Lucene search
+L

91 matches found

RedHat Linux
RedHat Linux
added 4 days ago5 views

kernel: Linux kernel: netfilter: ebtables SNAT target writes to shared memory pages during ARP hardware address rewrite

A flaw was found in the Linux kernel's netfilter bridge ebtables SNAT Source Network Address Translation module. This vulnerability allows a local attacker on a system configured with specific bridge netfilter rules to improperly modify underlying memory pages during an ARP Address Resolution...

8.8CVSS6.1AI score0.00129EPSS
Exploits0References5
CVE
CVE
added 2026/06/25 8:38 a.m.16 views

CVE-2026-53185

CVE-2026-53185 concerns the Linux kernel zram subsystem. The issue is a use-after-free in zram_bvec_write_partial(), where zram_read_page() can dispatch reads asynchronously for ZRAM_WB slots and return before the backing read completes. The caller may then operate on a buffer that is freed, risk...

7.8CVSS5.8AI score0.00102EPSS
Exploits0References8Affected Software1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: The imagetkexecbuffer function does not check whether the ima-kexec-buffer of the previous kernel lies outside the addressable memory range. This can lead to a kernel panic if the new kernel is booted with the mem=X argument, and...

5.5CVSS5.7AI score0.0016EPSS
Exploits0References2
NVD
NVD
added 2026/06/19 10:16 a.m.17 views

CVE-2026-41156

Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of resources creating a write use after free scenario. A shared resource memory page managed by a CPU thread of control driver and accessed by a GPU thread of control Firmware can caus...

7.7CVSS0.0011EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/19 9:28 a.m.14 views

EUVD-2026-38002

Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of resources creating a write use after free scenario. A shared resource memory page managed by a CPU thread of control driver and accessed by a GPU thread of control Firmware can caus...

5.8AI score0.0011EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10, Linux

Several Linux PV device frontends are vulnerable to attacks by backends that use grant table interfaces to remove access rights from resources. This can lead to potential data leaks, data corruption by malicious backends, and denial of service attacks. The backends that use these interfaces may n...

7CVSS6.6AI score0.00359EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10, Linux

Several Linux PV device frontends are vulnerable to attacks by backends that use grant table interfaces to remove access rights in a way that is subject to race conditions. This can lead to potential data leaks, data corruption by malicious backends, and denial of service attacks. The blkfront,...

7CVSS6.6AI score0.00359EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/05/19 9:7 a.m.110 views

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

CVE-2026-31431 "Copy Fail" — Vulnerability Detection Script S...

7.8CVSS7.5AI score0.96267EPSS
Exploits230
Cvelist
Cvelist
added 2026/05/15 1:52 a.m.45 views

CVE-2025-29936

Improper input validation within the AMD Platform Management Framework PMF could allow an attacker to unmap arbitrary memory pages potentially impacting integrity and availability, or allowing privilege escalation resulting in loss of confidentiality...

8.4CVSS0.00104EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/15 1:52 a.m.6 views

CVE-2025-29936

Improper input validation within the AMD Platform Management Framework PMF could allow an attacker to unmap arbitrary memory pages potentially impacting integrity and availability, or allowing privilege escalation resulting in loss of confidentiality...

8.4CVSS5.9AI score0.00104EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.9 views

PT-2026-36400

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Change AMDGPU VA RESERVED TRAP SIZE to 64KB Currently, AMDGPU VA RESERVED TRAP SIZE is hardcoded to 8KB, while KFD CWSR TBA TMA SIZE is defined as 2 PAGE SIZE. On systems with 4K pages, both values match 8KB, so...

5.8AI score0.00122EPSS
Exploits0References5
CVE
CVE
added 2026/04/22 1:53 p.m.24 views

CVE-2026-31470

CVE-2026-31470 concerns the Linux kernel TDX guest path, specifically the virt: tdx-guest component. Multiple connected sources confirm a fix for handling of the host-controlled quote buffer length, where the host can set quote_buf->out_len to influence how many bytes of the quote are copied t...

7.1CVSS5.7AI score0.00125EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/04/08 12:0 a.m.4 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006770)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006770 advisory. In the Linux kernel, the following vulnerability has been resolved: VMCI: check context-notifypage after call to getuserpagesfast to avoid GPF The call to...

7.1CVSS5.8AI score0.00139EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/07 12:0 a.m.7 views

PT-2026-31035

Name of the Vulnerable Software and Affected Versions OpenSSL FIPS Module version 3.6 Description Applications utilizing AES-CFB128 encryption or decryption on systems equipped with AVX-512 and VAES support may experience an out-of-bounds read of up to 15 bytes when handling partial cipher blocks...

9.1CVSS5.8AI score0.00313EPSS
Exploits0References10
ATTACKERKB
ATTACKERKB
added 2026/03/20 8:8 a.m.10 views

CVE-2026-23277

In the Linux kernel, the following vulnerability has been resolved: net/sched: teql: fix NULL pointer dereference in iptunnelxmit on TEQL slave xmit teqlmasterxmit calls netdevstartxmitskb, slave to transmit through slave devices, but does not update skb-dev to the slave device beforehand. When a...

5.6AI score0.00122EPSS
Exploits0References9Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/01/09 12:0 a.m.15 views

Siemens SCALANCE, Ruggedcom ROX Race Condition (CVE-2022-23040)

Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Several Linux PV device frontends are using the grant table interfaces for removing access rights of the...

7CVSS6.5AI score0.00359EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/01/09 12:0 a.m.13 views

Siemens SCALANCE, Ruggedcom ROX Race Condition (CVE-2022-23039)

Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Several Linux PV device frontends are using the grant table interfaces for removing access rights of the...

7CVSS6.5AI score0.00359EPSS
Exploits0References6
NVD
NVD
added 2025/12/16 3:15 p.m.12 views

CVE-2025-68248

In the Linux kernel, the following vulnerability has been resolved: vmwballoon: indicate success when effectively deflating during migration When migrating a balloon page, we first deflate the old page to then inflate the new page. However, if inflating the new page succeeded, we effectively...

0.0015EPSS
Exploits0References2
EUVD
EUVD
added 2025/12/04 3:31 p.m.6 views

EUVD-2025-201214

In the Linux kernel, the following vulnerability has been resolved: nios2: ensure that memblock.currentlimit is set when setting pfn limits On nios2, with CONFIGFLATMEM set, the kernel relies on memblockgetcurrentlimit to determine the limits of memmap, in particular for maxlowpfn. Unfortunately,...

5.9AI score0.00179EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/21 6:30 p.m.6 views

EUVD-2022-54785

In the Linux kernel, the following vulnerability has been resolved: module: fix eshstrndx.shsize=0 OOB access It is trivial to craft a module to trigger OOB access in this line: if info-secstringsstrhdr-shsize - 1 != '\0' BUG: unable to handle page fault for address: ffffc90000aa0fff PGD 10000006...

7.1CVSS5.2AI score0.00282EPSS
Exploits0References5
Rows per page
Query Builder