Lucene search
K

1023 matches found

The Hacker News
The Hacker News
added 2026/07/06 5:37 p.m.9 views

16-Year-Old Linux KVM Flaw Lets Guest VMs Escape to Host on Intel and AMD x86 Systems

A use-after-free bug in Linux's KVM hypervisor can be triggered from a guest virtual machine to corrupt the shadow-page state of the host kernel that runs it. Dubbed 'Januscape' and tracked as CVE-2026-53359, the flaw sits in the shadow MMU code that KVM shares across both Intel and AMD. The publ...

5.9AI score0.00176EPSS
Exploits3
Debian CVE
Debian CVE
added 2026/07/01 1:32 p.m.7 views

CVE-2026-53343

In the Linux kernel, the following vulnerability has been resolved: ARM: 9475/1: entry: use byte load for KASAN VMAP stack shadow Commit 44e9a3bb76e5 "ARM: 9430/1: entry: Do a dummy read from VMAP shadow" added a dummy read from the KASAN VMAP stack shadow in switchto. The read uses ldr, but the...

5.8AI score0.00161EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/07/01 1:32 p.m.6 views

CVE-2026-53337

In the Linux kernel, the following vulnerability has been resolved: net: bonding: fix NULL pointer dereference in bonddoioctl In bonddoioctl, slavedev is obtained via devgetbyname which can return NULL if the requested interface name does not exist. However, the subsequent slavedbg call is placed...

5.7AI score0.00164EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/07/01 9:15 a.m.8 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.16.65 bug fix and security update

Red Hat OpenShift Container Platform release 4.16.65 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.16. Red Hat Product Security has rated this update as having a...

7.8CVSS6.4AI score0.00321EPSS
Exploits11References2
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-53163

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - locking/rtmutex: Skip removewaiter when waiter is not enqueued syzbot triggered the following splat in removewaiter via FUTEXCMPREQUEUEPI: KASAN: null-ptr-deref...

5.5CVSS6AI score0.00128EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-53292

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: phonet: do not BUGON in pnsocketautobind on failed bind syzbot reported a kernel BUG triggered from pnsocketsendmsg via pnsocketautobind: kernel BUG at...

5.5CVSS6AI score0.00107EPSS
Exploits0References3
OSV
OSV
added 2026/06/26 8:17 p.m.5 views

UBUNTU-CVE-2026-53292

In the Linux kernel, the following vulnerability has been resolved: net: phonet: do not BUGON in pnsocketautobind on failed bind syzbot reported a kernel BUG triggered from pnsocketsendmsg via pnsocketautobind: kernel BUG at net/phonet/socket.c:213! RIP: 0010:pnsocketautobind...

5.5CVSS5.7AI score0.00107EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/25 8:39 a.m.7 views

EUVD-2026-39223

In the Linux kernel, the following vulnerability has been resolved: erofs: fix use-after-free on sbi-syncdecompress zerofsdecompresskickoff can race with filesystem unmount, causing a use-after-free on sbi-syncdecompress. When I/O completes, zerofsendio calls zerofsdecompresskickoff to queue...

5.7AI score0.00125EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/25 8:39 a.m.6 views

CVE-2026-53267

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: bail out on template ct in get eval I noticed this issue while looking at a historic syzbot report 1. A rule like the one below is enough to trigger the bug: table ip t chain pre type filter hook prerouting...

5.7AI score0.00128EPSS
Exploits0References6Affected Software1
EUVD
EUVD
added 2026/06/25 8:39 a.m.6 views

EUVD-2026-39210

In the Linux kernel, the following vulnerability has been resolved: ipv6: anycast: insert aca into global hash under idev-lock syzbot reported a splat 1: a slab-use-after-free in ipv6chkacastaddr, which walks the global inet6acaddrlst hash under RCU and dereferences a struct ifacaddr6 that has...

5.7AI score0.00123EPSS
Exploits0References3
CVE
CVE
added 2026/06/25 8:39 a.m.36 views

CVE-2026-53243

CVE-2026-53243 affects the Linux kernel component related to RSEQ (rseq_exit_user_update). The issue is an uninitialized stack variable used in the initialization of the struct rseq_ids, where ids.node_id is derived from ids.cpu_id before it is initialized, enabling potential information leakage....

5.5CVSS5.7AI score0.00112EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/25 8:38 a.m.15 views

CVE-2026-53135

The CVE-2026-53135 issue affects the Linux kernel’s DRM AMD display path, specifically SDP debugfs writes. Root cause: dp_sdp_message_debugfs_write() dereferenced connector->base.state->crtc without NULL checks, potentially crashing when a connected-but-unbound connector exists (e.g., after...

5.5CVSS5.9AI score0.00122EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2026/06/25 12:33 a.m.37 views

CVE-2026-57589

sys/kern/sysvsem.c in OpenBSD through 7.9 has a use-after-free allowing local privilege escalation to root. This is a context switch use-after-free after tsleep in syssemget...

7.4CVSS0.00116EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-53041

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ocfs2: fix listxattr handling when the buffer is full BUG If an OCFS2 inode has both inline and block- based xattrs, listxattr can return a size larger than the...

7.1CVSS6.2AI score0.00126EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-52954

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libceph: handle rbtree insertion error in decodechooseargs A message of type CEPHMSGOSDMAP contains an OSD map that itself contains a CRUSH map. The received...

7.5CVSS6AI score0.0053EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/24 6:32 p.m.4 views

EUVD-2026-38821

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix oops due to out of scope access Below oops triggers when kill QEMU process: Oops: general protection fault, probably for non-canonical address 0x7fffffff844eaaa7: 0000 1 SMP NOPTI Call Trace: dorawspinlock+0xaa/0x...

5.7AI score0.00133EPSS
Exploits0References4
NVD
NVD
added 2026/06/24 5:17 p.m.6 views

CVE-2026-53039

In the Linux kernel, the following vulnerability has been resolved: ocfs2: validate group add input before caching BUG OCFS2IOCGROUPADD can trigger a BUGON in ocfs2setnewbufferuptodate: kernel BUG at fs/ocfs2/uptodate.c:509! Oops: invalid opcode: 0000 1 SMP KASAN NOPTI RIP:...

0.00176EPSS
Exploits0References8
NVD
NVD
added 2026/06/24 5:17 p.m.7 views

CVE-2026-53018

In the Linux kernel, the following vulnerability has been resolved: f2fs: avoid reading already updated pages during GC We found the following issue during fuzz testing: page: refcount:3 mapcount:0 mapping:00000000b6e89c65 index:0x18b2dc pfn:0x161ba9 memcg:f8ffff800e269c00 aops:f2fsmetaaops ino:2...

0.00166EPSS
Exploits0References3
CVE
CVE
added 2026/06/24 4:30 p.m.6 views

CVE-2026-53078

The CVE-2026-53078 issue is a Linux kernel BPF sock_ops vulnerability. When a BPF sock_ops program accesses ctx fields with the same destination and source registers (dst_reg == src_reg), SOCK_OPS_GET_SK() and SOCK_OPS_GET_FIELD() failed to zero the destination register in the !fullsock/!locked_t...

7.8CVSS5.7AI score0.00112EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.2 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ext4: Refresh the inline data size before write operations The cached ei-iInlineSize can become stale between the initial size check and when ext4updateInlineData/ext4createInlineData use it. Although ext4getmaxInlineSize reads t...

5.9AI score0.0018EPSS
Exploits0References3
Rows per page
Query Builder