90 matches found
CVE-2026-53185
CVE-2026-53185 concerns the Linux kernel zram subsystem. The issue is a use-after-free in zram_bvec_write_partial() where an asynchronous read path can continue after the buffer is freed. zram_read_page() selects the sync or async read path based on whether the parent bio is NULL; zram_bvec_write...
Astra Linux – Vulnerability in Linux 5.10, Linux
Several Linux PV device frontends are vulnerable to attacks by backends that use grant table interfaces to remove access rights from resources. This can lead to potential data leaks, data corruption by malicious backends, and denial of service attacks. The backends that use these interfaces may n...
CVE-2026-41156
Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of resources creating a write use after free scenario. A shared resource memory page managed by a CPU thread of control driver and accessed by a GPU thread of control Firmware can caus...
EUVD-2026-38002
Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of resources creating a write use after free scenario. A shared resource memory page managed by a CPU thread of control driver and accessed by a GPU thread of control Firmware can caus...
Astra Linux - уязвимость в linux-5.10, linux
Several Linux PV device frontends are vulnerable to attacks by backends that use grant table interfaces to remove access rights from resources. This can lead to potential data leaks, data corruption by malicious backends, and denial of service attacks. The backends that use these interfaces may n...
Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel
CVE-2026-31431 "Copy Fail" — Vulnerability Detection Script S...
CVE-2025-29936
Improper input validation within the AMD Platform Management Framework PMF could allow an attacker to unmap arbitrary memory pages potentially impacting integrity and availability, or allowing privilege escalation resulting in loss of confidentiality...
CVE-2025-29936
Improper input validation within the AMD Platform Management Framework PMF could allow an attacker to unmap arbitrary memory pages potentially impacting integrity and availability, or allowing privilege escalation resulting in loss of confidentiality...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: The imagetkexecbuffer function does not check whether the ima-kexec-buffer of the previous kernel lies outside the addressable memory range. This can lead to a kernel panic if the new kernel is booted with the mem=X argument, and...
PT-2026-36400
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Change AMDGPU VA RESERVED TRAP SIZE to 64KB Currently, AMDGPU VA RESERVED TRAP SIZE is hardcoded to 8KB, while KFD CWSR TBA TMA SIZE is defined as 2 PAGE SIZE. On systems with 4K pages, both values match 8KB, so...
CVE-2026-31470
CVE-2026-31470 concerns the Linux kernel TDX guest path, specifically the virt: tdx-guest component. Multiple connected sources confirm a fix for handling of the host-controlled quote buffer length, where the host can set quote_buf->out_len to influence how many bytes of the quote are copied t...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006770)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006770 advisory. In the Linux kernel, the following vulnerability has been resolved: VMCI: check context-notifypage after call to getuserpagesfast to avoid GPF The call to...
PT-2026-31035
Name of the Vulnerable Software and Affected Versions OpenSSL FIPS Module version 3.6 Description Applications utilizing AES-CFB128 encryption or decryption on systems equipped with AVX-512 and VAES support may experience an out-of-bounds read of up to 15 bytes when handling partial cipher blocks...
CVE-2026-23277
In the Linux kernel, the following vulnerability has been resolved: net/sched: teql: fix NULL pointer dereference in iptunnelxmit on TEQL slave xmit teqlmasterxmit calls netdevstartxmitskb, slave to transmit through slave devices, but does not update skb-dev to the slave device beforehand. When a...
Siemens SCALANCE, Ruggedcom ROX Race Condition (CVE-2022-23039)
Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Several Linux PV device frontends are using the grant table interfaces for removing access rights of the...
Siemens SCALANCE, Ruggedcom ROX Race Condition (CVE-2022-23040)
Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Several Linux PV device frontends are using the grant table interfaces for removing access rights of the...
CVE-2025-68248
In the Linux kernel, the following vulnerability has been resolved: vmwballoon: indicate success when effectively deflating during migration When migrating a balloon page, we first deflate the old page to then inflate the new page. However, if inflating the new page succeeded, we effectively...
EUVD-2025-201214
In the Linux kernel, the following vulnerability has been resolved: nios2: ensure that memblock.currentlimit is set when setting pfn limits On nios2, with CONFIGFLATMEM set, the kernel relies on memblockgetcurrentlimit to determine the limits of memmap, in particular for maxlowpfn. Unfortunately,...
EUVD-2022-54785
In the Linux kernel, the following vulnerability has been resolved: module: fix eshstrndx.shsize=0 OOB access It is trivial to craft a module to trigger OOB access in this line: if info-secstringsstrhdr-shsize - 1 != '\0' BUG: unable to handle page fault for address: ffffc90000aa0fff PGD 10000006...
CVE-2025-0033
Improper access control within AMD SEV-SNP could allow an admin privileged attacker to write to the RMP during SNP initialization, potentially resulting in a loss of SEV-SNP guest memory integrity...