Lucene search
K

251 matches found

SUSE CVE
SUSE CVE
added 2026/06/26 2:11 a.m.6 views

SUSE CVE-2026-53159

In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: fix DMA address corruption due to findvma misuse fastrpcgetargs uses findvma to look up the VMA for a user-provided pointer and compute a DMA address offset. When the address falls in a gap before the returned VMA,...

5.8AI score0.00122EPSS
Exploits0References3
CVE
CVE
added 2026/06/25 8:38 a.m.29 views

CVE-2026-53159

CVE-2026-53159 affects the Linux kernel in the misc: fastrpc path. The vulnerability arises in fastrpc_get_args(), which uses find_vma() to locate the VMA for a user pointer and compute a DMA address offset. If the address lies in a gap before the returned VMA, the expression (ptr & PAGE_MASK) - ...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2026/06/25 8:38 a.m.31 views

CVE-2026-53159 misc: fastrpc: fix DMA address corruption due to find_vma misuse

In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: fix DMA address corruption due to findvma misuse fastrpcgetargs uses findvma to look up the VMA for a user-provided pointer and compute a DMA address offset. When the address falls in a gap before the returned VMA,...

0.00122EPSS
Exploits0References8
OSV
OSV
added 2026/06/25 8:38 a.m.2 views

CVE-2026-53159 misc: fastrpc: fix DMA address corruption due to find_vma misuse

In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: fix DMA address corruption due to findvma misuse fastrpcgetargs uses findvma to look up the VMA for a user-provided pointer and compute a DMA address offset. When the address falls in a gap before the returned VMA,...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References11
EUVD
EUVD
added 2026/06/25 8:38 a.m.5 views

EUVD-2026-39245

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: restore reservation on error in hugetlb folio copy paths Two sites in mm/hugetlb.c allocate a hugetlb folio via allochugetlbfolio consuming a VMA reservation and then call copyuserlargefolio, which became int-returnin...

5.7AI score0.00122EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.19 views

PT-2026-52297

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists where an idle-skip optimization bypasses GuC suspend, preventing the GPU from performing the context switch required to flush Translation Lookaside Buffer TLB entries for...

7.8CVSS6AI score0.00137EPSS
Exploits0References14
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Avoid lock inversion when pinning to GGTT on CHV/BXT+VTD After i915vmapinww is completed, a synchronous variant of dmafenceworkcommit is called. When pinning a VMA to GGTT address space on a Cherry View family processor...

5.9AI score0.00161EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/06/22 10:59 a.m.22 views

kernel: xen/privcmd: fix double free via VMA splitting

A flaw was found in the Linux kernel's xen/privcmd module. A local user could exploit this by performing a partial unmapping of a privcmd memory region. This action causes a Virtual Memory Area VMA to split, leading to duplicated internal memory pointers. As a result, the same memory can be freed...

7.8CVSS5.7AI score0.00183EPSS
Exploits0References5
CVE
CVE
added 2026/06/16 6:51 p.m.23 views

CVE-2026-0152

CVE-2026-0152 affects the OSMMapPMRGeneric path in pmr_os.c. A logic error may allow abusing a system-call sequence to expand the VMA out of bounds, enabling local privilege escalation with no extra privileges or user interaction required. Documented impact is high for confidentiality, integrity,...

7.8CVSS5.6AI score0.00071EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.12 views

PT-2026-49810

In OSMMapPMRGeneric of pmr os.c, there is a possible way to leverage a system call to system call to maliciously expand the VMA out of bounds due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not...

7.8CVSS5.5AI score0.00071EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/09 12:11 p.m.11 views

EUVD-2026-35408

In the Linux kernel, the following vulnerability has been resolved: Revert "mm/hugetlbfs: update hugetlbfs to use mmapprepare" This reverts commit ea52cb24cd3f "mm/hugetlbfs: update hugetlbfs to use mmapprepare" with conflict resolution to account for changes in commit ea52cb24cd3f "mm/hugetlbfs:...

5.4AI score0.001EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/09 12:11 p.m.34 views

CVE-2026-46318 Revert "mm/hugetlbfs: update hugetlbfs to use mmap_prepare"

In the Linux kernel, the following vulnerability has been resolved: Revert "mm/hugetlbfs: update hugetlbfs to use mmapprepare" This reverts commit ea52cb24cd3f "mm/hugetlbfs: update hugetlbfs to use mmapprepare" with conflict resolution to account for changes in commit ea52cb24cd3f "mm/hugetlbfs:...

0.001EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/27 12:39 p.m.15 views

CVE-2026-45837

A flaw was found in the Linux kernel. A use-after-free vulnerability exists in the arenavmclose function during a fork operation. This occurs because the child's Virtual Memory Area VMA is not correctly registered, leading to a dangling pointer. If a child process attempts to access this stale...

7.8CVSS5.8AI score0.00116EPSS
Exploits0References4
CVE
CVE
added 2026/05/27 9:24 a.m.39 views

CVE-2026-45837

CVE-2026-45837 : In the Linux kernel, a use-after-free in arena_vm_close on fork was fixed. The root cause is that arena_vm_open() only bumps vml->mmap_count and does not register the child VMA in arena->vma_list, so vml->vma continues to point to the parent VMA after fork. If the child ...

7.8CVSS5.8AI score0.00116EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.16 views

PT-2026-43671

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the arena vm close function during a fork operation. The arena vm open function increments the vml-mmap count but fails to register the child Virtual...

9.8CVSS5.9AI score0.03663EPSS
Exploits17References283
OSV
OSV
added 2026/05/22 1:21 p.m.15 views

OESA-2026-2418 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved:mm/mempolicy: fix migratetonode assuming there is at least one VMA in a MMWe currently assume that there is at least one VMA in a MM, which isn ttrue.So we might...

9.1CVSS6AI score0.00537EPSS
Exploits2References123
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm/rmap: Fixed potential out-of-bounds access to the page table during batched unmap operations. As pointed out by David1, the batched unmap logic in trytounmapone may read past the end of a PTE table when the PTE mappings of a...

7.1CVSS6.3AI score0.00156EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: rustbinder: Check ownership before using vma. When installing missing pages or zapping them, Rust Binder will look up the vma in the memory management unit by address, and then call vminsertpage or zappagerangesingle. However, if...

7.8CVSS5.7AI score0.00128EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: rustbinder: Avoid reading the written value in the offset array. When sending a transaction, its offset array is first copied into the target process’s virtual memory area vma. Then, the values are read back from there. This is...

7.8CVSS5.7AI score0.00099EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ksm: The range-walk function is used to skip over unmapped regions during the scangetnextrmapitem operation. Currently, scangetnextrmapitem traverses every page address in a VMA to locate mergeable pages. This approach becomes...

5.5CVSS6AI score0.00123EPSS
Exploits0References1
Rows per page
Query Builder