CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

61 matches found

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: KVM: guestmemfd: Remove bindings on memslot deletion when gmem is dying When unbinding a memslot from a guestmemfd instance, remove the bindings even if the guestmemfd file is dying, i.e., even if its file refcount has gone to...

5.9AI score0.00024EPSS

Exploits0References2

AstraLinux•added 2026/05/20 5:53 a.m.•1 views

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: kvm: Avoid speculative attacks from out-of-range memslot accesses. KVM’s mechanism for accessing guest memory converts a guest physical address gpa to a host virtual address using the right-shifted gpa also known as gfn and a...

7.1CVSS6.3AI score0.00016EPSS

Exploits0References2

SUSE CVE•added 2026/05/09 2:40 a.m.•6 views

SUSE CVE-2026-43214

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Add SRCU protection for reading PDPTRs in getsregs2 Add SRCU read-side protection when reading PDPTR registers in getsregs2. Reading PDPTRs may trigger access to guest memory: kvmpdptrread - svmcachereg - loadpdptrs -...

7CVSS5.7AI score0.00013EPSS

Exploits0References18

AstraLinux•added 2026/05/03 11:59 p.m.•1 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: KVM: Disallowed toggling KVMMEMGUESTMEMFD on an existing memslot. Rejected attempts to disable KVMMEMGUESTMEMFD on a memslot that was initially created with a guestmemfd binding. KVM does not support toggling KVMMEMGUESTMEMFD ...

6AI score0.00032EPSS

Exploits0References1

Tenable Nessus•added 2026/01/20 12:0 a.m.•2 views

MiracleLinux 4 : spice-server-0.12.4-16.AXS4.3 (AXSA:2019-3705:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2019-3705:01 advisory. spice: Off-by-one error in array access in spice/server/memslot.c CVE-2019-3813 Tenable has extracted the preceding description block directly from the...

7.5CVSS5.6AI score0.00256EPSS

Exploits0References2

Tenable Nessus•added 2026/01/16 12:0 a.m.•2 views

MiracleLinux 7 : spice-0.14.0-6.el7.1 (AXSA:2019-3720:03)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2019-3720:03 advisory. spice: Off-by-one error in array access in spice/server/memslot.c CVE-2019-3813 Tenable has extracted the preceding description block directly from the...

7.5CVSS7AI score0.00256EPSS

Exploits0References2

RedhatCVE•added 2026/01/15 5:22 p.m.•1 views

CVE-2025-68810

In the Linux kernel, the following vulnerability has been resolved: KVM: Disallow toggling KVMMEMGUESTMEMFD on an existing memslot Reject attempts to disable KVMMEMGUESTMEMFD on a memslot that was initially created with a guestmemfd binding, as KVM doesn't support toggling KVMMEMGUESTMEMFD on...

5.8AI score0.00032EPSS

Exploits0References4

SUSE CVE•added 2026/01/15 12:25 a.m.•1 views

SUSE CVE-2025-68810

5.5CVSS6.4AI score0.00032EPSS

Exploits0References19

NVD•added 2026/01/13 4:16 p.m.•2 views

CVE-2025-68810

0.00032EPSS

Exploits0References3

UbuntuCve•added 2026/01/13 4:16 p.m.•1 views

CVE-2025-68810

5.9AI score0.00032EPSS

Exploits0References24

CVE•added 2026/01/13 3:29 p.m.•7 views

CVE-2025-68810

The CVE describes a Linux kernel KVM memory-m slot issue: once a memslot is created with a guest_memfd binding, toggling the KVM_MEM_GUEST_MEMFD flag on that existing slot is not supported. Enables are blocked, but clearing the flag is not, which can lead to a use-after-free when KVM fails to unb...

6AI score0.00032EPSS

Exploits0References3

SUSE CVE•added 2025/12/08 12:23 a.m.•1 views

SUSE CVE-2025-40274

In the Linux kernel, the following vulnerability has been resolved: KVM: guestmemfd: Remove bindings on memslot deletion when gmem is dying When unbinding a memslot from a guestmemfd instance, remove the bindings even if the guestmemfd file is dying, i.e. even if its file refcount has gone to zer...

5.5CVSS6.6AI score0.00024EPSS

Exploits0References20

Tenable Nessus•added 2025/12/08 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2025-40274

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KVM: guestmemfd: Remove bindings on memslot deletion when gmem is dying When unbinding a memslot from a guestmemfd instance, remove the bindings even if the...

5.9AI score0.00024EPSS

Exploits0References2

RedhatCVE•added 2025/12/07 9:55 p.m.•2 views

CVE-2025-40274

5.8AI score0.00024EPSS

Exploits0References4

EUVD•added 2025/12/07 12:30 a.m.•2 views

EUVD-2025-201581

6.1AI score0.00024EPSS

Exploits0References4

OSV•added 2025/12/06 10:15 p.m.•3 views

DEBIAN-CVE-2025-40274

5.4AI score0.00024EPSS

Exploits0References1

NVD•added 2025/12/06 10:15 p.m.•2 views

CVE-2025-40274

0.00024EPSS

Exploits0References3

OSV•added 2025/12/06 10:15 p.m.•0 views

UBUNTU-CVE-2025-40274

5.7AI score0.00024EPSS

Exploits0References11

Cvelist•added 2025/12/06 9:50 p.m.•12 views

CVE-2025-40274 KVM: guest_memfd: Remove bindings on memslot deletion when gmem is dying

0.00024EPSS

Exploits0References3

CVE•added 2025/12/06 9:50 p.m.•18 views

CVE-2025-40274

CVE-2025-40274: Linux kernel KVM guest_memfd memslot binding uses-after-free when gmem dies. The fix removes bindings on memslot deletion even if the guest_memfd file is dying, preventing writes to freed memory (KASAN). Upstream/SUSE advisories (e.g., SUSE-SU-2026:20220-1) indicate the kernel has...

6.2AI score0.00024EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by