Lucene search
K

21 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-53042

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fwctl: Fix class init ordering to avoid NULL pointer dereference on device removal CXL is linked before fwctl in drivers/Makefile. Both use moduleinit, so...

6AI score0.00166EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/26 11:45 a.m.6 views

CVE-2026-53042

A flaw was found in the Linux kernel's fwctl module. An issue with the class initialization ordering can lead to a null pointer dereference when a device is removed. This can cause a system crash, resulting in a Denial of Service DoS...

5.5CVSS5.8AI score0.00166EPSS
Exploits0References4
NVD
NVD
added 2026/06/24 5:17 p.m.9 views

CVE-2026-53042

In the Linux kernel, the following vulnerability has been resolved: fwctl: Fix class init ordering to avoid NULL pointer dereference on device removal CXL is linked before fwctl in drivers/Makefile. Both use moduleinit, so cxlpcidriverinit runs first. When cxlpciprobe calls fwctlregister and then...

0.00166EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/24 4:29 p.m.7 views

EUVD-2026-38910

In the Linux kernel, the following vulnerability has been resolved: fwctl: Fix class init ordering to avoid NULL pointer dereference on device removal CXL is linked before fwctl in drivers/Makefile. Both use moduleinit, so cxlpcidriverinit runs first. When cxlpciprobe calls fwctlregister and then...

5.8AI score0.00166EPSS
Exploits0References3
CVE
CVE
added 2026/06/24 4:29 p.m.16 views

CVE-2026-53042

In CVE-2026-53042, the Linux kernel vulnerability stems from an initialization order: CXL is linked before fwctl in drivers/Makefile, causing fwctl_register to run before fwctl_init, so fwctl_class isn’t registered when device_add is called. This makes class_to_subsys() return NULL, skipping knod...

5.8AI score0.00166EPSS
Exploits0References3
OSV
OSV
added 2026/06/24 4:29 p.m.2 views

CVE-2026-53042 fwctl: Fix class init ordering to avoid NULL pointer dereference on device removal

In the Linux kernel, the following vulnerability has been resolved: fwctl: Fix class init ordering to avoid NULL pointer dereference on device removal CXL is linked before fwctl in drivers/Makefile. Both use moduleinit, so cxlpcidriverinit runs first. When cxlpciprobe calls fwctlregister and then...

5.8AI score0.00166EPSS
Exploits0References6
Oracle linux
Oracle linux
added 2026/05/10 12:0 a.m.34 views

Unbreakable Enterprise kernel security update

5.15.0-320.202.8.2 - xfrm: esp: ipv4: fix up flags setting Greg Kroah-Hartman Orabug: 39344515 CVE-2026-43284 - xfrm: esp: avoid in-place decrypt on shared skb frags Kuan-Ting Chen Orabug: 39344515 CVE-2026-43284 5.15.0-320.202.8.1 - x86/CPU/AMD: Add a fix for AMD-SB-7052 Prathyushi Nangia Orabug...

8.8CVSS6.3AI score0.96267EPSS
Exploits257
OSV
OSV
added 2025/12/04 4:16 p.m.7 views

AZL-71417 CVE-2025-40250 affecting package kernel for versions less than 6.6.119.3-1

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Clean up only new IRQ glue on requestirq failure The mlx5irqalloc function can inadvertently free the entire rmap and end up in a crash1 when the other threads tries to access this, when requestirq fails due to exhauste...

5.6AI score0.00178EPSS
Exploits0References1
NVD
NVD
added 2025/12/04 4:16 p.m.6 views

CVE-2025-40250

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Clean up only new IRQ glue on requestirq failure The mlx5irqalloc function can inadvertently free the entire rmap and end up in a crash1 when the other threads tries to access this, when requestirq fails due to exhauste...

0.00178EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.14 views

EUVD-2023-44153

Malicious code in bioql PyPI...

8.8CVSS8.4AI score0.00218EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/02/14 12:44 p.m.20 views

CVE-2023-3494

The fwctl driver implements a state machine which is executed when a bhyve guest accesses certain x86 I/O ports. The interface lets the guest copy a string into a buffer resident in the bhyve process' memory. A bug in the state machine implementation can result in a buffer overflowing when copyin...

