Lucene search
K

107 matches found

OSV
OSV
added 2026/06/24 4:29 p.m.4 views

CVE-2026-52987 drm/amdgpu: avoid double drm_exec_fini() in userq validate

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: avoid double drmexecfini in userq validate When newaddition is true, amdgpuuserqvmvalidate calls drmexecfini&exec before iterating over the collected HMM ranges and calling amdgputtmttgetuserpages. If...

7.8CVSS5.8AI score0.00131EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.11 views

PT-2026-51881

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A double free flaw exists in the drm/amdgpu component within the userq validate function. The issue occurs when amdgpu userq vm validate calls the drm exec fini function on an execution...

7.8CVSS5.9AI score0.00131EPSS
Exploits0References7
OSV
OSV
added 2026/06/01 6:0 p.m.3 views

CVE-2026-30963 Capsule Namespace Hijacking via subresource

Capsule is a multi-tenancy and policy-based framework for Kubernetes. To defend against namespace hijacking achieved through update/patch operations on namespaces, Capsule uses a webhook to validate update requests targeting namespaces. However, in Kubernetes, the namespace/finalize and...

3.9CVSS6AI score0.00202EPSS
Exploits1References4
OSV
OSV
added 2026/05/27 12:55 p.m.1 views

CVE-2026-45986 crypto: ccree - fix a memory leak in cc_mac_digest()

In the Linux kernel, the following vulnerability has been resolved: crypto: ccree - fix a memory leak in ccmacdigest Add ccunmapresult if ccmaphashrequestfinal fails to prevent potential memory leak...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References11
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: For bpf on x86 architecture, there’s a fix for the issue where bpfprogpack isn’t properly freed after it’s deallocated. The syzbot reported several issues with bpfprogpack 1, 2. This issue only occurs when multiple subprogs ar...

7.8CVSS6.4AI score0.00211EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.10 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/xe/queue: The call to fini during the creation of the exec queue fails. Every call to queue initialization should include a corresponding fini call. Skipping this would mean skipping the removal of the queue from the GuC list...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References1
OSV
OSV
added 2026/04/24 2:42 p.m.1 views

CVE-2026-31583 media: em28xx: fix use-after-free in em28xx_v4l2_open()

In the Linux kernel, the following vulnerability has been resolved: media: em28xx: fix use-after-free in em28xxv4l2open em28xxv4l2open reads dev-v4l2 without holding dev-lock, creating a race with em28xxv4l2init's error path and em28xxv4l2fini, both of which free the em28xxv4l2 struct and set...

7.8CVSS5.8AI score0.00128EPSS
Exploits0References12
RedhatCVE
RedhatCVE
added 2026/04/22 7:22 a.m.6 views

CVE-2026-5479

In wolfSSL's EVP layer, the ChaCha20-Poly1305 AEAD decryption path in wolfSSLEVPCipherFinal and related EVP cipher finalization functions fails to verify the authentication tag before returning plaintext to the caller. When an application uses the EVP API to perform ChaCha20-Poly1305 decryption,...

8.1CVSS5.7AI score0.00152EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/10 6:31 a.m.8 views

EUVD-2026-21292

In wolfSSL's EVP layer, the ChaCha20-Poly1305 AEAD decryption path in wolfSSLEVPCipherFinal and related EVP cipher finalization functions fails to verify the authentication tag before returning plaintext to the caller. When an application uses the EVP API to perform ChaCha20-Poly1305 decryption,...

7.6CVSS5.9AI score0.00152EPSS
Exploits0References2
NVD
NVD
added 2026/04/10 4:17 a.m.3 views

CVE-2026-5479

In wolfSSL's EVP layer, the ChaCha20-Poly1305 AEAD decryption path in wolfSSLEVPCipherFinal and related EVP cipher finalization functions fails to verify the authentication tag before returning plaintext to the caller. When an application uses the EVP API to perform ChaCha20-Poly1305 decryption,...

