14 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-53096
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Use RCU-safe iteration in devmapredirectmulti SKB path The DEVMAPHASH branch in devmapredirectmulti uses hlistforeachentrysafe to iterate hash buckets, but...
Linux Distros Unpatched Vulnerability : CVE-2026-45927
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: bpf: Require frozen map for calculating map hash Currently, bpfmapgetinfobyfd calculates and...
SUSE CVE-2026-45927
In the Linux kernel, the following vulnerability has been resolved: bpf: Require frozen map for calculating map hash Currently, bpfmapgetinfobyfd calculates and caches the hash of the map regardless of the map's frozen state. This leads to a TOCTOU bug where userspace can call BPFOBJGETINFOBYFD t...
UBUNTU-CVE-2026-45927
In the Linux kernel, the following vulnerability has been resolved: bpf: Require frozen map for calculating map hash Currently, bpfmapgetinfobyfd calculates and caches the hash of the map regardless of the map's frozen state. This leads to a TOCTOU bug where userspace can call BPFOBJGETINFOBYFD t...
CVE-2026-45986
The CVE-2026-45986 issue affects the Linux kernel crypto/ccree path, specifically a memory leak in cc_mac_digest. The root cause is a path where cc_map_hash_request_final() failures could leave memory unreleased; the fix adds cc_unmap_result() to prevent leaks. The vulnerability is locally exploi...
CVE-2026-45927 bpf: Require frozen map for calculating map hash
In the Linux kernel, the following vulnerability has been resolved: bpf: Require frozen map for calculating map hash Currently, bpfmapgetinfobyfd calculates and caches the hash of the map regardless of the map's frozen state. This leads to a TOCTOU bug where userspace can call BPFOBJGETINFOBYFD t...
CVE-2026-45927 bpf: Require frozen map for calculating map hash
In the Linux kernel, the following vulnerability has been resolved: bpf: Require frozen map for calculating map hash Currently, bpfmapgetinfobyfd calculates and caches the hash of the map regardless of the map's frozen state. This leads to a TOCTOU bug where userspace can call BPFOBJGETINFOBYFD t...
CVE-2026-45927
The CVE-2026-45927 issue affects the Linux kernel BPF subsystem. bpf_map_get_info_by_fd caches the hash of a map regardless of its frozen state, enabling a TOCTOU where a trusted loader could compare an older hash after a map is modified but before freezing. The fix returns -EPERM when the hash i...
CVE-2026-45927
In the Linux kernel, the following vulnerability has been resolved: bpf: Require frozen map for calculating map hash Currently, bpfmapgetinfobyfd calculates and caches the hash of the map regardless of the map's frozen state. This leads to a TOCTOU bug where userspace can call BPFOBJGETINFOBYFD t...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from bpfmapgetinfobyfd function in bpf. This function does not check the frozen state of maps during t...
CVE-2026-45927
bpf: Require frozen map for calculating map hash...
PT-2026-43794
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Time-of-Check to Time-of-Use TOCTOU issue exists where the bpf map get info by fd function calculates and caches the hash of a map regardless of whether the map is frozen. This allows...
bpf: Fix DEVMAP_HASH overflow check on 32-bit arches
...
OpenJDK: Excessive memory allocation in HashMap and HashSet (Utility, 8266097)
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Utility. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated...