Lucene search
K

173 matches found

Cvelist
Cvelist
added 2 days ago28 views

CVE-2026-10667 SMP use-after-free in Zephyr `CONFIG_USERSPACE` dynamic kernel-object tracking, reachable from unprivileged user threads

Zephyr's dynamic kernel-object tracking kernel/userspace/userspace.c, formerly kernel/userspace.c maintains a doubly-linked list objlist of dynamically allocated kernel objects. Iteration over this list in kobjectwordlistforeach was performed under listslock using the SAFE iterator which caches t...

7.8CVSS0.00103EPSS
Exploits0References2
OSV
OSV
added 2026/06/29 11:50 a.m.7 views

PYSEC-2026-356 imgaug contains an insecure deserialization vulnerability in BackgroundAugmenter class within multicore.py module

The imgaug library thru 0.4.0 contains an insecure deserialization vulnerability in its BackgroundAugmenter class within the multicore.py module. The class uses Python's pickle module to deserialize data received via a multiprocessing queue in the augmentimagesworker method without any safety...

9.8CVSS6.6AI score0.00472EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/27 12:57 p.m.9 views

CVE-2026-46063

In the Linux kernel, the following vulnerability has been resolved: x86/shstk: Prevent deadlock during shstk sigreturn During sigreturn the shadow stack signal frame is popped. The kernel does this by reading the shadow stack using normal read accesses. When it can't assume the memory is shadow...

5.8AI score0.00094EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2026/05/18 6:17 p.m.17 views

CVE-2026-32848

NetBSD prior to commit ec8451e contains a race condition vulnerability in cryptodevop within the opencrypto subsystem that allows local attackers to trigger a double-free condition by concurrently issuing CIOCCRYPT operations on the same session identifier on SMP systems. Attackers can exploit...

5.7CVSS0.00082EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/18 5:52 p.m.14 views

EUVD-2026-30791

NetBSD prior to commit ec8451e contains a race condition vulnerability in cryptodevop within the opencrypto subsystem that allows local attackers to trigger a double-free condition by concurrently issuing CIOCCRYPT operations on the same session identifier on SMP systems. Attackers can exploit...

5.7CVSS5.8AI score0.00082EPSS
Exploits0References3
Fedora
Fedora
added 2026/05/18 12:45 a.m.19 views

[SECURITY] Fedora 44 Update: open-amp-2026.04.0-1.fc44

The OpenAMP framework provides software components that enable development of software applications for Asymmetric Multiprocessing AMP systems...

9.8CVSS5.8AI score0.00253EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/18 12:0 a.m.17 views

PT-2026-41713

Name of the Vulnerable Software and Affected Versions NetBSD versions prior to commit ec8451e Description A race condition in the cryptodev op function within the opencrypto subsystem allows local attackers to trigger a double-free condition on SMP Symmetric Multiprocessing systems. This occurs...

5.7CVSS5.8AI score0.00082EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/05/15 1:57 a.m.10 views

CVE-2026-31235

The imgaug library thru 0.4.0 contains an insecure deserialization vulnerability in its BackgroundAugmenter class within the multicore.py module. The class uses Python's pickle module to deserialize data received via a multiprocessing queue in the augmentimagesworker method without any safety...

9.8CVSS6.5AI score0.00472EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/05/12 6:30 p.m.9 views

imgaug contains an insecure deserialization vulnerability in BackgroundAugmenter class within multicore.py module

The imgaug library thru 0.4.0 contains an insecure deserialization vulnerability in its BackgroundAugmenter class within the multicore.py module. The class uses Python's pickle module to deserialize data received via a multiprocessing queue in the augmentimagesworker method without any safety...

9.8CVSS6.5AI score0.00472EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/05/12 6:30 p.m.6 views

GHSA-G82G-J283-HJ97 imgaug contains an insecure deserialization vulnerability in BackgroundAugmenter class within multicore.py module

The imgaug library thru 0.4.0 contains an insecure deserialization vulnerability in its BackgroundAugmenter class within the multicore.py module. The class uses Python's pickle module to deserialize data received via a multiprocessing queue in the augmentimagesworker method without any safety...

9.8CVSS6.5AI score0.00472EPSS
Exploits0References3
NVD
NVD
added 2026/05/12 6:16 p.m.10 views

CVE-2026-31235

The imgaug library thru 0.4.0 contains an insecure deserialization vulnerability in its BackgroundAugmenter class within the multicore.py module. The class uses Python's pickle module to deserialize data received via a multiprocessing queue in the augmentimagesworker method without any safety...

