Lucene search
+L

26 matches found

astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: arm64/pageattr: The return value from changememorycommon must be propagated. The rodata=on security measure requires that any code path that uses vmalloc or setmemoryro/setmemoryrox must also protect the linear map alias...

5.9AI score0.00158EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fixed an uninitialized memcache pointer in usermemabort The commit fce886a60207 "KVM: arm64: Examining the pKVM MMU in KVM" made the initialization of the local memcache variable in usermemabort conditional. As a...

5.5CVSS6AI score0.0013EPSS
Exploits0References2
redhat
redhat
added 2026/04/09 2:13 p.m.2 views

glibc: wordexp with WRDE_REUSE and WRDE_APPEND may return uninitialized memory

A flaw was found in glibc. When the wordexp function is called with the flags WRDEREUSE and WRDEAPPEND, it may return uninitialized memory. If the caller inspects the wewordv array or calls the wordfree function to free the allocated memory, the process will abort, resulting in a denial of servic...

7.5CVSS6.9AI score0.00439EPSS
Exploits0References5
nessus
nessus
added 2026/03/26 12:0 a.m.6 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: glibc (UTSA-2026-006305)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006305 advisory. Calling wordexp with WRDEREUSE in conjunction with WRDEAPPEND in the GNU C Library version 2.0 to version 2.42 may cause the interface to return uninitialized memory...

7.5CVSS5.9AI score0.00439EPSS
Exploits0References4
euvd
euvd
added 2026/01/22 6:50 p.m.8 views

EUVD-2022-54720

In the Linux kernel, the following vulnerability has been resolved: media: i2c: max9286: fix kernel oops when removing module When removing the max9286 module we get a kernel oops: Unable to handle kernel paging request at virtual address 000000aa00000094 Mem abort info: ESR = 0x96000004 EC = 0x2...

7.1CVSS5.7AI score0.00276EPSS
Exploits0References5
euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-2624

Malicious code in bioql PyPI...

5.5CVSS7.3AI score0.00199EPSS
Exploits0References4
suse
suse
added 2025/08/20 7:24 a.m.19 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 Confidential Computing kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2019-11135: TSX Asynchronous Abort condition bsc1139073. CVE-2023-52888: media: mediatek: vcodec: Only free buffer VA that is not NULL...

8.7CVSS8.9AI score0.03133EPSS
Exploits17References1930
osv
osv
added 2025/05/29 2:15 p.m.5 views

UBUNTU-CVE-2025-37996

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix uninitialized memcache pointer in usermemabort Commit fce886a60207 "KVM: arm64: Plumb the pKVM MMU in KVM" made the initialization of the local memcache variable in usermemabort conditional, leaving a codepath whe...

6.7CVSS6.6AI score0.0013EPSS
Exploits0References8
cve
cve
added 2025/05/29 1:15 p.m.97 views

CVE-2025-37996

The CVE-2025-37996 entry concerns the Linux kernel KVM/arm64 path where an uninitialized local memcache pointer in user_mem_abort() could be used via kvm_pgtable_stage2_map(). The underlying cause was partial initialization introduced by a prior commit, leaving a codepath that could fail on stage...

5.5CVSS6.3AI score0.0013EPSS
Exploits0References2Affected Software1
redhatcve
redhatcve
added 2025/05/04 5:21 p.m.16 views

CVE-2023-53093

In the Linux kernel, the following vulnerability has been resolved: tracing: Do not let histogram values have some modifiers Histogram values can not be strings, stacktraces, graphs, symbols, syscalls, or grouped in buckets or log. Give an error if a value is set to do so. Note, the histogram cod...

5.5CVSS6.9AI score0.00164EPSS
Exploits0References4
nvd
nvd
added 2025/01/31 12:15 p.m.19 views

CVE-2025-21675

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Clear port select structure when fail to create Clear the port select structure on error so no stale values left after definers are destroyed. That's because the mlx5lagdestroydefiners always try to destroy all lag...

5.5CVSS0.00199EPSS
Exploits0References5
cve
cve
added 2025/01/31 11:25 a.m.209 views

CVE-2025-21675

The CVE-2025-21675 issue affects the Linux kernel code path for mlx5_lag_port_sel_create, where resource cleanup was incomplete and could lead to double-destruction of definers after a failure to create the port select structure. The resulting cleanup gap caused a NULL pointer dereference on erro...

5.5CVSS6.8AI score0.00199EPSS
Exploits0References5Affected Software1
cvelist
cvelist
added 2025/01/31 11:25 a.m.15 views

CVE-2025-21675 net/mlx5: Clear port select structure when fail to create

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Clear port select structure when fail to create Clear the port select structure on error so no stale values left after definers are destroyed. That's because the mlx5lagdestroydefiners always try to destroy all lag...

0.00199EPSS
Exploits0References4
redhatcve
redhatcve
added 2024/11/22 8:20 a.m.25 views

CVE-2024-53095

In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix use-after-free of network namespace. Recently, we got a customer report that CIFS triggers oops while reconnecting to a server. 0 The workload runs on Kubernetes, and some pods mount CIFS servers in non-root...

5.5CVSS6.8AI score0.00223EPSS
Exploits0References4
nvd
nvd
added 2024/11/21 7:15 p.m.22 views

CVE-2024-53095

In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix use-after-free of network namespace. Recently, we got a customer report that CIFS triggers oops while reconnecting to a server. 0 The workload runs on Kubernetes, and some pods mount CIFS servers in non-root...

7.8CVSS0.00223EPSS
Exploits0References3
cve
cve
added 2024/10/21 7:39 p.m.180 views

CVE-2024-50046

CVE-2024-50046: In the Linux kernel, a NULL-pointer dereference could occur in NFSv4 when copying files saved in the mountpoint (nfs42_complete_copies()), leading to an SMP kernel crash during state recovery for an open NFS file. The issue manifests as kernel oops and related logs and is resolved...

5.5CVSS6.8AI score0.00243EPSS
Exploits0References10Affected Software1
vulnrichment
vulnrichment
added 2024/10/21 7:39 p.m.13 views

CVE-2024-50034 net/smc: fix lacks of icsk_syn_mss with IPPROTO_SMC

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix lacks of icsksynmss with IPPROTOSMC Eric report a panic on IPPROTOSMC, and give the facts that when INETPROTOSWICSK was set, icsk-icsksyncmss must be set too. Bug: Unable to handle kernel NULL pointer dereference at...

6.2AI score0.002EPSS
Exploits0References2
cve
cve
added 2024/10/21 7:39 p.m.113 views

CVE-2024-50034

CVE-2024-50034 affects the Linux kernel net/smc, where INET_PROTOSW_ICSK can leave icsk_sync_mss unset for IPPROTO_SMC, triggering a NULL pointer dereference panic. The provided trace indicates a kernel oops when handling IPPROTO_SMC, with a failed icsk_mss synchronization. A patch sequence in st...

5.5CVSS5.1AI score0.002EPSS
Exploits0References2Affected Software1
osv
osv
added 2024/10/21 7:39 p.m.11 views

CVE-2024-50034 net/smc: fix lacks of icsk_syn_mss with IPPROTO_SMC

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix lacks of icsksynmss with IPPROTOSMC Eric report a panic on IPPROTOSMC, and give the facts that when INETPROTOSWICSK was set, icsk-icsksyncmss must be set too. Bug: Unable to handle kernel NULL pointer dereference at...

5.5CVSS5.9AI score0.002EPSS
Exploits0References5
ubuntucve
ubuntucve
added 2024/08/26 11:15 a.m.13 views

CVE-2024-43898

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

6.5AI score
Exploits0References5
Rows per page
Query Builder