Lucene search
K

248 matches found

CVE
CVE
added 2026/03/18 10:5 a.m.23 views

CVE-2025-71265

CVE-2025-71265 affects the Linux kernel ntfs3 attribute run parsing. A malformed NTFS image could trigger an infinite loop in attr_load_runs_range when an empty run list is claimed but data is expected, due to the code path leaving runs_tree uninitialized (runs NULL) after a successful return fro...

5.5CVSS5.6AI score0.00121EPSS
Exploits0References9Affected Software1
OSV
OSV
added 2026/03/04 3:16 p.m.3 views

DEBIAN-CVE-2026-23238

In the Linux kernel, the following vulnerability has been resolved: romfs: check sbsetblocksize return value romfsfillsuper ignores the return value of sbsetblocksize, which can fail if the requested block size is incompatible with the block device's configuration. This can be triggered by settin...

5.5CVSS5.2AI score0.00189EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/03/04 3:16 p.m.6 views

CVE-2026-23238

In the Linux kernel, the following vulnerability has been resolved: romfs: check sbsetblocksize return value romfsfillsuper ignores the return value of sbsetblocksize, which can fail if the requested block size is incompatible with the block device's configuration. This can be triggered by settin...

5.5CVSS5.7AI score0.00189EPSS
Exploits0References9
OSV
OSV
added 2026/03/04 3:16 p.m.6 views

UBUNTU-CVE-2026-23238

In the Linux kernel, the following vulnerability has been resolved: romfs: check sbsetblocksize return value romfsfillsuper ignores the return value of sbsetblocksize, which can fail if the requested block size is incompatible with the block device's configuration. This can be triggered by settin...

5.5CVSS5.7AI score0.00189EPSS
Exploits0References18
ATTACKERKB
ATTACKERKB
added 2026/03/04 2:38 p.m.6 views

CVE-2026-23238

In the Linux kernel, the following vulnerability has been resolved: romfs: check sbsetblocksize return value romfsfillsuper ignores the return value of sbsetblocksize, which can fail if the requested block size is incompatible with the block device's configuration. This can be triggered by settin...

5.8AI score0.00189EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2026/03/04 2:38 p.m.26 views

CVE-2026-23238

CVE-2026-23238 (Linux kernel — romfs): The romfs implementation in the kernel failed to honor the return value of sb_set_blocksize(), continuing a mount when the requested ROMBSIZE (e.g., 4096) was incompatible with the device’s logical_block_size (e.g., 32768). This could occur by using LOOP_SET...

5.5CVSS5.8AI score0.00189EPSS
Exploits0References8Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/04 12:0 a.m.10 views

PT-2026-22924

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel has an issue where romfs fill super does not check the return value of sb set blocksize. This can lead to a kernel BUG in folio set bh if a loop device's block size is s...

5.5CVSS6AI score0.00189EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2026/02/18 4:22 p.m.5 views

CVE-2025-71231

In the Linux kernel, the following vulnerability has been resolved: crypto: iaa - Fix out-of-bounds index in findemptyiaacompressionmode The local variable 'i' is initialized with -EINVAL, but the for loop immediately overwrites it and -EINVAL is never returned. If no empty compression mode can b...

7.1CVSS5.7AI score0.00117EPSS
Exploits0References4
CVE
CVE
added 2026/02/18 2:53 p.m.24 views

CVE-2025-71231

CVE-2025-71231 is addressed by a Linux kernel crypto: iaa fix that prevents an out-of-bounds index in find_empty_iaa_compression_mode and ensures a valid index or -EINVAL is returned. Connected OSV entries show Root patching the issue in rootio-linux for multiple distros (e.g., Root:Ubuntu 24.04,...

7.1CVSS5.2AI score0.00117EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/18 2:53 p.m.3 views

CVE-2025-71231

In the Linux kernel, the following vulnerability has been resolved: crypto: iaa - Fix out-of-bounds index in findemptyiaacompressionmode The local variable 'i' is initialized with -EINVAL, but the for loop immediately overwrites it and -EINVAL is never returned. If no empty compression mode can b...

5.1AI score0.00117EPSS
Exploits0References5Affected Software1
SUSE CVE
SUSE CVE
added 2026/02/16 12:25 a.m.5 views

SUSE CVE-2026-23194

In the Linux kernel, the following vulnerability has been resolved: rustbinder: correctly handle FDA objects of length zero Fix a bug where an empty FDA fd array object with 0 fds would cause an out-of-bounds error. The previous implementation used skip == 0 to mean "this is a pointer fixup", but...

7.8CVSS5.5AI score0.00112EPSS
Exploits0References3
NVD
NVD
added 2026/02/14 5:15 p.m.10 views

CVE-2026-23194

In the Linux kernel, the following vulnerability has been resolved: rustbinder: correctly handle FDA objects of length zero Fix a bug where an empty FDA fd array object with 0 fds would cause an out-of-bounds error. The previous implementation used skip == 0 to mean "this is a pointer fixup", but...

7.8CVSS0.00112EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/01/14 12:25 a.m.6 views

SUSE CVE-2025-71076

In the Linux kernel, the following vulnerability has been resolved: drm/xe/oa: Limit numsyncs to prevent oversized allocations The OA open parameters did not validate numsyncs, allowing userspace to pass arbitrarily large values, potentially leading to excessive allocations. Add check to ensure...

5.5CVSS6.5AI score0.00121EPSS
Exploits0References10
NVD
NVD
added 2026/01/13 4:16 p.m.8 views

CVE-2025-71076

In the Linux kernel, the following vulnerability has been resolved: drm/xe/oa: Limit numsyncs to prevent oversized allocations The OA open parameters did not validate numsyncs, allowing userspace to pass arbitrarily large values, potentially leading to excessive allocations. Add check to ensure...

5.5CVSS0.00121EPSS
Exploits0References3
OSV
OSV
added 2026/01/13 4:16 p.m.3 views

UBUNTU-CVE-2025-71076

In the Linux kernel, the following vulnerability has been resolved: drm/xe/oa: Limit numsyncs to prevent oversized allocations The OA open parameters did not validate numsyncs, allowing userspace to pass arbitrarily large values, potentially leading to excessive allocations. Add check to ensure...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References12
UbuntuCve
UbuntuCve
added 2026/01/13 4:16 p.m.6 views

CVE-2025-71076

In the Linux kernel, the following vulnerability has been resolved: drm/xe/oa: Limit numsyncs to prevent oversized allocations The OA open parameters did not validate numsyncs, allowing userspace to pass arbitrarily large values, potentially leading to excessive allocations. Add check to ensure...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References11
OSV
OSV
added 2026/01/13 3:31 p.m.3 views

CVE-2025-71076 drm/xe/oa: Limit num_syncs to prevent oversized allocations

In the Linux kernel, the following vulnerability has been resolved: drm/xe/oa: Limit numsyncs to prevent oversized allocations The OA open parameters did not validate numsyncs, allowing userspace to pass arbitrarily large values, potentially leading to excessive allocations. Add check to ensure...

5.5CVSS6.4AI score0.00121EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/01/13 3:31 p.m.24 views

CVE-2025-71076 drm/xe/oa: Limit num_syncs to prevent oversized allocations

In the Linux kernel, the following vulnerability has been resolved: drm/xe/oa: Limit numsyncs to prevent oversized allocations The OA open parameters did not validate numsyncs, allowing userspace to pass arbitrarily large values, potentially leading to excessive allocations. Add check to ensure...

0.00121EPSS
Exploits0References3
CVE
CVE
added 2026/01/13 3:31 p.m.24 views

CVE-2025-71076

Technical details for CVE-2025-71076 are not publicly provided in the supplied documents. Monitor for updates for affected products, versions, exploitability, and remediation specifics.

5.5CVSS6.1AI score0.00121EPSS
Exploits0References3Affected Software1
AstraLinux
AstraLinux
added 2026/01/13 2:1 p.m.5 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Treat the remaining value being equal to 0 as an error in findandmapuserpages. Currently, if findandmapuserpages receives a DMA transfer request from the user with a length field set to 0, or in a rare case, when the...

5.9AI score0.00183EPSS
Exploits0References3
Rows per page
Query Builder