Lucene search
K

65 matches found

OSV
OSV
added 2026/07/01 1:35 p.m.3 views

SUSE-SU-2026:2722-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs bsc1266290. - CVE-2025-68822: Input: alps - fix use-after-free bugs caused by dev3registerwor...

9.8CVSS6.9AI score0.0053EPSS
Exploits0References133
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: EFI/CPER: Do not exceed the ARM processor CPER record buffer. There is a logic within GHES/CPER that detects whether the sectionlength is too small, but it does not detect whether it is too large. Currently, if the firmware...

5.5CVSS5.9AI score0.00119EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: scsi: qla2xxx: Fixed premature hardware access after a PCI error After a recoverable PCI error is detected and resolved, the qla driver needs to check whether the error condition still exists and/or wait for the operating syst...

5.5CVSS6.5AI score0.00252EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: PCI/AER: Avoid NULL pointer dereferencing in aerratelimit When platform firmware provides error information to the OS, for example, via the ACPI APEI GHES mechanism, it may identify a device that does not advertise an AER...

6.1AI score0.00182EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Potential use-after-free issues have been avoided in hcierrorreset. When handling the HCIEVHARDWAREERROR event, if the underlying BT controller is not responding, the GPIO reset mechanism will free the hcidev, leading ...

5.5CVSS6.3AI score0.0028EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2026/05/07 8:8 a.m.9 views

APEI/GHES: ARM processor Error: don't go past allocated memory

...

5.5CVSS5.8AI score0.00127EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/07 2:16 a.m.9 views

SUSE CVE-2026-43266

In the Linux kernel, the following vulnerability has been resolved: EFI/CPER: don't go past the ARM processor CPER record buffer There's a logic inside GHES/CPER to detect if the sectionlength is too small, but it doesn't detect if it is too big. Currently, if the firmware receives an ARM process...

5.5CVSS5.8AI score0.00119EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/07 12:19 a.m.14 views

CVE-2026-43277

A flaw was found in the Linux kernel's ACPI Platform Error Interface APEI Generic Hardware Error Source GHES subsystem. A malicious firmware could send error data that is larger than the memory allocated by the kernel. This out-of-bounds write can lead to a kernel panic, effectively causing a...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/06 12:30 p.m.17 views

EUVD-2026-27665

In the Linux kernel, the following vulnerability has been resolved: EFI/CPER: don't go past the ARM processor CPER record buffer There's a logic inside GHES/CPER to detect if the sectionlength is too small, but it doesn't detect if it is too big. Currently, if the firmware receives an ARM process...

5.8AI score0.00119EPSS
Exploits0References9
EUVD
EUVD
added 2026/05/06 12:30 p.m.9 views

EUVD-2026-27675

In the Linux kernel, the following vulnerability has been resolved: APEI/GHES: ensure that won't go past CPER allocated record The logic at ghesnew prevents allocating too large records, by checking if they're bigger than GHESESTATUSMAXSIZE currently, 64KB. Yet, the allocation is done with the...

5.7AI score0.00114EPSS
Exploits0References9
NVD
NVD
added 2026/05/06 12:16 p.m.29 views

CVE-2026-43266

In the Linux kernel, the following vulnerability has been resolved: EFI/CPER: don't go past the ARM processor CPER record buffer There's a logic inside GHES/CPER to detect if the sectionlength is too small, but it doesn't detect if it is too big. Currently, if the firmware receives an ARM process...

5.5CVSS0.00119EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/05/06 11:28 a.m.9 views

CVE-2026-43277

In the Linux kernel, the following vulnerability has been resolved: APEI/GHES: ensure that won't go past CPER allocated record The logic at ghesnew prevents allocating too large records, by checking if they're bigger than GHESESTATUSMAXSIZE currently, 64KB. Yet, the allocation is done with the...

5.7AI score0.00114EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2026/05/06 11:28 a.m.37 views

CVE-2026-43277 APEI/GHES: ensure that won't go past CPER allocated record

In the Linux kernel, the following vulnerability has been resolved: APEI/GHES: ensure that won't go past CPER allocated record The logic at ghesnew prevents allocating too large records, by checking if they're bigger than GHESESTATUSMAXSIZE currently, 64KB. Yet, the allocation is done with the...

0.00114EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/05/06 11:28 a.m.48 views

CVE-2026-43266 EFI/CPER: don't go past the ARM processor CPER record buffer

In the Linux kernel, the following vulnerability has been resolved: EFI/CPER: don't go past the ARM processor CPER record buffer There's a logic inside GHES/CPER to detect if the sectionlength is too small, but it doesn't detect if it is too big. Currently, if the firmware receives an ARM process...

0.00119EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/05/06 11:28 a.m.9 views

CVE-2026-43266

In the Linux kernel, the following vulnerability has been resolved: EFI/CPER: don't go past the ARM processor CPER record buffer There's a logic inside GHES/CPER to detect if the sectionlength is too small, but it doesn't detect if it is too big. Currently, if the firmware receives an ARM process...

5.8AI score0.00119EPSS
Exploits0References9Affected Software1
CVE
CVE
added 2026/05/06 11:28 a.m.26 views

CVE-2026-43266

The CVE-2026-43266 issue affects the Linux kernel’s ARM CPER/APEI handling: a CPER record with an oversized section_length can cause the kernel to read beyond the intended firmware buffer, leading to a large data dump and potential memory access issues. The fix adds a guard so the kernel stops at...

5.5CVSS5.8AI score0.00119EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2026/05/06 11:28 a.m.21 views

CVE-2026-43201

CVE-2026-43201 applies to the Linux kernel GHES ARM error handling (APEI/GHES: ARM processor Error). Root cause: parsing ARM error context where err_info_num/context_info_num lead to calculating sz and potentially overrunning with too small a dump, causing OOPS. The CVE is addressed by adding siz...

5.5CVSS5.7AI score0.00127EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-43266

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - EFI/CPER: don't go past the ARM processor CPER record buffer There's a logic inside GHES/CPER to detect if the sectionlength is too small, but it doesn't detect...

5.5CVSS6.3AI score0.00119EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2026/04/23 8:8 a.m.7 views

Bluetooth: btintel: serialize btintel_hw_error() with hci_req_sync_lock

...

7.8CVSS5.2AI score0.00126EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/04/23 1:25 a.m.7 views

SUSE CVE-2026-31500

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btintel: serialize btintelhwerror with hcireqsynclock btintelhwerror issues two hcicmdsync calls HCIOPRESET and Intel exception-info retrieval without holding hcireqsynclock. This lets it race against hcidevdoclose -...

7CVSS5.6AI score0.00126EPSS
Exploits0References19
Rows per page
Query Builder