Lucene search
K

246 matches found

SUSE CVE
SUSE CVE
added 2026/07/01 3:19 a.m.4 views

SUSE CVE-2026-53085

In the Linux kernel, the following vulnerability has been resolved: bpf: fix mm lifecycle in open-coded taskvma iterator The open-coded taskvma iterator reads task-mm locklessly and acquires mmapreadtrylock but never calls mmget. If the task exits concurrently, the mmstruct can be freed as it is...

7.8CVSS5.8AI score0.00113EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2026/06/12 1:54 p.m.26 views

Security update for qemu

This update for qemu fixes the following issues: CVE-2025-14876: qemu-kvm: Unbounded allocation in virtio-crypto bsc1255400. CVE-2026-0665: out-of-bounds heap access can lead to a denial of service or potential memory corruption bsc1256484. CVE-2026-2243: incorrect bounds check leads to heap...

8.8CVSS6.7AI score0.00143EPSS
Exploits1References26
NVD
NVD
added 2026/06/10 2:16 p.m.17 views

CVE-2026-52757

Ghidra before 12.1 contains a heap-use-after-free vulnerability in the decompiler's HighVariable::merge function during the variable merging pass. Attackers can trigger this vulnerability by crafting a binary that causes stale pointers in the HighIntersectTest::highedgemap cache to be dereference...

4.6CVSS0.00144EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:19 p.m.9 views

CVE-2026-10046

Bitdefender Napoca bare-metal hypervisor contains an out-of-bounds write vulnerability in the BIOS INT 0x15 / E820 memory map handler, implemented in napoca/guests/bioshandlers.c. The handler computes a destination offset into the guest RealModeMemory buffer from guest-controlled ES and EDI...

8.5CVSS5.7AI score0.00118EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/02 2:16 p.m.53 views

CVE-2026-10046 Out-of-bounds write in Napoca BIOS INT 0x15 E820 memory map handler (VA-13905)

Bitdefender Napoca bare-metal hypervisor contains an out-of-bounds write vulnerability in the BIOS INT 0x15 / E820 memory map handler, implemented in napoca/guests/bioshandlers.c. The handler computes a destination offset into the guest RealModeMemory buffer from guest-controlled ES and EDI...

8.5CVSS0.00118EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/02 2:16 p.m.11 views

CVE-2026-10046 Out-of-bounds write in Napoca BIOS INT 0x15 E820 memory map handler (VA-13905)

Bitdefender Napoca bare-metal hypervisor contains an out-of-bounds write vulnerability in the BIOS INT 0x15 / E820 memory map handler, implemented in napoca/guests/bioshandlers.c. The handler computes a destination offset into the guest RealModeMemory buffer from guest-controlled ES and EDI...

8.5CVSS5.8AI score0.00118EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/02 2:16 p.m.15 views

EUVD-2026-33943

Bitdefender Napoca bare-metal hypervisor contains an out-of-bounds write vulnerability in the BIOS INT 0x15 / E820 memory map handler, implemented in napoca/guests/bioshandlers.c. The handler computes a destination offset into the guest RealModeMemory buffer from guest-controlled ES and EDI...

8.5CVSS5.8AI score0.00118EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/27 12:59 p.m.11 views

EUVD-2026-32483

In the Linux kernel, the following vulnerability has been resolved: fs: afs: revert mmapprepare change Partially reverts commit 9d5403b1036c "fs: convert most other genericfilemmap users to .mmapprepare". This is because the .mmap invocation establishes a refcount, but .mmapprepare is called at a...

5.8AI score0.00127EPSS
Exploits0References3
CVE
CVE
added 2026/05/27 12:57 p.m.36 views

CVE-2026-46063

The CVE-2026-46063 issue affects the Linux kernel with x86 shadow stack (shstk) handling of sigreturn. Root cause: during a shadow-stack sigframe read, the kernel previously held the mmap lock while verifying VMA flags to distinguish shadow stack memory. A page fault during this read could trigge...

5.5CVSS5.8AI score0.00094EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.15 views

PT-2026-43743

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the arch set shadow stack status function where error handling is insufficient. The alloc gcs function, which relies on do mmap, returns an error-encoded pointer upon...

5.9AI score0.00153EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.18 views

PT-2026-43921

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The SELinux security model for overlayfs allows access if the current task can access the top-level user file and the mounter's credentials are sufficient for the lower-level backing fil...

7.1CVSS5.9AI score0.00118EPSS
Exploits0
Cvelist
Cvelist
added 2026/05/21 12:12 p.m.52 views

CVE-2026-43497 fbdev: udlfb: add vm_ops to dlfb_ops_mmap to prevent use-after-free

In the Linux kernel, the following vulnerability has been resolved: fbdev: udlfb: add vmops to dlfbopsmmap to prevent use-after-free dlfbopsmmap uses remappfnrange to map vmalloc framebuffer pages to userspace but sets no vmops on the VMA. This means the kernel cannot track active mmaps. When...

7.3CVSS0.00113EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/05/20 2:0 p.m.11 views

kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM component. A local attacker with privileges on the host system could exploit a vulnerability in how KVM handles shadow page table entries SPTEs during memory-mapped I/O MMIO operations. By manipulating guest page table entrie...

8.1CVSS5.8AI score0.00184EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Qemu

A reachable assertion issue was detected in the USB EHCI emulation code of QEMU. This issue can occur during the processing of USB requests due to improper handling of the DMA memory map. A malicious privileged user within the guest environment may exploit this flaw to send invalid USB requests,...

3.2CVSS6.8AI score0.00357EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix potential AB/BA lock issue with buffermutex and mmaplock The syzbot tool detected a potential deadlock between the runtime-buffermutex and the mm-mmaplock. This issue arose due to the recent fix related to racy...

5.5CVSS6.1AI score0.00192EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm: hugetlb: fix UAF in hugetlbhandleuserfault The vmalock and hugetlbfaultmutex are removed before handling userfault, and reacquired again after handleuserfault. However, reacquiring the vmalock could lead to a...

6AI score0.00174EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: BPF: Use VMMAP instead of VMALLOC for the ringbuf area. After the commit 2fd3fb0be1d1 “KASAN, vmalloc: Unpoison VMALLOC pages after mapping”, non-VMALLOC mappings will be marked as accessible in getvmareanode when KASAN is enable...

7.1CVSS5.8AI score0.00238EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: monaco: Reserve a full Gunyah metadata region. We have observed spurious “Synchronous External Abort” exceptions ESR=0x96000010 and kernel crashes on Monaco-based platforms. These faults are caused by the kernel...

7.5CVSS5.7AI score0.00335EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: net/packet: fixed a slab-out-of-bounds access in packetrecvmsg syzbot found that when an AFPACKET socket uses PACKETCOPYTHRESH and mmap operations, tpacketrcv queues SkBs with garbage in skb-cb, causing an excessive copy...

5.5CVSS6AI score0.00257EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/20 12:0 a.m.18 views

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-021504)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021504 advisory. In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'getdumpable' logic The 'dumpability' of a task is fundamentally about the...

7.8CVSS6.2AI score0.0138EPSS
Exploits6References4
Rows per page
Query Builder