Lucene search
K

2138 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: iouring: Fixed the issue where multishot accept requests could lead to leaks. Setting REQFPOLLED does not guarantee that the request will be executed as a multishot from the polling path. Fortunately, if the code misidentifies...

5.5CVSS6.2AI score0.0014EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iouring/fdinfo: Fixed an issue where OOB reading occurred during the wrap check of SQEMIXED. The function iouringshowfdinfo iterates over pending SQEs. For 128-byte SQEs within an IORINGSETUPSQEMIXED ring, it needs to detect when...

7.1CVSS5.8AI score0.00117EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: iouring/zcrx: fixed error handling after opening. Closing a queue does not guarantee that all associated page pools are terminated immediately. Let the refcounting process handle this task instead of releasing the zcrx ctx...

5.5CVSS5.9AI score0.00112EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: iouring/zcrx: fixed the sgtable leak that occurs during mapping failures. In a rare case where iopopulateareadma fails—which can only occur on a PAGEPOOL32BITARCHWITH64BITDMA machine—iozcrxmaparea will have an initialized but...

5.5CVSS5.7AI score0.00126EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.1 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: iouring: Check whether we need to reschedule during overflow flushing. In terms of normal application usage, this list will always be empty. If an application does cause an overflow, it will have a few entries in this list...

5.5CVSS6.4AI score0.00219EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iouring: Fixed the issue of releasing pinned pages when iouaddrmap fails. Looking at the error path of iouaddrmap, if we fail to pin the pages for any reason, ret will be set to -EINVAL, and the error handler will not properly...

5.5CVSS6.2AI score0.00207EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iouring: A memory leak was fixed when removing provided buffers. When removing provided buffers, the iobuffer structures were not being disposed of properly, resulting in a memory leak. These structures cannot be freed...

5.7AI score0.00162EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: iouring: check for non-NULL file pointer in iofilecanpoll In earlier kernels, it was possible to trigger a NULL pointer dereference off the forced async preparation path, if no file had been assigned. The trace leading to that...

5.5CVSS6.4AI score0.00224EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

iouring uses workFlags to determine which identities need to be retrieved from the calling process, ensuring that they are consistent with the calling process when executing IORINGOP. Some operations lack certain types, which can lead to incorrect reference counts, potentially causing a...

7.8CVSS6.6AI score0.00263EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

There exists a use-after-free vulnerability in the Linux kernel through the iouring mechanism and the IORINGOPSPLICE operation. If the IORINGOPSPLICE operation lacks the IOWQWORKFILES flag, it indicates that the operation will not utilize current-nsproxy. As a result, its reference counter is not...

7.8CVSS6.7AI score0.00407EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.1 views

Astra Linux – Vulnerability in Linux 5.10

A use-after-free flaw was discovered in the Linux kernel’s iouring subsystem. This flaw occurs when a user sets up a ring using IORINGSETUPIOPOLL, with multiple tasks completing submissions within that ring. This flaw allows a local user to crash the system or escalate their privileges on the...

7.8CVSS6.7AI score0.01002EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iouring: Fixed a fget leak when the file system does not support nowait buffered reads. Heming reported a bug when using iouring for link-cp operations on ocfs2. 1 The following steps can reproduce this bug: mount -t ocfs2 /dev/v...

5.5CVSS5.8AI score0.00134EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: iouring/zcrx: fixed the race condition between the scrub and refill paths involving userrefs The iozcrxputniovuref function uses a non-atomic check-then-decrement pattern atomicread followed by an atomicdec to manipulate...

4.7CVSS6AI score0.00088EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2026/05/19 10:44 p.m.44 views

USN-8279-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

9.8CVSS7AI score0.96267EPSS
Exploits230
Amazon
Amazon
added 2026/05/14 12:0 a.m.20 views

Important: kernel6.18

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: audit: add fchmodat2 to change attributes class CVE-2025-71239 In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fix infinite loop in attrloadrunsrange on inconsistent metadata...

9.8CVSS6AI score0.00642EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/13 3:34 a.m.15 views

SUSE CVE-2026-43366

In the Linux kernel, the following vulnerability has been resolved: iouring/kbuf: check if target buffer list is still legacy on recycle There's a gap between when the buffer was grabbed and when it potentially gets recycled, where if the list is empty, someone could've upgraded it to a ring...

7CVSS5.9AI score0.0013EPSS
Exploits0References20
SUSE CVE
SUSE CVE
added 2026/05/13 3:33 a.m.8 views

SUSE CVE-2026-43442

In the Linux kernel, the following vulnerability has been resolved: iouring: fix physical SQE bounds check for SQEMIXED 128-byte ops When IORINGSETUPSQEMIXED is used without IORINGSETUPNOSQARRAY, the boundary check for 128-byte SQE operations in ioinitreq validated the logical SQ head position...

7.1CVSS5.9AI score0.00131EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2026/05/12 8:29 p.m.145 views

Exploit for Use After Free in Linux Linux_Kernel

CVE-2024-0582 An ex...

7.8CVSS6.9AI score0.12836EPSS
Exploits9
SUSE CVE
SUSE CVE
added 2026/05/09 2:41 a.m.11 views

SUSE CVE-2026-43174

In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fix post open error handling Closing a queue doesn't guarantee that all associated page pools are terminated right away, let the refcounting do the work instead of releasing the zcrx ctx directly...

5.8AI score0.00112EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/09 12:20 a.m.19 views

CVE-2026-43442

A flaw was found in the Linux kernel's iouring subsystem. An incorrect bounds check for 128-byte Submission Queue Entry SQE operations, when IORINGSETUPSQEMIXED is used without IORINGSETUPNOSQARRAY, allows an unprivileged local user to remap logical SQE positions to arbitrary physical indices. Th...

7.1CVSS5.9AI score0.00131EPSS
Exploits0References4
Rows per page
Query Builder