8.8CVSS7.6AI score0.00218EPSS
Exploits0References1
Oracle linux
Oracle linux
added 2024/09/23 12:0 a.m.343 views

Unbreakable Enterprise kernel security update

5.15.0-300.163.18 - crypto: qat - specify firmware files for 402xx Giovanni Cabiddu Orabug: 37044631 5.15.0-300.163.17 - KVM/x86: Do not clear SIPI while in SMM Boris Ostrovsky Orabug: 36955051 - Revert 'Fix userfaultfdapi to return EINVAL as expected' Vijayendra Suman Orabug: 36992217...

7.8CVSS7.4AI score0.00245EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/08/31 12:0 a.m.16 views

FreeBSD : FreeBSD -- bhyve privileged guest escape via fwctl (ab437561-47c0-11ee-8e38-002590c1f29c)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the ab437561-47c0-11ee-8e38-002590c1f29c advisory. - The fwctl driver implements a state machine which is executed when a bhyve guest accesses certain x86...

8.8CVSS8.4AI score0.00218EPSS
Exploits0References2
OSV
OSV
added 2023/08/01 11:15 p.m.6 views

CVE-2023-3494

The fwctl driver implements a state machine which is executed when a bhyve guest accesses certain x86 I/O ports. The interface lets the guest copy a string into a buffer resident in the bhyve process' memory. A bug in the state machine implementation can result in a buffer overflowing when copyin...

8.8CVSS6.5AI score0.00218EPSS
Exploits0References2
NVD
NVD
added 2023/08/01 11:15 p.m.42 views

CVE-2023-3494

The fwctl driver implements a state machine which is executed when a bhyve guest accesses certain x86 I/O ports. The interface lets the guest copy a string into a buffer resident in the bhyve process' memory. A bug in the state machine implementation can result in a buffer overflowing when copyin...

8.8CVSS9.1AI score0.00218EPSS
Exploits0References2
Prion
Prion
added 2023/08/01 11:15 p.m.19 views

Buffer overflow

The fwctl driver implements a state machine which is executed when a bhyve guest accesses certain x86 I/O ports. The interface lets the guest copy a string into a buffer resident in the bhyve process' memory. A bug in the state machine implementation can result in a buffer overflowing when copyin...

4.3CVSS9AI score0.00218EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/08/01 10:13 p.m.42 views

CVE-2023-3494 bhyve privileged guest escape via fwctl

The fwctl driver implements a state machine which is executed when a bhyve guest accesses certain x86 I/O ports. The interface lets the guest copy a string into a buffer resident in the bhyve process' memory. A bug in the state machine implementation can result in a buffer overflowing when copyin...

9.3AI score0.00218EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/08/01 10:13 p.m.16 views

CVE-2023-3494 bhyve privileged guest escape via fwctl

The fwctl driver implements a state machine which is executed when a bhyve guest accesses certain x86 I/O ports. The interface lets the guest copy a string into a buffer resident in the bhyve process' memory. A bug in the state machine implementation can result in a buffer overflowing when copyin...

9AI score0.00218EPSS
Exploits0References2
CVE
CVE
added 2023/08/01 10:13 p.m.76 views

CVE-2023-3494

The CVE-2023-3494 issue affects the FreeBSD bhyve fwctl interface. A bug in the fwctl state machine can cause a buffer overflow when a guest copies a string into a host resident buffer, enabling malicious, privileged guest software to achieve code execution on the host bhyve process (typically ru...

8.8CVSS9AI score0.00218EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2023/08/01 12:0 a.m.20 views

FreeBSD Security Vulnerabilities

FreeBSD is a set of Unix-like operating systems from the FreeBSD Foundation. A security vulnerability exists in FreeBSD versions 13.1 and 13.2, which stems from a buffer overflow vulnerability in the fwctl driver state machine. The vulnerability can be exploited to execute arbitrary code as root ...

8.8CVSS8AI score0.00218EPSS
Exploits0References3
Rows per page
Query Builder