Lucene search
+L

242 matches found

astralinux
astralinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ksmbd: The hardcoded hdr2len parameter was replaced with the offsetof function in smb2calcmaxoutbuflen. After this commit e2b76ab8b5c9 "ksmbd: add support for read compound", the management of response buffers was changed to use ...

9.8CVSS5.2AI score0.00502EPSS
Exploits0References1
redhat
redhat
added 2026/05/19 1:31 p.m.16 views

kernel: bpf: fix ktls panic with sockmap

In the Linux kernel, the following vulnerability has been resolved: bpf: fix ktls panic with sockmap 2172.936997 ------------ cut here ------------ 2172.936999 kernel BUG at lib/ioviter.c:629! ...... 2172.944996 PKRU: 55555554 2172.945155 Call Trace: 2172.945299 2172.945428 ? die+0x36/0x90...

5.5CVSS6.2AI score0.00147EPSS
Exploits0References5
redhat
redhat
added 2026/05/19 9:4 a.m.20 views

kernel: bpf: fix ktls panic with sockmap

In the Linux kernel, the following vulnerability has been resolved: bpf: fix ktls panic with sockmap 2172.936997 ------------ cut here ------------ 2172.936999 kernel BUG at lib/ioviter.c:629! ...... 2172.944996 PKRU: 55555554 2172.945155 Call Trace: 2172.945299 2172.945428 ? die+0x36/0x90...

5.5CVSS6.2AI score0.00147EPSS
Exploits0References5
nvd
nvd
added 2026/05/08 3:16 p.m.8 views

CVE-2026-43362

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix in-place encryption corruption in SMB2write SMB2write places write payload in iov1..n as part of rqiov. smb3inittransformrq pointer-shares rqiov, so cryptmessage encrypts iov1 in-place, replacing the original...

8.1CVSS0.00217EPSS
Exploits0References5
cve
cve
added 2026/05/08 2:21 p.m.24 views

CVE-2026-43362

CVE-2026-43362 affects the Linux kernel SMB client by an in-place encryption flaw in SMB2_write(), where the write payload could be replaced with ciphertext during retries on unstable connections. The root cause is that smb3_init_transform_rq() shares rq_iov, causing crypt_message() to in-place-e...

8.1CVSS5.8AI score0.00217EPSS
Exploits0References5Affected Software1
susecve
susecve
added 2026/04/23 1:25 a.m.9 views

SUSE CVE-2026-31478

In the Linux kernel, the following vulnerability has been resolved: ksmbd: replace hardcoded hdr2len with offsetof in smb2calcmaxoutbuflen After this commit e2b76ab8b5c9 "ksmbd: add support for read compound", response buffer management was changed to use dynamic iov array. In the new design,...

9.8CVSS5.8AI score0.00502EPSS
Exploits0References4
euvd
euvd
added 2026/04/22 3:31 p.m.8 views

EUVD-2026-24835

In the Linux kernel, the following vulnerability has been resolved: ksmbd: replace hardcoded hdr2len with offsetof in smb2calcmaxoutbuflen After this commit e2b76ab8b5c9 "ksmbd: add support for read compound", response buffer management was changed to use dynamic iov array. In the new design,...

5.8AI score0.00502EPSS
Exploits0References8
nvd
nvd
added 2026/04/22 2:16 p.m.6 views

CVE-2026-31478

In the Linux kernel, the following vulnerability has been resolved: ksmbd: replace hardcoded hdr2len with offsetof in smb2calcmaxoutbuflen After this commit e2b76ab8b5c9 "ksmbd: add support for read compound", response buffer management was changed to use dynamic iov array. In the new design,...

9.8CVSS0.00502EPSS
Exploits0References7
nvd
nvd
added 2026/02/14 5:15 p.m.8 views

CVE-2025-71220

In the Linux kernel, the following vulnerability has been resolved: smb/server: call ksmbdsessionrpcclose on error path in createsmb2pipe When ksmbdiovpinrsp fails, we should call ksmbdsessionrpcclose...

7.8CVSS0.0013EPSS
Exploits0References6
ubuntucve
ubuntucve
added 2026/02/14 5:15 p.m.6 views

CVE-2025-71220

In the Linux kernel, the following vulnerability has been resolved: smb/server: call ksmbdsessionrpcclose on error path in createsmb2pipe When ksmbdiovpinrsp fails, we should call ksmbdsessionrpcclose...

