Lucene search
K

603 matches found

RedHat Linux
RedHat Linux
added 2026/01/26 2:32 p.m.3 views

kernel: drm/xe: Use local fence in error path of xe_migrate_clear

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Use local fence in error path of xemigrateclear The intent of the error path in xemigrateclear is to wait on locally generated fence and then return. The code is waiting on m-fence which could be the local fence but this ...

7.8CVSS5.7AI score0.00237EPSS
Exploits0References5
OSV
OSV
added 2026/01/22 8:28 p.m.5 views

GHSA-FCV2-XGW5-PQXF sigstore legacy TUF client allows for arbitrary file writes with target cache path traversal

Summary The legacy TUF client pkg/tuf/client.go, which supports caching target files to disk, constructs a filesystem path by joining a cache base directory with a target name sourced from signed target metadata, but it does not validate that the resulting path stays within the cache base...

5.8CVSS5.8AI score0.0037EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.6 views

Azure Linux 3.0 Security Update: kernel (CVE-2024-56611)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-56611 advisory. - In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix migratetonode assuming...

5.5CVSS6.7AI score0.00202EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.8 views

MiracleLinux 7 : pcp-4.3.2-12.el7 (AXSA:2020-703:06)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-703:06 advisory. pcp: Local privilege escalation in pcp spec file %post section CVE-2019-3695 A Improper Control of Generation of Code vulnerability in the packaging ...

8.4CVSS5.9AI score0.00475EPSS
Exploits2References3
RedHat Linux
RedHat Linux
added 2026/01/19 12:45 a.m.5 views

kernel: drm/xe: Use local fence in error path of xe_migrate_clear

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Use local fence in error path of xemigrateclear The intent of the error path in xemigrateclear is to wait on locally generated fence and then return. The code is waiting on m-fence which could be the local fence but this ...

7.8CVSS5.7AI score0.00237EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/01/19 12:0 a.m.25 views

RHEL 10 : kernel (RHSA-2026:0747)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:0747 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: drm/xe: Use local fence in...

7.8CVSS7.7AI score0.00237EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.3 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004476)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004476 advisory. An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after- free because the ctx is reached via the ctxlist in some...

7.8CVSS6.6AI score0.01476EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.4 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003221)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003221 advisory. net/xfrm/xfrmpolicy.c in the Linux kernel through 4.12.3, when CONFIGXFRMMIGRATE is enabled, does not ensure that the dir value of xfrmuserpolicyid is XFRMPOLICYMAX ...

7CVSS7AI score0.00406EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.2 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002627)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002627 advisory. The tracewritebackdirtypage implementation in include/trace/events/writeback.h in the Linux kernel before 4.4 improperly interacts with mm/migrate.c, which allows...

7.8CVSS7.6AI score0.00419EPSS
Exploits0References17
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.2 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002685)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002685 advisory. net/xfrm/xfrmpolicy.c in the Linux kernel through 4.12.3, when CONFIGXFRMMIGRATE is enabled, does not ensure that the dir value of xfrmuserpolicyid is XFRMPOLICYMAX ...

7CVSS7AI score0.00406EPSS
Exploits0References12
OSV
OSV
added 2026/01/14 3:16 p.m.2 views

UBUNTU-CVE-2025-71134

In the Linux kernel, the following vulnerability has been resolved: mm/pagealloc: change all pageblocks migrate type on coalescing When a page is freed it coalesces with a buddy into a higher order page while possible. When the buddy page migrate type differs, it is expected to be updated to matc...

5.5CVSS5.7AI score0.00115EPSS
Exploits0References10
OSV
OSV
added 2026/01/14 3:7 p.m.2 views

CVE-2025-71134 mm/page_alloc: change all pageblocks migrate type on coalescing

In the Linux kernel, the following vulnerability has been resolved: mm/pagealloc: change all pageblocks migrate type on coalescing When a page is freed it coalesces with a buddy into a higher order page while possible. When the buddy page migrate type differs, it is expected to be updated to matc...

5.5CVSS5.3AI score0.00115EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/01/14 3:7 p.m.3 views

CVE-2025-71134

In the Linux kernel, the following vulnerability has been resolved: mm/pagealloc: change all pageblocks migrate type on coalescing When a page is freed it coalesces with a buddy into a higher order page while possible. When the buddy page migrate type differs, it is expected to be updated to matc...

5.2AI score0.00115EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/01/14 3:7 p.m.15 views

CVE-2025-71134

CVE-2025-71134: In the Linux kernel, mm/page_alloc: when coalescing pages, the migrate type of all pageblocks is not updated, updating only the first pageblock causes inconsistency between the page and its pageblocks. This triggers warnings in expand() and related paths. The issue is resolved in ...

5.5CVSS6.1AI score0.00115EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/01/14 3:7 p.m.25 views

CVE-2025-71134 mm/page_alloc: change all pageblocks migrate type on coalescing

In the Linux kernel, the following vulnerability has been resolved: mm/pagealloc: change all pageblocks migrate type on coalescing When a page is freed it coalesces with a buddy into a higher order page while possible. When the buddy page migrate type differs, it is expected to be updated to matc...

0.00115EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-71134

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mm/pagealloc: change all pageblocks migrate type on coalescing When a page is freed it...

5.5CVSS5.9AI score0.00115EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/01/13 2:1 p.m.3 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: arm64: mte: Do not issue a warning if the page is already tagged during copyhighpage. The arm64 copyhighpage function assumes that the destination page has been newly allocated and is not tagged with PGmtetagged. It issues a...

5.6AI score0.00166EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/01/08 10:4 p.m.42 views

JavaScript SDK v2 users should add validation to the region parameter value in or migrate to v3

CVSSv3.1 Rating: 3.7 LOW Summary This notification is related to the use of specific values for the region input field when calling AWS services. An actor with access to the environment in which the SDK is used could set the region input field to an invalid value. Per the AWS shared responsibilit...

6.6AI score
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/01/08 12:0 a.m.6 views

PT-2026-3412

CVSSv3.1 Rating: 3.7 LOW Summary This notification is related to the use of specific values for the region input field when calling AWS services. An actor with access to the environment in which the SDK is used could set the region input field to an invalid value. Per the AWS shared responsibilit...

3.7CVSS6.6AI score
Exploits0References3
OSV
OSV
added 2026/01/05 6:49 p.m.6 views

GHSA-V64R-7WG9-23PR Unauthenticated Craft CMS users can trigger a database backup

Unauthenticated users can trigger database backup operations the updater/backup action, potentially leading to resource exhaustion or information disclosure. Users should update to the patched versions 5.8.21 and 4.16.17 to mitigate the issue. Craft 3 users should update to the latest Craft 4 and...

8.3CVSS6.6AI score0.00471EPSS
Exploits1References5
Rows per page
Query Builder