8.1CVSS0.00152EPSS
Exploits0References1
CVE
CVE
added 2026/04/10 2:38 a.m.38 views

CVE-2026-5479

In wolfSSL, the ChaCha20-Poly1305 AEAD decryption path in the EVP layer (wolfSSL_EVP_CipherFinal and related finalization functions) fails to verify the authentication tag before returning plaintext. As a result, when using the EVP API to decrypt ChaCha20-Poly1305, the tag may be computed or acce...

8.1CVSS5.9AI score0.00152EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/04/10 12:0 a.m.7 views

wolfSSL(CyaSSL) 安全漏洞

WolfSSL CyaSSL is a small, portable embedded SSL programming library developed by the American company wolfSSL, designed for developers working with embedded systems. WolfSSL CyaSSL contains a security vulnerability. This vulnerability stems from the ChaCha20-Poly1305 AEAD decryption path in...

8.1CVSS5.8AI score0.00152EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/03/25 4:55 p.m.7 views

SUSE CVE-2026-23350

In the Linux kernel, the following vulnerability has been resolved: drm/xe/queue: Call fini on exec queue creation fail Every call to queue init should have a corresponding fini call. Skipping this would mean skipping removal of the queue from GuC list which is part of gucid allocation. A damaged...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/25 12:30 p.m.4 views

EUVD-2026-15321

In the Linux kernel, the following vulnerability has been resolved: drm/xe/queue: Call fini on exec queue creation fail Every call to queue init should have a corresponding fini call. Skipping this would mean skipping removal of the queue from GuC list which is part of gucid allocation. A damaged...

5.7AI score0.00129EPSS
Exploits0References3
NVD
NVD
added 2026/03/25 11:16 a.m.5 views

CVE-2026-23350

In the Linux kernel, the following vulnerability has been resolved: drm/xe/queue: Call fini on exec queue creation fail Every call to queue init should have a corresponding fini call. Skipping this would mean skipping removal of the queue from GuC list which is part of gucid allocation. A damaged...

7.8CVSS0.00129EPSS
Exploits0References2
OSV
OSV
added 2026/03/25 11:16 a.m.6 views

UBUNTU-CVE-2026-23350

In the Linux kernel, the following vulnerability has been resolved: drm/xe/queue: Call fini on exec queue creation fail Every call to queue init should have a corresponding fini call. Skipping this would mean skipping removal of the queue from GuC list which is part of gucid allocation. A damaged...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/03/25 11:16 a.m.10 views

CVE-2026-23350

In the Linux kernel, the following vulnerability has been resolved: drm/xe/queue: Call fini on exec queue creation fail Every call to queue init should have a corresponding fini call. Skipping this would mean skipping removal of the queue from GuC list which is part of gucid allocation. A damaged...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/03/25 10:27 a.m.21 views

CVE-2026-23350 drm/xe/queue: Call fini on exec queue creation fail

In the Linux kernel, the following vulnerability has been resolved: drm/xe/queue: Call fini on exec queue creation fail Every call to queue init should have a corresponding fini call. Skipping this would mean skipping removal of the queue from GuC list which is part of gucid allocation. A damaged...

7.8CVSS0.00129EPSS
Exploits0References2
OSV
OSV
added 2026/03/25 10:27 a.m.8 views

CVE-2026-23350 drm/xe/queue: Call fini on exec queue creation fail

In the Linux kernel, the following vulnerability has been resolved: drm/xe/queue: Call fini on exec queue creation fail Every call to queue init should have a corresponding fini call. Skipping this would mean skipping removal of the queue from GuC list which is part of gucid allocation. A damaged...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References5
CVE
CVE
added 2026/03/25 10:27 a.m.15 views

CVE-2026-23350

CVE-2026-23350 is a Linux kernel vulnerability in the drm/xe/queue path. The issue arises when an exec queue creation fails and is not properly finalized, leaving a damaged queue in exec_queue_lookup which can cause an invalid memory reference. The fix adds a finalization call (fini) for each que...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder