Lucene search
+L

733 matches found

redhat
redhat
added 2026/07/06 9:21 p.m.4 views

kernel: smb/client: fix out-of-bounds read in smb2_compound_op()

A flaw was found in the Linux kernel's Server Message Block SMB client. A remote attacker, acting as a malicious SMB server, could send a specially crafted, truncated response with an oversized buffer length. This could lead to an out-of-bounds read in the smb2compoundop function, allowing the...

9.1CVSS7.3AI score0.00478EPSS
Exploits0References5
astralinux
astralinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd: Fixed a memory leak in wbrfrecord. The tmp buffer is allocated using kcalloc, but it is not freed if acpievaluatedsm fails. This causes a memory leak in the error path. This issue has been fixed by explicitly...

5.5CVSS5.9AI score0.00121EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: CGX: fix bitmap leaks The RX/TX flow-control bitmaps rxfcpfvfbmap and txfcpfvfbmap are allocated by cgxlmacinit, but never freed in cgxlmacexit. Unbinding and rebinding the driver therefore triggers a kmemleak:...

5.5CVSS5.7AI score0.00128EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: pmdomain: arm: scmi: Fixed the issue of a memory leak caused by the persistence of genpd data during provider registration failures. If the ofgenpdaddprovideronecell function fails during the probe phase, the previously created...

5.7AI score0.00184EPSS
Exploits0References3
astralinux
astralinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: KEYS: Trusted – Fixed a memory leak in tpm2loadcmd. tpm2loadcmd allocates a temporary blob indirectly through tpm2keydecode, but the blob is not freed during failure paths. This issue can be addressed by wrapping the blob with a...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References3
nessus
nessus
added 2026/06/03 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2026-46155

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smb/client: fix out-of-bounds read in smb2compoundop If a server sends a truncated response but a large OutputBufferLength, and terminates the EA list early,...

9.1CVSS7.2AI score0.00478EPSS
Exploits0References3
osv
osv
added 2026/06/02 5:12 p.m.22 views

USN-8373-1 linux, linux-aws, linux-aws-6.8, linux-aws-fips, linux-azure, linux-fips, linux-gcp, linux-gcp-6.8, linux-gcp-fips, linux-gke, linux-gkeop, linux-hwe-6.8, linux-ibm, linux-ibm-6.8, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-nvidia-tegra, linux-oracle, linux-oracle-6.8, linux-raspi, linux-raspi-realtime, linux-realtime, linux-realtime-6.8 vulnerabilities

It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...

8.8CVSS6.3AI score0.93235EPSS
Exploits57References22
euvd
euvd
added 2026/06/02 3:25 p.m.15 views

EUVD-2026-33956

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, the Java TLS ioctl probe reads user-controlled ioctl pointers with bpfproberead instead of bpfprobereaduser. An instrumented local process can therefore point OBI at kerne...

3.8CVSS5.7AI score0.00174EPSS
Exploits1References2
redhatcve
redhatcve
added 2026/05/28 6:11 p.m.14 views

CVE-2026-46155

A flaw was found in the Linux kernel's Server Message Block SMB client. A remote attacker, acting as a malicious SMB server, could send a specially crafted, truncated response with an oversized buffer length. This could lead to an out-of-bounds read in the smb2compoundop function, allowing the...

9.1CVSS5.9AI score0.00478EPSS
Exploits0References4
susecve
susecve
added 2026/05/28 4:1 a.m.36 views

SUSE CVE-2025-71312

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: fix ntfsmountoptions leak in ntfsfillsuper In ntfsfillsuper, the fc-fsprivate pointer is set to NULL without first freeing the memory it points to. This causes the subsequent call to ntfsfsfree to skip freeing the...

5.5CVSS5.8AI score0.00137EPSS
Exploits0References3
osv
osv
added 2026/05/27 2:17 p.m.14 views

UBUNTU-CVE-2026-45939

In the Linux kernel, the following vulnerability has been resolved: gpib: Fix memory leak in niusbinit In niusbinit, if niusbsetupinit fails, the function returns -EFAULT without freeing the allocated writes buffer, leading to a memory leak. Additionally, niusbsetupinit returns 0 on failure, whic...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References3
cvelist
cvelist
added 2026/05/27 12:18 p.m.43 views

CVE-2026-45947 drm/amdgpu: Fix memory leak in amdgpu_acpi_enumerate_xcc()

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix memory leak in amdgpuacpienumeratexcc In amdgpuacpienumeratexcc, if amdgpuacpidevinit returns -ENOMEM, the function returns directly without releasing the allocated xccinfo, resulting in a memory leak. Fix this by...

0.00162EPSS
Exploits0References5
osv
osv
added 2026/05/27 12:18 p.m.2 views

CVE-2026-45947 drm/amdgpu: Fix memory leak in amdgpu_acpi_enumerate_xcc()

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix memory leak in amdgpuacpienumeratexcc In amdgpuacpienumeratexcc, if amdgpuacpidevinit returns -ENOMEM, the function returns directly without releasing the allocated xccinfo, resulting in a memory leak. Fix this by...

5.5CVSS6AI score0.00162EPSS
Exploits0References8
osv
osv
added 2026/05/27 12:17 p.m.2 views

CVE-2026-45928 media: chips-media: wave5: Fix memory leak on codec_info allocation failure

In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix memory leak on codecinfo allocation failure In wave5vpuopenenc and wave5vpuopendec, a vpu instance is allocated via kzalloc. If the subsequent allocation for inst-codecinfo fails, the functions retu...

5.5CVSS5.9AI score0.00127EPSS
Exploits0References7
cvelist
cvelist
added 2026/05/27 12:15 p.m.41 views

CVE-2026-45856 RDMA/uverbs: Validate wqe_size before using it in ib_uverbs_post_send

In the Linux kernel, the following vulnerability has been resolved: RDMA/uverbs: Validate wqesize before using it in ibuverbspostsend ibuverbspostsend uses cmd.wqesize from userspace without any validation before passing it to kmalloc and using the allocated buffer as struct ibuverbssendwr. If a...

7.1CVSS0.00164EPSS
Exploits0References8
nessus
nessus
added 2026/05/27 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-45994

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ibmasm: fix OOB reads in commandfilewrite due to missing size checks The commandfilewrite handler allocates a kernel buffer of exactly count bytes and copies us...

7.1CVSS6.2AI score0.00139EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Limit packet length to skb-len The packet length retrieved from skb data may be larger than the actual socket buffer length up to 9026 bytes. In such cases, the cloned skb passed through the network stack may...

5.5CVSS6.2AI score0.00156EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel up to version 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory through a Speculative Store Bypass side-channel attack. This occurs because a certain preempting store operation does not necessarily occur before a store operation whose valu...

5.5CVSS6.3AI score0.0046EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/cma: Fixed a kmemleak in rdmacore that was observed during the blktests nvme/rdma tests with siw. When running the blktests nvme/rdma tests, the following kmemleak issue will appear: - kmemleak: The kernel memory leak...

5.5CVSS5.8AI score0.00225EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: r6040: Fixed the kmemleak in the probe process and removed it. There is a memory leak reported by kmemleak: - Unreferenced object 0xffff888116111000 size 2048: comm “modprobe”, pid 817, jiffies 4294759745 age 76.502s Hex dump...

5.5CVSS6AI score0.00196EPSS
Exploits0References1
Rows per page
Query Builder