Lucene search
K

85 matches found

Tenable Nessus
Tenable Nessus
added 4 days ago7 views

Linux Distros Unpatched Vulnerability : CVE-2026-53277

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KVM: arm64: Take the SRCU lock for page table walks in fault injection and AT emulation walks1 and kvmwalknesteds2 expect to be called while holding kvm-srcu to...

8.8CVSS5.8AI score0.00111EPSS
Exploits0References4
NVD
NVD
added last week5 views

CVE-2026-53200

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: nv: Fix handling of XN0 when !FEATXNX XN has already been extracted from its bitfield position so using FIELDPREP on the mask that clears XN0 is completely broken, having the effect of unconditionally granting execute...

8.8CVSS0.00129EPSS
Exploits0References2
CVE
CVE
added last week16 views

CVE-2026-53277

CVE-2026-53277 – Linux kernel (arm64 KVM) : A flaw where certain page-table walk operations (walk_s1 and kvm_walk_nested_s2) did not acquire the Sleepable RCU lock (SRCU) via kvm->srcu, risking memslot changes and potential instability during fault injection and Address Translation emulation. ...

8.8CVSS5.7AI score0.00111EPSS
Exploits0References6
EUVD
EUVD
added last week5 views

EUVD-2026-39291

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: nv: Fix handling of XN0 when !FEATXNX XN has already been extracted from its bitfield position so using FIELDPREP on the mask that clears XN0 is completely broken, having the effect of unconditionally granting execute...

5.8AI score0.00129EPSS
Exploits0References2
Cvelist
Cvelist
added last week25 views

CVE-2026-53200 KVM: arm64: nv: Fix handling of XN[0] when !FEAT_XNX

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: nv: Fix handling of XN0 when !FEATXNX XN has already been extracted from its bitfield position so using FIELDPREP on the mask that clears XN0 is completely broken, having the effect of unconditionally granting execute...

8.8CVSS0.00129EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Avoid consuming a stale esr value when an SError occurs When any exception other than an IRQ occurs, the CPU updates the ESREL2 register with the exception syndrome. An SError may also become pending, and will be...

5.5CVSS5AI score0.00225EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/10 2:25 a.m.17 views

SUSE CVE-2026-46316

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry vgicitsinvalidatecache walks the per-ITS translation cache with xaforeach and drops the cache's reference on each entry with vgicputirq. It puts...

7.8CVSS5.4AI score0.0018EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2026/06/09 5:0 p.m.10 views

CVE-2026-46316

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM for ARM64, specifically within the vgic-its component. This vulnerability occurs when multiple concurrent operations incorrectly drop the translation cache's reference to an entry more than once during cache invalidation. Thi...

9.3CVSS5.4AI score0.0018EPSS
Exploits0References6
NVD
NVD
added 2026/06/09 1:16 p.m.17 views

CVE-2026-46317

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Reassign nestedmmus array behind mmulock kvm-arch.nestedmmus is walked under kvm-mmulock, including from the MMU notifier path kvmunmapgfnrange - kvmnesteds2unmap, which can run at any time. kvmvcpuinitnested...

8.8CVSS0.0013EPSS
Exploits0References3
NVD
NVD
added 2026/06/09 1:16 p.m.18 views

CVE-2026-46316

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry vgicitsinvalidatecache walks the per-ITS translation cache with xaforeach and drops the cache's reference on each entry with vgicputirq. It puts...

9.3CVSS0.0018EPSS
Exploits0References7
OSV
OSV
added 2026/06/09 1:16 p.m.8 views

UBUNTU-CVE-2026-46317

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Reassign nestedmmus array behind mmulock kvm-arch.nestedmmus is walked under kvm-mmulock, including from the MMU notifier path kvmunmapgfnrange - kvmnesteds2unmap, which can run at any time. kvmvcpuinitnested...

8.8CVSS5.4AI score0.0013EPSS
Exploits0References3
CVE
CVE
added 2026/06/09 11:52 a.m.51 views

CVE-2026-46317

CVE-2026-46317 concerns the Linux kernel KVM on arm64. A traversal of the array kvm->arch.nested_mmus[] occurs under kvm->mmu_lock, while kvm_vcpu_init_nested() reallocates the array and frees the old buffer with only kvm->arch.config_lock held. The fix moves the allocation outside the m...

8.8CVSS5.6AI score0.0013EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.20 views

PT-2026-47754

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the KVM arm64 component where the kvm-arch.nested mmus array is accessed under the kvm-mmu lock, including within the MMU notifier path via the functions kvm unmap gfn...

9.8CVSS5.5AI score0.00467EPSS
Exploits1References191
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-46317

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KVM: arm64: Reassign nestedmmus array behind mmulock kvm-arch.nestedmmus is walked under kvm-mmulock, including from the MMU notifier path kvmunmapgfnrange -...

8.8CVSS7.4AI score0.0013EPSS
Exploits0References4
NVD
NVD
added 2026/05/28 10:16 a.m.12 views

CVE-2026-46147

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix pin leak and publication ordering in pkvminitvcpu Two bugs exist in the vCPU initialisation path: 1. If a check fails after hyppinsharedmem succeeds, the cleanup path jumps to 'unlock' without calling unpinhostvcp...

5.5CVSS0.00126EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/13 3:35 a.m.9 views

SUSE CVE-2026-43351

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Eagerly init vgic dist/redist on vgic creation If vgicallocateprivateirqslocked fails for any odd reason, we exit kvmvgiccreate early, leaving dist-rdregions uninitialised. kvmvgicdistdestroy then comes along and walk...

5.8AI score0.00121EPSS
Exploits0References3
OSV
OSV
added 2026/05/08 3:16 p.m.6 views

UBUNTU-CVE-2026-43351

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Eagerly init vgic dist/redist on vgic creation If vgicallocateprivateirqslocked fails for any odd reason, we exit kvmvgiccreate early, leaving dist-rdregions uninitialised. kvmvgicdistdestroy then comes along and walk...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2026/05/08 2:21 p.m.11 views

CVE-2026-43351

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Eagerly init vgic dist/redist on vgic creation If vgicallocateprivateirqslocked fails for any odd reason, we exit kvmvgiccreate early, leaving dist-rdregions uninitialised. kvmvgicdistdestroy then comes along and walk...

5.5CVSS5.7AI score0.00121EPSS
Exploits0
CVE
CVE
added 2026/05/08 2:21 p.m.26 views

CVE-2026-43351

The CVE-2026-43351 issue affects the Linux kernel’s KVM on arm64 when creating a virtual GIC. If vgic_allocate_private_irqs_locked() fails, kvm_vgic_create() can exit before vgic dist regions are initialised, and kvm_vgic_dist_destroy() may then attempt to free uninitialised data, risking a crash...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/04/29 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-31553

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix the descriptor address in kvmatswapdesc Using u64 user hva + offset to get t...

8.8CVSS6.6AI score0.0012EPSS
Exploits0References2
Rows per page
Query Builder