Lucene search
K

6516 matches found

ATTACKERKB
ATTACKERKB
added 2026/03/25 10:29 a.m.4 views

CVE-2026-23390

In the Linux kernel, the following vulnerability has been resolved: tracing/dma: Cap dmamapsg tracepoint arrays to prevent buffer overflow The dmamapsg tracepoint can trigger a perf buffer overflow when tracing large scatter-gather lists. With devices like virtio-gpu creating large DRM buffers,...

5.8AI score0.00131EPSS
Exploits0References4
CVE
CVE
added 2026/03/25 10:29 a.m.12 views

CVE-2026-23390

CVE-2026-23390 : In the Linux kernel, the tracing/dma subsystem fixes a potential perf buffer overflow in the dma_map_sg tracepoint when handling large scatter-gather lists (e.g., large DRM buffers). The patch caps the three dynamic arrays at 128 entries using min() to prevent excessive allocatio...

7.8CVSS5.9AI score0.00131EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/03/25 10:29 a.m.5 views

CVE-2026-23390 tracing/dma: Cap dma_map_sg tracepoint arrays to prevent buffer overflow

In the Linux kernel, the following vulnerability has been resolved: tracing/dma: Cap dmamapsg tracepoint arrays to prevent buffer overflow The dmamapsg tracepoint can trigger a perf buffer overflow when tracing large scatter-gather lists. With devices like virtio-gpu creating large DRM buffers,...

7.8CVSS6AI score0.00131EPSS
Exploits0References6
OSV
OSV
added 2026/03/25 10:27 a.m.5 views

CVE-2026-23352 x86/efi: defer freeing of boot services memory

In the Linux kernel, the following vulnerability has been resolved: x86/efi: defer freeing of boot services memory efifreebootservices frees memory occupied by EFIBOOTSERVICESCODE and EFIBOOTSERVICESDATA using memblockfreelate. There are two issue with that: memblockfreelate should be used for...

5.5CVSS5.6AI score0.00125EPSS
Exploits0References10
OSV
OSV
added 2026/03/25 10:27 a.m.4 views

CVE-2026-23342 bpf: Fix race in cpumap on PREEMPT_RT

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix race in cpumap on PREEMPTRT On PREEMPTRT kernels, the per-CPU xdpbulkqueue bq can be accessed concurrently by multiple preemptible tasks on the same CPU. The original code assumes bqenqueue and cpumapflush run atomically...

4.7CVSS5.7AI score0.00088EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2026/03/25 10:27 a.m.3 views

CVE-2026-23342

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix race in cpumap on PREEMPTRT On PREEMPTRT kernels, the per-CPU xdpbulkqueue bq can be accessed concurrently by multiple preemptible tasks on the same CPU. The original code assumes bqenqueue and cpumapflush run atomically...

4.7CVSS5.4AI score0.00088EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/03/25 12:26 a.m.3 views

SUSE CVE-2026-28789

OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.10.3, an unauthenticated denial-of-service vulnerability exists in OliveTin's OAuth2 login flow. Concurrent requests to /oauth/login can trigger unsynchronized access to a shared registeredStates map,...

7.5CVSS5.8AI score0.00394EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/03/25 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2026-23390

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tracing/dma: Cap dmamapsg tracepoint arrays to prevent buffer overflow The dmamapsg tracepoint can trigger a perf buffer overflow when tracing large...

7.8CVSS7.2AI score0.00131EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/25 12:0 a.m.6 views

Oracle Linux 7 : kernel (ELSA-2026-3685)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-3685 advisory. - ext4: fix use-after-free in ext4orphancleanup CVE-2022-50673 Orabug: 39036029 - Squashfs: check return result of sbminblocksize CVE-2025-38415 Orabug...

8.8CVSS7.2AI score0.01067EPSS
Exploits4References10
OSV
OSV
added 2026/03/24 4:49 p.m.5 views

SUSE-SU-2026:20889-1 Security update for the Linux Kernel (Live Patch 14 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-38.1 fixes various security issues The following security issues were fixed: - CVE-2025-40258: mptcp: fix race condition in mptcpschedulework bsc1255053. - CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed bsc1257669. ...

5.5CVSS6.5AI score0.00176EPSS
Exploits0References15
OSV
OSV
added 2026/03/24 4:49 p.m.3 views

SUSE-SU-2026:20888-1 Security update for the Linux Kernel (Live Patch 13 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-36.1 fixes various security issues The following security issues were fixed: - CVE-2025-40258: mptcp: fix race condition in mptcpschedulework bsc1255053. - CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed bsc1257669. ...

