation. The vulnerability is classified as Elevation of Privilege (High) in the Kernel component per Pixel update bulletin, with loc...

Linux userfaultfd tmpfs File Permission Bypass

Linux: userfaultfd bypasses tmpfs file permissions CVE-2018-18397 Using the userfaultfd API, it is possible to first register a userfaultfd region for any VMA that fulfills vmacanuserfault: It must be an anonymous VMA -vmops==NULL, a hugetlb VMA VMHUGETLB, or a shmem VMA -vmops==shmemvmops. This...

Dell Touchpad - ApMsgFwd.exe Denial of Service

Dell Touchpad - ApMsgFwd.exe Denial of Service / Title: Dell Touchpad - ApMsgFwd.exe Denial Of Service Author: Souhail Hammou Vendor Homepage: https://www.alps.com/ Tested on : Alps Pointing-device Driver 10.1.101.207 CVE: CVE-2018-10828 / include include include / Details: ========== ApMsgFwd.ex...

CVE-2018-10828

An issue was discovered in Alps Pointing-device Driver 10.1.101.207. ApMsgFwd.exe allows the current user to map and write to the "ApMsgFwd File Mapping Object" section. ApMsgFwd.exe uses the data written to this section as arguments to functions. This causes a denial of service condition when...

Design/Logic Flaw

An issue was discovered in Alps Pointing-device Driver 10.1.101.207. ApMsgFwd.exe allows the current user to map and write to the "ApMsgFwd File Mapping Object" section. ApMsgFwd.exe uses the data written to this section as arguments to functions. This causes a denial of service condition when...

CVE-2018-10828

An issue was discovered in Alps Pointing-device Driver 10.1.101.207. ApMsgFwd.exe allows the current user to map and write to the "ApMsgFwd File Mapping Object" section. ApMsgFwd.exe uses the data written to this section as arguments to functions. This causes a denial of service condition when...

CVE-2018-10828

An issue was discovered in Alps Pointing-device Driver 10.1.101.207. ApMsgFwd.exe allows the current user to map and write to the "ApMsgFwd File Mapping Object" section. ApMsgFwd.exe uses the data written to this section as arguments to functions. This causes a denial of service condition when...

CVE-2015-8341

The libxl toolstack library in Xen 4.1.x through 4.6.x does not properly release mappings of files used as kernels and initial ramdisks when managing multiple domains in the same process, which allows attackers to cause a denial of service memory and disk consumption by starting domains...