7.8CVSS5.7AI score0.0013EPSS
Exploits0References22
osv
osv
added 2026/02/14 5:15 p.m.6 views

UBUNTU-CVE-2025-71220

In the Linux kernel, the following vulnerability has been resolved: smb/server: call ksmbdsessionrpcclose on error path in createsmb2pipe When ksmbdiovpinrsp fails, we should call ksmbdsessionrpcclose...

7.8CVSS5.7AI score0.0013EPSS
Exploits0References23
redhat
redhat
added 2026/02/10 2:6 a.m.8 views

kernel: nvme-tcp: fix NULL pointer dereferences in nvmet_tcp_build_pdu_iovec

In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix NULL pointer dereferences in nvmettcpbuildpduiovec Commit efa56305908b "nvmet-tcp: Fix a kernel panic when host sends an invalid H2C PDU length" added ttag bounds checking and dataoffset validation in...

7.5CVSS5.7AI score0.0071EPSS
Exploits0References5
nvd
nvd
added 2026/01/25 3:15 p.m.10 views

CVE-2026-22998

In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix NULL pointer dereferences in nvmettcpbuildpduiovec Commit efa56305908b "nvmet-tcp: Fix a kernel panic when host sends an invalid H2C PDU length" added ttag bounds checking and dataoffset validation in...

7.5CVSS0.0071EPSS
Exploits0References7
nessus
nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000613)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000613 advisory. The biomapuseriov and biounmapuser functions in block/bio.c in the Linux kernel before 4.13.8 do unbalanced refcounting when a SCSI I/O vector has small consecutive...

6.5CVSS7AI score0.00531EPSS
Exploits0References23
nessus
nessus
added 2026/01/15 12:0 a.m.4 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002338)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002338 advisory. The fusefillwritepages function in fs/fuse/file.c in the Linux kernel before 4.4 allows local users to cause a denial of service infinite loop via a writev system ca...

6.2CVSS6.5AI score0.00569EPSS
Exploits0References17
susecve
susecve
added 2025/12/31 12:26 a.m.3 views

SUSE CVE-2023-54315

In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv/sriov: perform null check on iov before dereferencing iov Currently pointer iov is being dereferenced before the null check of iov which can lead to null pointer dereference errors. Fix this by moving the iov null...

5.5CVSS6.5AI score0.00161EPSS
Exploits0References21
osv
osv
added 2025/12/30 1:16 p.m.7 views

UBUNTU-CVE-2023-54315

In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv/sriov: perform null check on iov before dereferencing iov Currently pointer iov is being dereferenced before the null check of iov which can lead to null pointer dereference errors. Fix this by moving the iov null...

5.8AI score0.00161EPSS
Exploits0References9
osv
osv
added 2025/12/30 12:23 p.m.4 views

CVE-2023-54315 powerpc/powernv/sriov: perform null check on iov before dereferencing iov

In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv/sriov: perform null check on iov before dereferencing iov Currently pointer iov is being dereferenced before the null check of iov which can lead to null pointer dereference errors. Fix this by moving the iov null...

6.3AI score0.00161EPSS
Exploits0References9
cvelist
cvelist
added 2025/12/24 12:23 p.m.25 views

CVE-2023-54070 igb: clean up in all error paths when enabling SR-IOV

In the Linux kernel, the following vulnerability has been resolved: igb: clean up in all error paths when enabling SR-IOV After commit 50f303496d92 "igb: Enable SR-IOV after reinit", removing the igb module could hang or crash depending on the machine when the module has been loaded with the maxv...

0.00155EPSS
Exploits0References2
osv
osv
added 2025/12/04 3:15 p.m.2 views

DEBIAN-CVE-2025-40219

In the Linux kernel, the following vulnerability has been resolved: PCI/IOV: Fix race between SR-IOV enable/disable and hotplug Commit 05703271c3cd "PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV" tried to fix a race between the VF removal inside sriovdelvfs and concurrent...

5.1AI score0.00194EPSS
Exploits0References1
Rows per page
Query Builder