5.5CVSS5.9AI score0.00176EPSS
Exploits0References15
OSV
OSV
added 2026/03/24 4:49 p.m.2 views

SUSE-SU-2026:20866-1 Security update for the Linux Kernel (Live Patch 14 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-38.1 fixes various security issues The following security issues were fixed: - CVE-2025-40258: mptcp: fix race condition in mptcpschedulework bsc1255053. - CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed bsc1257669. ...

5.5CVSS6.5AI score0.00176EPSS
Exploits0References15
OSV
OSV
added 2026/03/24 4:49 p.m.5 views

SUSE-SU-2026:20887-1 Security update for the Linux Kernel (Live Patch 12 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-35.1 fixes various security issues The following security issues were fixed: - CVE-2025-40258: mptcp: fix race condition in mptcpschedulework bsc1255053. - CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed bsc1257669. ...

5.5CVSS6.5AI score0.00176EPSS
Exploits0References15
OSV
OSV
added 2026/03/24 4:49 p.m.1 views

SUSE-SU-2026:20862-1 Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-32.1 fixes various security issues The following security issues were fixed: - CVE-2025-38488: smb: client: fix use-after-free in cryptmessage when using async crypto bsc1247240. - CVE-2025-40258: mptcp: fix race condition in mptcpschedulewor...

7.8CVSS5.9AI score0.00278EPSS
Exploits0References17
OSV
OSV
added 2026/03/24 4:48 p.m.3 views

SUSE-SU-2026:20899-1 Security update for the Linux Kernel RT (Live Patch 13 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-37.1 fixes various security issues The following security issues were fixed: - CVE-2025-40258: mptcp: fix race condition in mptcpschedulework bsc1255053. - CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed bsc1257669. ...

5.5CVSS6.5AI score0.00176EPSS
Exploits0References15
OSV
OSV
added 2026/03/24 4:48 p.m.2 views

SUSE-SU-2026:20855-1 Security update for the Linux Kernel RT (Live Patch 13 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-37.1 fixes various security issues The following security issues were fixed: - CVE-2025-40258: mptcp: fix race condition in mptcpschedulework bsc1255053. - CVE-2025-40284: Bluetooth: MGMT: cancel mesh send timer when hdev removed bsc1257669. ...

5.5CVSS6.5AI score0.00176EPSS
Exploits0References15
OSV
OSV
added 2026/03/24 4:48 p.m.5 views

SUSE-SU-2026:20898-1 Security update for the Linux Kernel RT (Live Patch 12 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-36.1 fixes various security issues The following security issues were fixed: - CVE-2025-38488: smb: client: fix use-after-free in cryptmessage when using async crypto bsc1247240. - CVE-2025-40258: mptcp: fix race condition in mptcpschedulewor...

7.8CVSS6.5AI score0.00278EPSS
Exploits0References17
OSV
OSV
added 2026/03/24 9:11 a.m.4 views

SUSE-SU-2026:0992-1 Security update for the Linux Kernel (Live Patch 44 for SUSE Linux Enterprise 15 SP4)

This update for the SUSE Linux Enterprise Kernel 5.14.21-150400.24.176 fixes various security issues The following security issues were fixed: - CVE-2022-50697: mrp: introduce active flags to prevent UAF when applicant uninit bsc1255595. - CVE-2023-53781: smc: Fix use-after-free in...

7.8CVSS6.8AI score0.00278EPSS
Exploits0References21
OSV
OSV
added 2026/03/24 5:44 a.m.1 views

SUSE-SU-2026:20831-1 Security update for the Linux Kernel RT (Live Patch 0 for SUSE Linux Enterprise 16)

This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.5.1 fixes various security issues The following security issues were fixed: - CVE-2025-38488: smb: client: fix use-after-free in cryptmessage when using async crypto bsc1247240. - CVE-2025-40214: afunix: Initialise sccindex in...

7.8CVSS6.5AI score0.00278EPSS
Exploits0References19
NVD
NVD
added 2026/03/24 5:16 a.m.12 views

CVE-2026-3260

A flaw was found in Undertow. A remote attacker could exploit this vulnerability by sending an HTTP GET request containing multipart/form-data content. If the underlying application processes parameters using methods like getParameterMap, the server prematurely parses and stores this content to...

7.5CVSS0.00441EPSS
Exploits0References2
Rows per page
Query Builder