Lucene search
K

16780 matches found

Cvelist
Cvelist
added 2026/06/25 8:39 a.m.26 views

CVE-2026-53205 accel/ivpu: Add bounds checks for firmware log indices

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Add bounds checks for firmware log indices Add validation that read and write indices in the firmware log buffer are within valid bounds datasize before using them. If out-of-bounds indices are encountered from...

7.1CVSS0.00131EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/25 8:38 a.m.4 views

EUVD-2026-39264

In the Linux kernel, the following vulnerability has been resolved: accel/ethosu: fix OOB write in ethosugemcmdstreamcopyandvalidate The command stream parsing loop increments the index variable a second time when a 64-bit command word is encountered bit 14 set, but does not re-check the loop bou...

5.9AI score0.00129EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/25 8:38 a.m.26 views

CVE-2026-53173 accel/ethosu: fix OOB write in ethosu_gem_cmdstream_copy_and_validate()

In the Linux kernel, the following vulnerability has been resolved: accel/ethosu: fix OOB write in ethosugemcmdstreamcopyandvalidate The command stream parsing loop increments the index variable a second time when a 64-bit command word is encountered bit 14 set, but does not re-check the loop bou...

7.8CVSS0.00129EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/25 8:38 a.m.3 views

EUVD-2026-39260

In the Linux kernel, the following vulnerability has been resolved: accel/ethosu: reject NPUOPRESIZE commands from userspace NPUOPRESIZE is a U85-only command that the driver does not yet implement. The existing WARNON1 placeholder fires unconditionally whenever userspace submits this command via...

5.8AI score0.00155EPSS
Exploits0References2
CVE
CVE
added 2026/06/25 8:38 a.m.8 views

CVE-2026-53169

The CVE affects the Linux kernel driver path accel/ethosu and specifically rejects NPU_OP_RESIZE commands from userspace. The root cause is a placeholder WARN_ON(1) that fires for DRM_IOCTL_ETHOSU_GEM_CREATE, allowing unbounded kernel log spam and, if panic_on_warn is set, a potential denial-of-s...

5.8AI score0.00155EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/25 8:38 a.m.4 views

EUVD-2026-39259

In the Linux kernel, the following vulnerability has been resolved: fuse: reject fusenotify pagecache ops on directories The operations FUSENOTIFYSTORE and FUSENOTIFYRETRIEVE allow the FUSE daemon to actively write/read pagecache contents. For directories with FOPENCACHEDIR, the pagecache is used...

5.8AI score0.00176EPSS
Exploits0References8
CVE
CVE
added 2026/06/25 8:38 a.m.13 views

CVE-2026-53168

In CVE-2026-53168, the Linux kernel vulnerability concerns FUSE pagecache operations. Specifically, the FUSE_NOTIFY_STORE and FUSE_NOTIFY_RETRIEVE handlers could allow a FUSE daemon to access pagecache contents for directories using FOPEN_CACHE_DIR. The issue is mitigated by rejecting these opera...

5.8AI score0.00176EPSS
Exploits0References8
OSV
OSV
added 2026/06/25 7:40 a.m.10 views

BIT-PYTHON-MIN-2026-9669 bz2.BZ2Decompressor reuse after error can cause a stack buffer overflow

bz2.BZ2Decompressor objects could be reused after a decompression error. If an application caught the resulting OSError and retried with the same decompressor, crafted input could cause the decompressor to resume from an invalid internal state and perform out-of-bounds writes to a stack buffer...

8.2CVSS5.4AI score0.00376EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2026/06/25 12:7 a.m.7 views

net/url: Incorrect parsing of IPv6 host literals in net/url

The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...

7.5CVSS5.8AI score0.00728EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-53039

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ocfs2: validate group add input before caching BUG OCFS2IOCGROUPADD can trigger a BUGON in ocfs2setnewbufferuptodate: kernel BUG at fs/ocfs2/uptodate.c:509! Oop...

6AI score0.00176EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.8 views

PT-2026-52448

Name of the Vulnerable Software and Affected Versions Nokogiri versions prior to 1.19.4 Description In the CRuby libxml2 implementation, calling the Documentencoding= method with an invalid encoding, such as a non-string or a string containing a null byte, triggers an exception. This process occu...

8.2CVSS5.8AI score0.00331EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fixed potential overflow of PCM transfer buffer The PCM stream data in the USB-audio driver is transferred via USB URB packet buffers, and the size of each packet is determined dynamically. The packet sizes are...

6AI score0.00214EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.11 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: drm/xe/oa: Limit numsyncs to prevent oversized allocations. The OA open parameters did not validate numsyncs, allowing userspace to pass arbitrarily large values, potentially leading to excessive allocations. A check was added to...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: irqchip/mchp-eic: The error code in mchpeicdomainalloc has been fixed. If irqdomaintranslatetwocell sets “hwirq” to = MCHPEICNIRQ 2, it may lead to an out-of-bounds access. The code checks for invalid values, but does not set the...

6.1AI score0.00161EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: Tracing: The WARNON message in tracingbuffersmmapclose has been fixed for split VMA instances. When a VMA is split e.g., through partial munmap or MAPFIXED, the kernel calls vmops-close on each portion of the VMA. For trace buffe...

6AI score0.00169EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: crypto: iaa – Fixed an out-of-bounds index issue in findemptyiaacompressionmode. The local variable ‘i’ is initialized with -EINVAL, but the for loop immediately overwrites it, and -EINVAL is never returned. If no empty...

7.1CVSS5.7AI score0.00117EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: bpf: Fixed an invalid prog-stats access when updateeffectiveprogs fails. The issue occurs due to a fault-injected code sequence in updateeffectiveprogs. The problem can be described as follows: c cgroupbpfdetach...

5.9AI score0.00189EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fixed a reference count leak when an invalid session is found during session lookup. When a session is found, but its state is not SMB2SESSIONVALID, it indicates that no valid session was found. However, the reference coun...

5.5CVSS5.8AI score0.00118EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: drm/buddy: This issue is prevented by validating the rounded allocation size. When DRMBUDDYCONTIGUOUSALLOCATION is set, the requested size is rounded up to the next power of two using rounduppowoftwo. Similarly, for non-contiguou...

5.5CVSS5.7AI score0.00127EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.2 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: This issue prevents infinite loops that occur when the next valid value is the same. When processing the valid field within the range valid : pos, if the valid value cannot be retrieved correctly—for example, if the...

5.5CVSS5.7AI score0.00156EPSS
Exploits0References2
Rows per page
Query Builder