Lucene search
+L

423 matches found

nvd
nvd
added last week6 views

CVE-2026-7639

Software installed and run as a non-privileged user may conduct a sequence of improper GPU system calls causing use after free, which helps in facilitating unprivileged memory access from a shader code. Triggering failure path in the MMU mapping logic by a malicious code could lead to incomplete...

7.8CVSS0.00122EPSS
Exploits0References1
cvelist
cvelist
added last week31 views

CVE-2026-7639 GPU DDK - Page UAF read in PMMETA_PROTECT heap memory

Software installed and run as a non-privileged user may conduct a sequence of improper GPU system calls causing use after free, which helps in facilitating unprivileged memory access from a shader code. Triggering failure path in the MMU mapping logic by a malicious code could lead to incomplete...

0.00122EPSS
Exploits0References1
cve
cve
added last week12 views

CVE-2026-7639

CVE-2026-7639 describes a vulnerability where software running as a non-privileged user can trigger a sequence of improper GPU system calls that cause use-after-free in the driver, enabling unprivileged access to memory from shader code. The failure path in MMU mapping can prevent complete cleanu...

7.8CVSS6.1AI score0.00122EPSS
Exploits0References1
nvd
nvd
added 2026/07/04 12:17 p.m.17 views

CVE-2026-53359

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix shadow paging use-after-free due to unexpected role Commit 0cb2af2ea66ad "KVM: x86: Fix shadow paging use-after-free due to unexpected GFN" fixed a shadow paging mismatch between stored and computed GFNs; the bug...

0.00176EPSS
Exploits5References7
oraclelinux
oraclelinux
added 2026/07/04 12:0 a.m.7 views

Unbreakable Enterprise kernel security update

5.4.17-2136.357.3.1 - KVM: x86: Fix shadow paging use-after-free due to unexpected role Paolo Bonzini Orabug: 39673892 - KVM: x86: Fix shadow paging use-after-free due to unexpected GFN Sean Christopherson Orabug: 39673892 - KVM: x86/MMU: Recursively zap nested TDP SPs when zapping last/only pare...

9.8CVSS6.3AI score0.00563EPSS
Exploits17
oraclelinux
oraclelinux
added 2026/07/03 12:0 a.m.9 views

Unbreakable Enterprise kernel security update

5.15.0-322.203.3.2 - KVM: x86/mmu: Ensure hugepage is in by slot before checking max mapping level Sean Christopherson Orabug: 39673886 - KVM: x86: Fix shadow paging use-after-free due to unexpected role Paolo Bonzini Orabug: 39673886 - KVM: x86: Fix shadow paging use-after-free due to unexpected...

9.8CVSS7.3AI score0.0053EPSS
Exploits17
attackerkb
attackerkb
added 2026/06/19 9:23 a.m.10 views

CVE-2026-34192

Software installed and run as a non-privileged user may conduct improper GPU system calls to cause an error path leading to UAF of GPU page tables. The vulnerability allows physical memory allocated for MMU page tables to be used after being freed. This was caused by an error path that would not...

5.8AI score0.0011EPSS
Exploits0References2
osv
osv
added 2026/06/10 8:40 a.m.10 views

SUSE-SU-2026:2331-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 RT kernel was updated to fix various security issues The following security issues were fixed: - CVE-2026-31405: media: dvb-net: fix OOB access in ULE extension header tables bsc1261700. - CVE-2026-31629: nfc: llcp: add missing return after LLCPCLOSED checks...

9.8CVSS5.6AI score0.00563EPSS
Exploits26References27
osv
osv
added 2026/06/09 1:16 p.m.11 views

UBUNTU-CVE-2026-46317

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Reassign nestedmmus array behind mmulock kvm-arch.nestedmmus is walked under kvm-mmulock, including from the MMU notifier path kvmunmapgfnrange - kvmnesteds2unmap, which can run at any time. kvmvcpuinitnested...

8.8CVSS5.4AI score0.0013EPSS
Exploits0References3
euvd
euvd
added 2026/06/09 11:52 a.m.11 views

EUVD-2026-35406

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Reassign nestedmmus array behind mmulock kvm-arch.nestedmmus is walked under kvm-mmulock, including from the MMU notifier path kvmunmapgfnrange - kvmnesteds2unmap, which can run at any time. kvmvcpuinitnested...

5.6AI score0.0013EPSS
Exploits0References3
cve
cve
added 2026/06/09 11:52 a.m.64 views

CVE-2026-46317

CVE-2026-46317 concerns the Linux kernel KVM on arm64. A traversal of the array kvm->arch.nested_mmus[] occurs under kvm->mmu_lock, while kvm_vcpu_init_nested() reallocates the array and frees the old buffer with only kvm->arch.config_lock held. The fix moves the allocation outside the m...

8.8CVSS5.6AI score0.0013EPSS
Exploits0References3Affected Software1
cvelist
cvelist
added 2026/06/09 11:52 a.m.40 views

CVE-2026-46317 KVM: arm64: Reassign nested_mmus array behind mmu_lock

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Reassign nestedmmus array behind mmulock kvm-arch.nestedmmus is walked under kvm-mmulock, including from the MMU notifier path kvmunmapgfnrange - kvmnesteds2unmap, which can run at any time. kvmvcpuinitnested...

8.8CVSS0.0013EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/06/09 12:0 a.m.24 views

PT-2026-47754

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the KVM arm64 component where the kvm-arch.nested mmus array is accessed under the kvm-mmu lock, including within the MMU notifier path via the functions kvm unmap gfn...

9.8CVSS5.5AI score0.00467EPSS
Exploits1References191
nvd
nvd
added 2026/05/28 10:16 a.m.83 views

CVE-2026-46113

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix shadow paging use-after-free due to unexpected GFN The shadow MMU computes GFNs for direct shadow pages using sp-gfn plus the SPTE index. This assumption breaks for shadow paging if the guest page tables are modifie...

8.8CVSS0.00126EPSS
Exploits0References6
astralinux
astralinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: fs/proc/taskmmu: The issue of losing the “young/dirty” bits during the pagemap scan has been fixed. The function makeuffdwpwppte used to perform these operations was previously executed as follows: c pte = ptepgetptep;...

4.7CVSS5.7AI score0.00176EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: lib/Kconfig.debug: TESTIOVITER depends on MMU. Attempting to run the ioviter unit test on a nommu system, such as the qemu kc705-nommu emulation, results in a crash. KTAP version 1 Subtest: ioviter Module: kunitioviter 1..9 BUG:...

5.5CVSS5.4AI score0.00246EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: mmmremap.c: Avoid unnecessary calls to invalidrangestart/invalidaterangeend when using mremap with oldsize=0. If the mremap system call with oldsize=0 ends up in movepagetables, it will unnecessarily call...

5.5CVSS5.8AI score0.00237EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

A race condition was detected in the fs/proc/taskmmu.c file, which is part of the memory management sub-component in the Linux kernel. This issue may allow a local attacker with user privileges to cause a denial of service...

4.7CVSS6.7AI score0.00131EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.10 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: arm: pgtable: Fix for NULL pointer dereference issue. When updatemmucacherange is called by updatemmucache, the vmf parameter is NULL, which can lead to a NULL pointer dereference issue in adjustpte. It is not possible to handle...

5.5CVSS5.7AI score0.00159EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/panfrost: Fixed the error path in panfrostmmumapfaultaddr Subject: PATCH drm/panfrost: Fixed the error path in panfrostmmumapfaultaddr If some of the page allocations fail, we should not release the previous references to tho...

5.5CVSS6.1AI score0.00237EPSS
Exploits0References2
Rows per page
Query Builder