6483 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-45994
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ibmasm: fix OOB reads in commandfilewrite due to missing size checks The commandfilewrite handler allocates a kernel buffer of exactly count bytes and copies us...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the exynos-drm driver’s viidiconnectionioctl function, which directly derefreshes user-space...
Linux Distros Unpatched Vulnerability : CVE-2026-45856
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/uverbs: Validate wqesize before using it in ibuverbspostsend ibuverbspostsend uses cmd.wqesize from userspace without any validation before passing it to...
CVE-2026-45959
crypto: ccp - Fix a crash due to incorrect cleanup usage of kfree...
macOS Kernel Memory Corruption Exploit
A group used Anthropic's Mythos AI model to help find a kernel memory corruption vulnerability and exploit on Apple's M5. News article...
CVE-2026-45252
When a fusefs file system implements extended attributes, the kernel may send a FUSELISTXATTR message to the userspace daemon to retrieve the list of extended attributes for a given file. The FUSE protocol requires the daemon to return a packed list of NUL-terminated strings. The fusefs kernel...
CVE-2026-45252
CVE-2026-45252 : In fusefs, when extended attributes are queried via FUSE_LISTXATTR, the kernel may call strlen() on a daemon-provided buffer without ensuring the list is fully NUL-terminated. If the list is not NUL-terminated, the fusefs kernel module may read past the end of a heap buffer and p...
CVE-2026-45252 Heap overflow in FUSE_LISTXATTR
When a fusefs file system implements extended attributes, the kernel may send a FUSELISTXATTR message to the userspace daemon to retrieve the list of extended attributes for a given file. The FUSE protocol requires the daemon to return a packed list of NUL-terminated strings. The fusefs kernel...
CVE-2026-45252 Heap overflow in FUSE_LISTXATTR
When a fusefs file system implements extended attributes, the kernel may send a FUSELISTXATTR message to the userspace daemon to retrieve the list of extended attributes for a given file. The FUSE protocol requires the daemon to return a packed list of NUL-terminated strings. The fusefs kernel...
FreeBSD : FreeBSD -- Heap overflow in FUSE_LISTXATTR (3cc34467-54b6-11f1-8d7a-bc241121aa0a)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 3cc34467-54b6-11f1-8d7a-bc241121aa0a advisory. When a fusefs file system implements extended attributes, the kernel may send a FUSELISTXATTR message t...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: brcmfmac: pcie: Firmware is released in the brmfipciesetup error path. This prevents memory leaks if the brmfichipgetraminfo function fails. Note that the CLM blob is released in the device removal path...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: r6040: Fixed the kmemleak in the probe function and removed it. There is a memory leak reported by kmemleak: - Unreferenced object 0xffff888116111000 size 2048: comm “modprobe”, pid 817, jiffies 4294759745 age 76.502s Hex dump...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: mshv: Fixed the check for overlap in memory regions. The current check is incorrect; it only checks whether the beginning or end of a region is within an existing region. This does not take into account cases where userspace...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: KVM: x86: Added SRCU protection for reading PDPTRs in getsregs2. Added SRCU read-side protection when reading PDPTR registers in getsregs2. Reading PDPTRs may trigger access to guest memory: kvmpdptrread - svmcachereg -...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb – revert the use of devmkzalloc in btusb This change reverts to the behavior described in commit 98921dbd00c4e “Bluetooth: Use devmkzalloc in btusb.c file”. In btusbprobe, we use devmkzalloc to allocate the btusb...
Astra Linux - уязвимость в linux
A issue was discovered in the Linux kernel through version 5.11.x. The kernel/bpf/verifier.c file contains unwanted out-of-bounds speculation during pointer arithmetic operations, which allows for side-channel attacks that circumvent Spectre mitigations and extract sensitive information from kern...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: KEYS: Trusted – Fixed a memory leak in tpm2loadcmd. tpm2loadcmd allocates a temporary blob indirectly through tpm2keydecode, but the blob is not freed during failure paths. This issue can be addressed by wrapping the blob with a...
Astra Linux - уязвимость в linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: x86/mm/identmap: Use GB pages only when the entire GB page should be mapped. When identpudinit uses only GB pages to create identity maps, large ranges of addresses that are not actually requested can be included in the resulting...
Astra Linux - уязвимость в linux-5.10
In TBD of TBD, there is a possible way to corrupt kernel memory due to a use after free. This could lead to a local escalation of privileges without the need for additional execution privileges. User interaction is not required for exploitation. Product: Android. Versions: Android kernel. Android...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: pmdomain: arm: scmi: Fixed the issue where genpd leaks occur during provider registration failures. If the ofgenpdaddprovideronecell function fails during the probe phase, the previously created generic power domains are not...