Lucene search
K

308 matches found

Cvelist
Cvelist
added 4 days ago31 views

CVE-2026-41154 GPU DDK - Incorrect Index Calculation in CMA Cleanup Path of AllocOSPages_Sparse

Software installed and run as a non-privileged user may cause OOB kernel memory reads or writes through GPU API calls. When indexing pages larger than 4kB in the page freeing logic of the sparse memory implementation, incorrect buffer indexing leads to OOB access...

0.00167EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: mm: slub: Fix the invocation of flushcpuslab and freeslab in the task context. The commit 5a836bf6b09f “mm: slub: Move the invocation of flushcpuslab and freeslab out of the IRQ context” fixes this issue by moving all invocations...

7.8CVSS6AI score0.00242EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/28 3:55 a.m.18 views

SUSE CVE-2026-45971

In the Linux kernel, the following vulnerability has been resolved: bpf: Limit bpf program signature size Practical BPF signatures are significantly smaller than KMALLOCMAXCACHESIZE Allowing larger sizes opens the door for abuse by passing excessive size values and forcing the kernel into expensi...

5.8AI score0.00121EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/20 9:17 a.m.54 views

CVE-2026-32792 Packet of death with DNSCrypt

NLnet Labs Unbound 1.6.2 up to and including version 1.25.0 has a denial of service vulnerability when compiled with DNSCrypt support '--enable-dnscrypt'. A bad DNSCrypt query could underflow Unbound's DNSCrypt packet reading procedure that may lead to heap overflow. A malicious actor can exploit...

8.2CVSS0.00337EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/20 9:17 a.m.14 views

EUVD-2026-31077

NLnet Labs Unbound 1.6.2 up to and including version 1.25.0 has a denial of service vulnerability when compiled with DNSCrypt support '--enable-dnscrypt'. A bad DNSCrypt query could underflow Unbound's DNSCrypt packet reading procedure that may lead to heap overflow. A malicious actor can exploit...

8.2CVSS6AI score0.00337EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/20 9:17 a.m.10 views

CVE-2026-32792 Packet of death with DNSCrypt

NLnet Labs Unbound 1.6.2 up to and including version 1.25.0 has a denial of service vulnerability when compiled with DNSCrypt support '--enable-dnscrypt'. A bad DNSCrypt query could underflow Unbound's DNSCrypt packet reading procedure that may lead to heap overflow. A malicious actor can exploit...

8.2CVSS6AI score0.00337EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: kernel/kexec: fixed the issue when the kexec target address is allocated in the CMA area. Description of the bug When I tested kexec with the latest kernel, I encountered the following warning: 40.712410 ------------ cut here ---...

5.5CVSS5.3AI score0.00102EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: BPF: Zeroing allocated objects from slabs in the BPF memory allocator Currently, the freed elements in the BPF memory allocator may be reused immediately. For the htab map, reusing these elements will reinitialize special fields ...

6AI score0.00172EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Chromium

The inappropriate implementation of the memory allocator in Google Chrome prior to version 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: Medium...

8.8CVSS7.5AI score0.00489EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in ffmpeg5

FFmpeg v.n6.1-3-g466799d4f5 allows for memory consumption when using the colorcorrect filter, specifically in the avmalloc function located at line 105:9 of the libavutil/mem.c file...

7.8CVSS6.7AI score0.00377EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/05/20 12:0 a.m.7 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021554)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021554 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: fix uninititialized value in 'ext4evictinode' Syzbot found the following issue:...

7.8CVSS5.8AI score0.00202EPSS
Exploits0References4
OSV
OSV
added 2026/05/14 2:57 p.m.17 views

CLSA-2026-1778756179 kernel: Fix of 2 CVEs

net: skbuff: propagate shared-frag marker through pskbcopy - Bluetooth: btusb: revert use of devmkzalloc in btusb CVE-2025-71082 - nfsd: fix use-after-free due to delegation race CVE-2021-47506...

7.8CVSS6.4AI score0.0026EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/05/11 2:14 p.m.13 views

SUSE CVE-2026-43285

In the Linux kernel, the following vulnerability has been resolved: mm/slab: do not access current-memsallowedseq if !allowspin Lockdep complains when getfromanypartial is called in an NMI context, because current-memsallowedseq is seqcountspinlockt and not NMI-safe:...

5.8AI score0.00121EPSS
Exploits0References3
OSV
OSV
added 2026/05/06 2:45 p.m.6 views

BIT-JAVA-MIN-2024-47606 GHSL-2024-166: GStreamer Integer overflows in MP4/MOV demuxer and memory allocator that can lead to out-of-bounds writes

GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in the function qtdemuxparsetheoraextension within qtdemux.c. The vulnerability occurs due to an underflow of the gint size variable, which causes size to hold a large unintended...

9.8CVSS7.4AI score0.01344EPSS
Exploits0References7
NVD
NVD
added 2026/04/22 2:16 p.m.8 views

CVE-2026-31524

In the Linux kernel, the following vulnerability has been resolved: HID: asus: avoid memory leak in asusreportfixup The asusreportfixup function was returning a newly allocated kmemdup-allocated buffer, but never freeing it. Switch to devmkzalloc to ensure the memory is managed and freed...

5.5CVSS0.00123EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.5 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011119)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011119 advisory. In the Linux kernel, the following vulnerability has been resolved: selinux: enable use of both GFPKERNEL and GFPATOMIC in convertcontext The following warning was...

5.8AI score0.00168EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/20 12:32 p.m.11 views

EUVD-2026-23816

In the Linux kernel, the following vulnerability has been resolved: net: skb: fix cross-cache free of KFENCE-allocated skb head SKBSMALLHEADCACHESIZE is intentionally set to a non-power-of-2 value e.g. 704 on x8664 to avoid collisions with generic kmalloc bucket sizes. This ensures that...

5.6AI score0.00259EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/03/06 9:4 p.m.10 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mm/slub: reset KASAN tag in deferfree before accessing freed memory When CONFIGSLUBTINY is enabled, kfreenolock calls kasanslabfree before deferfree. On ARM64 with MTE Memory Tagging Extension, kasanslabfree poisons the memory an...

7.8CVSS5.6AI score0.0012EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/18 2:21 p.m.25 views

CVE-2026-23219 mm/slab: Add alloc_tagging_slab_free_hook for memcg_alloc_abort_single

In the Linux kernel, the following vulnerability has been resolved: mm/slab: Add alloctaggingslabfreehook for memcgallocabortsingle When CONFIGMEMALLOCPROFILINGDEBUG is enabled, the following warning may be noticed: 3959.023862 ------------ cut here ------------ 3959.023891 alloctag was not clear...

0.00112EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/02/02 12:0 a.m.39 views

EulerOS 2.0 SP13 : kernel (EulerOS-SA-2026-1212)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : tipc: fix a null-ptr-deref in tipctopsrvaccept CVE-2022-50555 integrity: Fix memory leakage in keyring allocation error path CVE-2022-50395 objtoo...

7.8CVSS7.8AI score0.00331EPSS
Exploits2References346
Rows per page
Query Builder