9.8CVSS0.00472EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/12 12:0 a.m.35 views

CVE-2026-31235

The imgaug library thru 0.4.0 contains an insecure deserialization vulnerability in its BackgroundAugmenter class within the multicore.py module. The class uses Python's pickle module to deserialize data received via a multiprocessing queue in the augmentimagesworker method without any safety...

0.00472EPSS
Exploits0References2
CVE
CVE
added 2026/05/12 12:0 a.m.40 views

CVE-2026-31235

The CVE-2026-31235 issue affects the imgaug library up to version 0.4.0, specifically the BackgroundAugmenter class in multicore.py. The vulnerability arises from deserializing data with Python pickle via a multiprocessing queue in the _augment_images_worker method without safety checks. An attac...

9.8CVSS6.5AI score0.00472EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.14 views

PT-2026-40122

Name of the Vulnerable Software and Affected Versions imgaug versions prior to 0.4.0 Description Insecure deserialization occurs in the BackgroundAugmenter class within the multicore.py module. The augment images worker function uses Python's pickle module to deserialize data from a multiprocessi...

9.8CVSS6.4AI score0.00472EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/05/06 11:28 a.m.51 views

CVE-2026-43258 alpha: fix user-space corruption during memory compaction

In the Linux kernel, the following vulnerability has been resolved: alpha: fix user-space corruption during memory compaction Alpha systems can suffer sporadic user-space crashes and heap corruption when memory compaction is enabled. Symptoms include SIGSEGV, glibc allocator failures e.g...

7.8CVSS0.00138EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/01/31 11:42 a.m.33 views

CVE-2026-23025 mm/page_alloc: prevent pcp corruption with SMP=n

In the Linux kernel, the following vulnerability has been resolved: mm/pagealloc: prevent pcp corruption with SMP=n The kernel test robot has reported: BUG: spinlock trylock failure on UP on CPU0, kcompactd0/28 lock: 0xffff888807e35ef0, .magic: dead4ead, .owner: kcompactd0/28, .ownercpu: 0 CPU: 0...

0.00184EPSS
Exploits0References5
EUVD
EUVD
added 2026/01/31 11:42 a.m.7 views

EUVD-2026-5069

In the Linux kernel, the following vulnerability has been resolved: mm/pagealloc: prevent pcp corruption with SMP=n The kernel test robot has reported: BUG: spinlock trylock failure on UP on CPU0, kcompactd0/28 lock: 0xffff888807e35ef0, .magic: dead4ead, .owner: kcompactd0/28, .ownercpu: 0 CPU: 0...

5.8AI score0.00184EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/01/31 11:42 a.m.9 views

CVE-2026-23025

In the Linux kernel, the following vulnerability has been resolved: mm/pagealloc: prevent pcp corruption with SMP=n The kernel test robot has reported: BUG: spinlock trylock failure on UP on CPU0, kcompactd0/28 lock: 0xffff888807e35ef0, .magic: dead4ead, .owner: kcompactd0/28, .ownercpu: 0 CPU: 0...

5.8AI score0.00184EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2026/01/31 11:42 a.m.3 views

CVE-2026-23025 mm/page_alloc: prevent pcp corruption with SMP=n

In the Linux kernel, the following vulnerability has been resolved: mm/pagealloc: prevent pcp corruption with SMP=n The kernel test robot has reported: BUG: spinlock trylock failure on UP on CPU0, kcompactd0/28 lock: 0xffff888807e35ef0, .magic: dead4ead, .owner: kcompactd0/28, .ownercpu: 0 CPU: 0...

7.8CVSS5.8AI score0.00184EPSS
Exploits0References9
Debian CVE
Debian CVE
added 2026/01/31 11:42 a.m.5 views

CVE-2026-23025

In the Linux kernel, the following vulnerability has been resolved: mm/pagealloc: prevent pcp corruption with SMP=n The kernel test robot has reported: BUG: spinlock trylock failure on UP on CPU0, kcompactd0/28 lock: 0xffff888807e35ef0, .magic: dead4ead, .owner: kcompactd0/28, .ownercpu: 0 CPU: 0...

7.8CVSS5.4AI score0.00184EPSS
Exploits0
Rows per page
Query Builder