CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

40 matches found

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iouring/kbuf: Fixed the signedness in the thislen calculation. When importing and using buffers, buf-len is considered unsigned. However, buf-len is converted to a signed integer during commit operations. This can lead to...

5.5CVSS5.8AI score0.00027EPSS

Exploits0References1

RedhatCVE•added 2026/05/08 8:47 p.m.•3 views

CVE-2026-43366

A flaw was found in the Linux kernel. A vulnerability exists in the iouring/kbuf component related to buffer recycling. There is a time gap where a buffer list, if empty, could be incorrectly upgraded to a ring-provided type. The legacy recycling mechanism fails to properly check the buffer list'...

7.8CVSS6AI score0.00013EPSS

Exploits0References4

EUVD•added 2026/05/08 3:31 p.m.•6 views

EUVD-2026-28672

In the Linux kernel, the following vulnerability has been resolved: iouring/kbuf: check if target buffer list is still legacy on recycle There's a gap between when the buffer was grabbed and when it potentially gets recycled, where if the list is empty, someone could've upgraded it to a ring...

5.9AI score0.00013EPSS

Exploits0References7

UbuntuCve•added 2026/05/08 3:16 p.m.•5 views

CVE-2026-43366

7.8CVSS5.9AI score0.00013EPSS

Exploits0References8

Cvelist•added 2026/05/08 2:21 p.m.•27 views

CVE-2026-43366 io_uring/kbuf: check if target buffer list is still legacy on recycle

7.8CVSS0.00013EPSS

Exploits0References6

ATTACKERKB•added 2026/05/08 2:21 p.m.•3 views

CVE-2026-43366

5.9AI score0.00013EPSS

Exploits0References7Affected Software1

CVE•added 2026/05/08 2:21 p.m.•11 views

CVE-2026-43366

Summary: CVE-2026-43366 affects the Linux kernel’s io_uring/kbuf recycling path. A gap existed between when a buffer was grabbed and when it could be recycled; if the target list is empty, it could be upgraded to a ring-provided type without proper validation. The issue arises from missing checks...

7.8CVSS5.9AI score0.00013EPSS

Exploits0References6Affected Software1

Debian CVE•added 2026/05/08 2:21 p.m.•3 views

CVE-2026-43366

7.8CVSS5.8AI score0.00013EPSS

Exploits0

Tenable Nessus•added 2026/05/08 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2026-43366

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iouring/kbuf: check if target buffer list is still legacy on recycle There's a gap between when the buffer was grabbed and when it potentially gets recycled,...

7.8CVSS5.9AI score0.00013EPSS

Exploits0References3

SUSE Linux•added 2025/12/23 4:28 p.m.•4 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-50253: bpf: make sure skb-len != 0 when redirecting to a tunneling device bsc1249912. CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in...

8.7CVSS8.5AI score0.00097EPSS

Exploits1References326

OSV•added 2025/12/19 5:38 p.m.•3 views

OPENSUSE-SU-2025:20172-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2022-50253: bpf: make sure skb-len != 0 when redirecting to a tunneling device bsc1249912. - CVE-2025-37916: pdscore: remove write-after-free of clientid bsc1243474. -...

7.8CVSS6.8AI score0.00097EPSS

Exploits1References219

Tenable Nessus•added 2025/09/17 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2025-39822

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iouring/kbuf: fix signedness in thislen calculation When importing and using buffers, buf-len is considered unsigned. However, buf-len is converted to signed in...

5.5CVSS6.2AI score0.00027EPSS

Exploits0References4

SUSE CVE•added 2025/09/16 11:23 p.m.•2 views

SUSE CVE-2025-39822

In the Linux kernel, the following vulnerability has been resolved: iouring/kbuf: fix signedness in thislen calculation When importing and using buffers, buf-len is considered unsigned. However, buf-len is converted to signed int when committing. This can lead to unexpected behavior if the buffer...

5.5CVSS6.7AI score0.00027EPSS

Exploits0References10

OSV•added 2025/09/16 1:15 p.m.•4 views

DEBIAN-CVE-2025-39822

5.5CVSS5.5AI score0.00027EPSS

Exploits0References1

NVD•added 2025/09/16 1:15 p.m.•3 views

CVE-2025-39822

5.5CVSS0.00027EPSS

Exploits0References2

NVD•added 2025/09/16 1:15 p.m.•3 views

CVE-2025-39816

In the Linux kernel, the following vulnerability has been resolved: iouring/kbuf: always use READONCE to read ring provided buffer lengths Since the buffers are mapped from userspace, it is prudent to use READONCE to read the value into a local variable, and use that for any other actions taken...

5.5CVSS0.00022EPSS

Exploits0References4

OSV•added 2025/09/16 1:15 p.m.•1 views

UBUNTU-CVE-2025-39822

5.5CVSS5.8AI score0.00027EPSS

Exploits0References5

OSV•added 2025/09/16 1:15 p.m.•0 views

UBUNTU-CVE-2025-39816

5.5CVSS5.8AI score0.00022EPSS

Exploits0References5

OSV•added 2025/09/16 1:0 p.m.•2 views

CVE-2025-39822 io_uring/kbuf: fix signedness in this_len calculation