Lucene search
K

731 matches found

RedHat Linux
RedHat Linux
added 4 days ago4 views

kernel: smb/client: fix out-of-bounds read in smb2_compound_op()

A flaw was found in the Linux kernel's Server Message Block SMB client. A remote attacker, acting as a malicious SMB server, could send a specially crafted, truncated response with an oversized buffer length. This could lead to an out-of-bounds read in the smb2compoundop function, allowing the...

9.1CVSS7.3AI score0.00478EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: KEYS: Trusted – Fixed a memory leak in tpm2loadcmd. tpm2loadcmd allocates a temporary blob indirectly through tpm2keydecode, but the blob is not freed during failure paths. This issue can be addressed by wrapping the blob with a...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: CGX: fix bitmap leaks The RX/TX flow-control bitmaps rxfcpfvfbmap and txfcpfvfbmap are allocated by cgxlmacinit, but never freed in cgxlmacexit. Unbinding and rebinding the driver therefore triggers a kmemleak:...

5.5CVSS5.7AI score0.00128EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd: Fixed a memory leak in wbrfrecord. The tmp buffer is allocated using kcalloc, but it is not freed if acpievaluatedsm fails. This causes a memory leak in the error path. This issue has been fixed by explicitly...

5.5CVSS5.9AI score0.00121EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: pmdomain: arm: scmi: Fixed the issue of a memory leak caused by the persistence of genpd data during provider registration failures. If the ofgenpdaddprovideronecell function fails during the probe phase, the previously created...

5.7AI score0.00177EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: fbdev: omapfb: lcdmipid: Fixed an error handling path in mipidspiprobe. If ‘mipiddetect’ fails, we must free ‘md’ to avoid a memory leak...

5.5CVSS5.9AI score0.00189EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/03 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2026-46155

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smb/client: fix out-of-bounds read in smb2compoundop If a server sends a truncated response but a large OutputBufferLength, and terminates the EA list early,...

9.1CVSS7.2AI score0.00478EPSS
Exploits0References3
OSV
OSV
added 2026/06/02 5:12 p.m.21 views

USN-8373-1 linux, linux-aws, linux-aws-6.8, linux-aws-fips, linux-azure, linux-fips, linux-gcp, linux-gcp-6.8, linux-gcp-fips, linux-gke, linux-gkeop, linux-hwe-6.8, linux-ibm, linux-ibm-6.8, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-nvidia-tegra, linux-oracle, linux-oracle-6.8, linux-raspi, linux-raspi-realtime, linux-realtime, linux-realtime-6.8 vulnerabilities

It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...

8.8CVSS6.3AI score0.93235EPSS
Exploits57References22
EUVD
EUVD
added 2026/06/02 3:25 p.m.13 views

EUVD-2026-33956

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, the Java TLS ioctl probe reads user-controlled ioctl pointers with bpfproberead instead of bpfprobereaduser. An instrumented local process can therefore point OBI at kerne...

3.8CVSS5.7AI score0.00174EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/05/28 6:11 p.m.13 views

CVE-2026-46155

A flaw was found in the Linux kernel's Server Message Block SMB client. A remote attacker, acting as a malicious SMB server, could send a specially crafted, truncated response with an oversized buffer length. This could lead to an out-of-bounds read in the smb2compoundop function, allowing the...

9.1CVSS5.9AI score0.00478EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/05/28 4:1 a.m.35 views

SUSE CVE-2025-71312

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: fix ntfsmountoptions leak in ntfsfillsuper In ntfsfillsuper, the fc-fsprivate pointer is set to NULL without first freeing the memory it points to. This causes the subsequent call to ntfsfsfree to skip freeing the...

5.5CVSS5.8AI score0.00137EPSS
Exploits0References3
OSV
OSV
added 2026/05/27 2:17 p.m.12 views

UBUNTU-CVE-2026-45939

In the Linux kernel, the following vulnerability has been resolved: gpib: Fix memory leak in niusbinit In niusbinit, if niusbsetupinit fails, the function returns -EFAULT without freeing the allocated writes buffer, leading to a memory leak. Additionally, niusbsetupinit returns 0 on failure, whic...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/27 12:18 p.m.42 views

CVE-2026-45947 drm/amdgpu: Fix memory leak in amdgpu_acpi_enumerate_xcc()

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix memory leak in amdgpuacpienumeratexcc In amdgpuacpienumeratexcc, if amdgpuacpidevinit returns -ENOMEM, the function returns directly without releasing the allocated xccinfo, resulting in a memory leak. Fix this by...

0.00162EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/27 12:15 p.m.40 views

CVE-2026-45856 RDMA/uverbs: Validate wqe_size before using it in ib_uverbs_post_send

In the Linux kernel, the following vulnerability has been resolved: RDMA/uverbs: Validate wqesize before using it in ibuverbspostsend ibuverbspostsend uses cmd.wqesize from userspace without any validation before passing it to kmalloc and using the allocated buffer as struct ibuverbssendwr. If a...

7.1CVSS0.00164EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-45994

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ibmasm: fix OOB reads in commandfilewrite due to missing size checks The commandfilewrite handler allocates a kernel buffer of exactly count bytes and copies us...

7.1CVSS6.2AI score0.00139EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/cma: Fixed a kmemleak in rdmacore that was observed during the blktests nvme/rdma tests with siw. When running the blktests nvme/rdma tests, the following kmemleak issue will appear: - kmemleak: The kernel memory leak...

5.5CVSS5.8AI score0.00225EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Limit packet length to skb-len The packet length retrieved from skb data may be larger than the actual socket buffer length up to 9026 bytes. In such cases, the cloned skb passed through the network stack may...

5.5CVSS6.2AI score0.00156EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: r6040: Fixed the kmemleak in the probe process and removed it. There is a memory leak reported by kmemleak: - Unreferenced object 0xffff888116111000 size 2048: comm “modprobe”, pid 817, jiffies 4294759745 age 76.502s Hex dump...

5.5CVSS6AI score0.00196EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: brcmfmac: pcie: Firmware is released in the brcmfmacpciesetup error path. This prevents memory leaks if the brcmfchipgetraminfo function fails. Note that the CLM blob is released in the device removal path...

5.5CVSS6.1AI score0.00253EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fixed a memory leak in kvmpchpicdestroy. In kvmioctlcreatedevice, kvmdevice allocates memory. kvmdevice-destroy seems to be supposed to free the kvmdevice structure it manages, but kvmpchpicdestroy does not do thi...

5.9AI score0.00194EPSS
Exploits0References2
Rows per page
Query Builder