CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

AstraLinux•added 2026/05/20 5:53 a.m.•6 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: 9p: Fixed the fid refcount leak in v9fsvfsatomicopendotl. We need to release the directory fid if we fail at any point during the open operation. This fix addresses the issue of fid leaking during xfstests with the generic test 5...

5.5CVSS6.1AI score0.00143EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•4 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: 9p: Fixed the fid refcount leak in v9fsvfsgetlink. We now check for protocol versions that are later than required, after a fid has been obtained. Simply move the version check to an earlier stage...

5.5CVSS6.2AI score0.00111EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•1 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/9p: Fixed buffer overflow in the USB transport layer. There is a buffer overflow vulnerability in the USB 9pfs transport layer. In this case, inconsistencies in size validation between packet header parsing and actual data...

6AI score0.00028EPSS

Tenable Nessus•added 2026/05/20 12:0 a.m.•3 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021528)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021528 advisory. In the Linux kernel, the following vulnerability has been resolved: 9p: set req refcount to zero to avoid uninitialized usage When a new request is allocated, the...

5.5CVSS5.8AI score0.00022EPSS

Exploits0References4

EUVD•added 2026/05/06 12:30 p.m.•0 views

EUVD-2026-27808

In the Linux kernel, the following vulnerability has been resolved: 9p/xen: protect xen9pfsfrontfree against concurrent calls The xenwatch thread can race with other back-end change notifications and call xen9pfsfrontfree twice, hitting the observed general protection fault due to a double-free...

5.8AI score0.00021EPSS

Exploits0References5

NVD•added 2026/05/06 12:16 p.m.•0 views

CVE-2026-43249

8.8CVSS0.00021EPSS

Exploits0References4

Debian CVE•added 2026/05/06 11:28 a.m.•1 views

CVE-2026-43249

8.8CVSS5.7AI score0.00021EPSS

Exploits0

Positive Technologies•added 2026/05/06 12:0 a.m.•3 views

PT-2026-37589

In the Linux kernel, the following vulnerability has been resolved: 9p/xen: protect xen 9pfs front free against concurrent calls The xenwatch thread can race with other back-end change notifications and call xen 9pfs front free twice, hitting the observed general protection fault due to a...

5.8AI score0.00021EPSS

Exploits0References5

AstraLinux•added 2026/05/03 11:59 p.m.•4 views

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net/9p: use a dedicated spinlock for transfd Shamelessly copying the explanation from Tetsuo Handa's suggested patch1 slightly reworded: syzbot is reporting inconsistent lock state in p9reqput2, for p9tagremove from p9reqput from...

5.5CVSS6.4AI score0.00033EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•4 views

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: 9p/transfd: always use ONONBLOCK read/write syzbot is reporting hung task at p9fdclose 1, for p9muxpollstop from p9conndestroy from p9fdclose is failing to interrupt already started kernelread from p9fdread from p9readwork and/or...

5.5CVSS6.3AI score0.00051EPSS

5.5CVSS5.8AI score0.00015EPSS

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: netfs: Fix NULL pointer dereference in netfsunbufferedwrite on retry When a write subrequest is marked NETFSSREQNEEDRETRY, the retry path in netfsunbufferedwrite unconditionally calls stream-preparewrite without checking if it is...

5.5CVSS6.2AI score0.00014EPSS

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerabilities have been resolved: net/9p: A potential socket leak has been fixed in p9socketopen. Both p9fdcreatetcp and p9fdcreateunix will call p9socketopen. If the creation of p9transfd fails, both p9fdcreatetcp and p9fdcreateunix will return an error...

AstraLinux•added 2026/05/03 11:59 p.m.•1 views

Astra Linux - уязвимость в qemu

A race condition flaw was discovered in the 9pfs server implementation of QEMU, up to and including version 5.2.0. This flaw allows a malicious 9p client to cause a use-after-free error, potentially escalating their privileges on the system. The greatest threat posed by this vulnerability is to...

7.5CVSS6.8AI score0.00074EPSS

5.5CVSS5.9AI score0.00049EPSS

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: 9p: transfd/p9conncancel: drop client lock earlier syzbot reported a double-lock here and we no longer need this lock after requests have been moved off to local list: just drop the lock earlier...

5.5CVSS5.8AI score0.00074EPSS

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: lib/ioviter: fixed to increase the refcount of non-slab folio pages. When testing EROFS file-backed mounting over v9fs on Qemu, I encountered a Folio UAF issue. The page sanity check reported the following call trace. The root...

AstraLinux•added 2026/05/03 11:59 p.m.•0 views

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: net/9p: Fixed an issue related to uninit-value in p9clientrpc. Syzbot, with the help of KMSAN, reported the following errors: BUG: KMSAN: uninit-value in trace9pclientres, include/trace/events/9p.h:146 inline BUG: KMSAN:...

5.5CVSS6.4AI score0.00028EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•1 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: netfs: Fix kernel BUG in netfslimititer for ITERKVEC iterators When a process crashes and the kernel writes a core dump to a 9P filesystem, kernelwrite creates an ITERKVEC iterator. This iterator reaches netfslimititer via...

5.5CVSS5.8AI score0.00015EPSS

7.1CVSS6.2AI score0.00055EPSS

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: 9p/net: fixed improper handling of bogus negative read/write responses. In p9clientwrite and p9clientreadonce, if the server incorrectly responds with a success message but a negative write/read count, then we would consider the...

5.5CVSS6.2AI score0.00017EPSS

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: fs/9p: Fixed the issue of NULL pointer dereferencing when using mkdir. When a 9p tree was mounted with the posixacl option, the parent directory had a default ACL set for its subdirectories. For example: setfacl -m...