Lucene search
K

32 matches found

OSV
OSV
added 2026/06/25 9:16 a.m.3 views

UBUNTU-CVE-2026-53210

In the Linux kernel, the following vulnerability has been resolved: tee: shm: fix shm leak in registershmhelper registershmhelper allocates shm before calling ioviternpages. If ioviternpages returns 0, the function jumps to errctxput and leaks shm. This can be triggered by TEEIOCSHMREGISTER with...

6.8CVSS5.7AI score0.00127EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/25 8:39 a.m.4 views

EUVD-2026-39301

In the Linux kernel, the following vulnerability has been resolved: tee: shm: fix shm leak in registershmhelper registershmhelper allocates shm before calling ioviternpages. If ioviternpages returns 0, the function jumps to errctxput and leaks shm. This can be triggered by TEEIOCSHMREGISTER with...

5.7AI score0.00127EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/25 8:39 a.m.6 views

CVE-2026-53210

In the Linux kernel, the following vulnerability has been resolved: tee: shm: fix shm leak in registershmhelper registershmhelper allocates shm before calling ioviternpages. If ioviternpages returns 0, the function jumps to errctxput and leaks shm. This can be triggered by TEEIOCSHMREGISTER with...

5.7AI score0.00127EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/06/08 3:46 p.m.61 views

CVE-2026-46289

In the Linux kernel, CVE-2026-46289 concerns bugs in lib/scatterlist during extract_kvec_to_sg when transferring data from a kvec to a sglist. The main issues: (1) the computed length for a sglist entry can exceed the page size, causing overread; (2) while extracting a user buffer, the sglist can...

9.8CVSS5.4AI score0.00457EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.16 views

PT-2026-47361

Name of the Vulnerable Software and Affected Versions Linux kernel versions 6.3 through 6.5 Description Issues exist in the extract kvec to sg function within the scatterlist library. When extracting from a kvec to a scatterlist, the length for an sglist entry can exceed the number of bytes in th...

9.8CVSS5.5AI score0.00457EPSS
Exploits0
NVD
NVD
added 2026/05/28 10:16 a.m.16 views

CVE-2026-46207

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix empty payload in tap skb for non-linear buffers For non-linear skbs, virtiotransportbuildskb goes through virtiotransportcopynonlinearskb to copy the original payload in the new skb to be delivered to the vsockm...

5.5CVSS0.00127EPSS
Exploits0References4
OSV
OSV
added 2026/05/28 10:16 a.m.15 views

UBUNTU-CVE-2026-46115

In the Linux kernel, the following vulnerability has been resolved: block: add pgmap check to biovecphysmergeable biovecphysmergeable is used by the request merge, DMA mapping, and integrity merge paths to decide if two physically contiguous bvec segments can be coalesced into one. It currently h...

9.8CVSS5.7AI score0.00491EPSS
Exploits0References21
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: lib/Kconfig.debug: TESTIOVITER depends on MMU. Attempting to run the ioviter unit test on a nommu system, such as the qemu kc705-nommu emulation, results in a crash. KTAP version 1 Subtest: ioviter Module: kunitioviter 1..9 BUG:...

5.5CVSS5.4AI score0.00246EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/05/19 9:4 a.m.19 views

kernel: bpf: fix ktls panic with sockmap

In the Linux kernel, the following vulnerability has been resolved: bpf: fix ktls panic with sockmap 2172.936997 ------------ cut here ------------ 2172.936999 kernel BUG at lib/ioviter.c:629! ...... 2172.944996 PKRU: 55555554 2172.945155 Call Trace: 2172.945299 2172.945428 ? die+0x36/0x90...

5.5CVSS6.2AI score0.00147EPSS
Exploits0References5
CVE
CVE
added 2026/05/08 2:21 p.m.21 views

CVE-2026-43362

CVE-2026-43362 affects the Linux kernel SMB client by an in-place encryption flaw in SMB2_write(), where the write payload could be replaced with ciphertext during retries on unstable connections. The root cause is that smb3_init_transform_rq() shares rq_iov, causing crypt_message() to in-place-e...

8.1CVSS5.8AI score0.00217EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2025/10/28 12:15 p.m.6 views

CVE-2025-40031

In the Linux kernel, the following vulnerability has been resolved: tee: fix registershmhelper In registershmhelper, fix incorrect error handling for a call to ioviterextractpages. A case is missing for when ioviterextractpages only got some pages and return a number larger than 0, but not the...

