Lucene search
K

4 matches found

OSV
OSV
added 2026/06/16 10:30 p.m.21 views

USN-8440-1 linux-azure-6.8 vulnerabilities

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...

9.8CVSS7.6AI score0.96267EPSS
Exploits284References394
Ubuntu
Ubuntu
added 2026/06/01 9:5 a.m.29 views

LSN-120-1: Kernel Live Patch Security Notice

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Tear down vGIC on failed vCPU creation If kvmarchvcpucreate fails to share the vCPU page with the hypervisor, we propagate the error back to the ioctl but leave the vGIC vCPU data initialised. In the Linux kernel, the...

9.8CVSS6.7AI score0.96267EPSS
Exploits230
RedHat Linux
RedHat Linux
added 2026/05/20 10:29 a.m.9 views

kernel: "Dirty Frag" ESP XFRM variant is a new universal Local Privilege Escalation (LPE) vulnerability in the Linux kernel

A flaw was found in the Linux kernel's xfrm-ESP and RxRPC subsystems. Unsafe in-place cryptographic processing of shared socket buffer fragments allows a low-privileged local attacker to corrupt page-cache contents of readable files, including sensitive system files, and gain root privileges. The...

8.8CVSS6.2AI score0.93235EPSS
Exploits31References6
OSV
OSV
added 2026/05/19 10:20 p.m.23 views

USN-8277-1 linux, linux-aws, linux-hwe-6.17, linux-oem-6.17, linux-oracle, linux-raspi, linux-realtime, linux-realtime-6.17 vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

9.8CVSS7AI score0.96267EPSS
Exploits230References21
Rows per page
Query Builder