CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

51 matches found

CNNVD•added 2026/05/27 12:0 a.m.•8 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the nireadfoliocmpr function in the ntfs3 file system. This function involves deadlocks due to lo...

5.8AI score0.00189EPSS

Exploits0References2

AstraLinux•added 2026/05/20 5:53 a.m.•5 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: spi: spidev: fixed the lock inversion between spilock and buflock. The spidev driver previously used two mutexes, spilock and buflock, but their acquisition was done in different orders depending on the code path: - write/read:...

5.5CVSS5.3AI score0.00094EPSS

Exploits0References1

AstraLinux•added 2026/05/20 5:53 a.m.•1 views

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: netlink: fixed a potential deadlock in netlinkseterr syzbot reported a possible deadlock in netlinkseterr 1 A similar issue was fixed in commit 1d482e666b8e "netlink: disabling IRQs for netlinklocktable" in netlinklocktable Th...

5.9AI score0.00213EPSS

Exploits0References1

NVD•added 2026/05/08 2:16 p.m.•9 views

CVE-2026-43319

In the Linux kernel, the following vulnerability has been resolved: spi: spidev: fix lock inversion between spilock and buflock The spidev driver previously used two mutexes, spilock and buflock, but acquired them in different orders depending on the code path: write/read: buflock - spilock ioctl...

5.5CVSS0.00094EPSS

Exploits0References5

UbuntuCve•added 2026/05/08 2:16 p.m.•5 views

CVE-2026-43319

5.5CVSS5.8AI score0.00094EPSS

Exploits0References6

OSV•added 2026/05/08 2:16 p.m.•6 views

UBUNTU-CVE-2026-43319

5.5CVSS5.8AI score0.00094EPSS

Exploits0References7

CVE•added 2026/05/08 1:26 p.m.•14 views

CVE-2026-43319

CVE-2026-43319 affects the Linux kernel spidev driver. The vulnerability stemmed from inverted lock ordering between spi_lock and buf_lock across code paths (write/read use buf_lock then spi_lock; ioctl uses spi_lock then buf_lock), enabling potential deadlocks in multi-threaded access. The fix u...

5.5CVSS5.8AI score0.00094EPSS

Exploits0References5Affected Software1

Positive Technologies•added 2026/05/08 12:0 a.m.•7 views

PT-2026-38970

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A lock inversion exists in the spidev driver involving two mutexes, spi lock and buf lock. These locks were acquired in different orders depending on the execution path: write and read...

9.1CVSS5.6AI score0.00514EPSS

Exploits0References94

AstraLinux•added 2026/05/03 11:59 p.m.•6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: BPF, sockmap: Prevent lock inversion deadlock in mapdeleteelem operation. The syzkaller started using corpuses where a BPF tracing program deletes elements from a sockmap/sockhash map. Since BPF tracing programs can be invoked fr...

5.5CVSS5.9AI score0.0018EPSS

Exploits0References2

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: xen/events: The close evtchn operation is performed after mapping cleanup is completed. shutdownpirq and startuppirq do not take the irqmappingupdatelock, as they cannot do so due to lock inversion. Both functions are called...

5.5CVSS6.2AI score0.00228EPSS

Exploits0References2

Tenable Nessus•added 2026/03/30 12:0 a.m.•11 views

Amazon Linux 2023 : bpftool6.12, kernel6.12, kernel6.12-devel (ALAS2023-2026-1495)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1495 advisory. In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: Fix null-deref in aggdequeue CVE-2025-40083 In the Linux kernel, the following vulnerability has been...

6.1AI score0.00201EPSS

Exploits0References102

AstraLinux•added 2026/01/13 2:1 p.m.•3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: vsock: Fixed lock inversion in vsockassigntransport. Syzbot reported a potential lock inversion deadlock between vsockregistermutex and sklock-AFVSOCK when vsocklinger is called. The issue was introduced by the commit...

5.4AI score0.00173EPSS

Exploits0References3

RedHat Linux•added 2026/01/12 9:30 a.m.•3 views

kernel: net: phylink: add lock for serializing concurrent pl->phydev writes with resolver

A flaw was found in the Linux kernel’s phylink subsystem: when phylinkresolve executes while pl-statemutex is held, it may acquire pl-phydev-lock out of order relative to other paths phylinkbringupphy or phylinkdisconnectphy that acquire pl-phydev-lock prior to pl-statemutex. This lock inversion...

7CVSS5.8AI score0.001EPSS

Exploits0References5

SUSE CVE•added 2025/12/17 12:24 a.m.•2 views

SUSE CVE-2025-68244

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Avoid lock inversion when pinning to GGTT on CHV/BXT+VTD On completion of i915vmapinww, a synchronous variant of dmafenceworkcommit is called. When pinning a VMA to GGTT address space on a Cherry View family processor, ...

5.5CVSS6.4AI score0.00161EPSS

Exploits0References21