0.00194EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/28 11:48 a.m.6 views

EUVD-2025-36497

In the Linux kernel, the following vulnerability has been resolved: tee: fix registershmhelper In registershmhelper, fix incorrect error handling for a call to ioviterextractpages. A case is missing for when ioviterextractpages only got some pages and return a number larger than 0, but not the...

6AI score0.00194EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2025/09/11 11:24 p.m.11 views

SUSE CVE-2025-39758

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix the sendmsg byte count in siwtcpsendpages Ever since commit c2ff29e99a76 "siw: Inline dotcpsendpages", we have been doing this: static int siwtcpsendpagesstruct socket s, struct page page, int offset, sizet size ......

5.5CVSS6.5AI score0.00145EPSS
Exploits0References21
OSV
OSV
added 2025/09/11 5:15 p.m.1 views

DEBIAN-CVE-2025-39758

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix the sendmsg byte count in siwtcpsendpages Ever since commit c2ff29e99a76 "siw: Inline dotcpsendpages", we have been doing this: static int siwtcpsendpagesstruct socket s, struct page page, int offset, sizet size ......

5.5CVSS5.4AI score0.00145EPSS
Exploits0References1
CVE
CVE
added 2025/09/11 4:52 p.m.29 views

CVE-2025-39758

CVE-2025-39758: In Linux kernel RDMA/siw, a bug caused sending oversized iov_iters and tcp_sendmsg calls after siw_tcp_sendpages, due to miscomputed per-page bytes and overall size. Root cause was the way iov_iter byte counts and the size passed to tcp_sendmsg_locked were set, leading to out-of-b...

5.5CVSS6.2AI score0.00145EPSS
Exploits0References5Affected Software1
SUSE CVE
SUSE CVE
added 2025/07/04 2:37 p.m.11 views

SUSE CVE-2025-38166

In the Linux kernel, the following vulnerability has been resolved: bpf: fix ktls panic with sockmap 2172.936997 ------------ cut here ------------ 2172.936999 kernel BUG at lib/ioviter.c:629! ...... 2172.944996 PKRU: 55555554 2172.945155 Call Trace: 2172.945299 2172.945428 ? die+0x36/0x90...

6.6CVSS7.8AI score0.00147EPSS
Exploits0References17
OSV
OSV
added 2025/07/03 9:15 a.m.7 views

AZL-72760 CVE-2025-38166 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: bpf: fix ktls panic with sockmap 2172.936997 ------------ cut here ------------ 2172.936999 kernel BUG at lib/ioviter.c:629! ...... 2172.944996 PKRU: 55555554 2172.945155 Call Trace: 2172.945299 2172.945428 ? die+0x36/0x90...

5.5CVSS6.2AI score0.00147EPSS
Exploits0References1
OSV
OSV
added 2025/07/03 9:15 a.m.6 views

DEBIAN-CVE-2025-38166

In the Linux kernel, the following vulnerability has been resolved: bpf: fix ktls panic with sockmap 2172.936997 ------------ cut here ------------ 2172.936999 kernel BUG at lib/ioviter.c:629! ...... 2172.944996 PKRU: 55555554 2172.945155 Call Trace: 2172.945299 2172.945428 ? die+0x36/0x90...

5.5CVSS5.5AI score0.00147EPSS
Exploits0References1
OSV
OSV
added 2025/07/03 9:15 a.m.5 views

UBUNTU-CVE-2025-38139

In the Linux kernel, the following vulnerability has been resolved: netfs: Fix oops in write-retry from mis-resetting the subreq iterator Fix the resetting of the subrequest iterator in netfsretrywritestream to use the iterator-reset function as the iterator may have been shortened by a previous...

7.1CVSS6.5AI score0.00158EPSS
Exploits0References12
BDU FSTEC
BDU FSTEC
added 2025/06/19 12:0 a.m.20 views

The vulnerability of the copy_page_from_iter_atomic() function in the lib/iov_iter.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the copypagefromiteratomic function in the lib/ioviter.c module of the Linux kernel is related to dependencies that are undefined for each implementation type. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibilit...

7.8CVSS7.2AI score0.00242EPSS
Exploits0References12Affected Software4
Rows per page
Query Builder