Lucene search
K

99 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-53031

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Validate nodeid in arenaallocpages arenaallocpages accepts a plain int nodeid and forwards it through the entire allocation chain without any bounds...

7.8CVSS6AI score0.00128EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/25 6:17 p.m.5 views

CVE-2026-53031

A flaw was found in the Linux kernel. The arenaallocpages function within the Berkeley Packet Filter BPF subsystem does not properly validate the nodeid parameter. A local attacker could exploit this vulnerability by supplying an invalid nodeid, which is then used without bounds checking during...

7.8CVSS5.8AI score0.00128EPSS
Exploits0References4
OSV
OSV
added 2026/06/25 9:16 a.m.4 views

UBUNTU-CVE-2026-53243

In the Linux kernel, the following vulnerability has been resolved: rseq: Fix using an uninitialized stack variable in rseqexituserupdate There is an bug in which an uninitialized stack variable is used in rseqexituserupdate as reported by syzbot: BUG: KMSAN: kernel-infoleak in rseqsetidsgetcsadd...

5.5CVSS5.7AI score0.00112EPSS
Exploits0References5
CVE
CVE
added 2026/06/25 8:39 a.m.37 views

CVE-2026-53243

CVE-2026-53243 affects the Linux kernel component related to RSEQ (rseq_exit_user_update). The issue is an uninitialized stack variable used in the initialization of the struct rseq_ids, where ids.node_id is derived from ids.cpu_id before it is initialized, enabling potential information leakage....

5.5CVSS5.7AI score0.00112EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/25 8:39 a.m.4 views

CVE-2026-53243 rseq: Fix using an uninitialized stack variable in rseq_exit_user_update()

In the Linux kernel, the following vulnerability has been resolved: rseq: Fix using an uninitialized stack variable in rseqexituserupdate There is an bug in which an uninitialized stack variable is used in rseqexituserupdate as reported by syzbot: BUG: KMSAN: kernel-infoleak in rseqsetidsgetcsadd...

5.5CVSS5.8AI score0.00112EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.14 views

PT-2026-52338

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists where an uninitialized stack variable is used within the rseq exit user update function. This occurs because the evaluation order of expressions in an initializer list is...

5.5CVSS6AI score0.00112EPSS
Exploits0References13
EUVD
EUVD
added 2026/06/24 6:32 p.m.4 views

EUVD-2026-38899

In the Linux kernel, the following vulnerability has been resolved: bpf: Validate nodeid in arenaallocpages arenaallocpages accepts a plain int nodeid and forwards it through the entire allocation chain without any bounds checking. Validate nodeid before passing it down the allocation chain in...

5.7AI score0.00128EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/24 4:29 p.m.28 views

CVE-2026-53031 bpf: Validate node_id in arena_alloc_pages()

In the Linux kernel, the following vulnerability has been resolved: bpf: Validate nodeid in arenaallocpages arenaallocpages accepts a plain int nodeid and forwards it through the entire allocation chain without any bounds checking. Validate nodeid before passing it down the allocation chain in...

7.8CVSS0.00128EPSS
Exploits0References4
CVE
CVE
added 2026/06/24 4:29 p.m.5 views

CVE-2026-53031

The CVE-2026-53031 issue affects the Linux kernel BPF unit: arena_alloc_pages() accepts a plain int node_id and forwards it through the allocation chain without bounds checks. A fix validates node_id before passing it down, mitigating potential memory corruption that could lead to DoS or instabil...

7.8CVSS5.7AI score0.00128EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.7 views

PT-2026-51925

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the BPF Berkeley Packet Filter subsystem where the arena alloc pages function accepts an integer node id and forwards it through the allocation chain without performin...

7.8CVSS5.8AI score0.00128EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/06/03 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-46020

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/damon/core: validate damosquotagoal-nid for nodememused,freebp Patch series mm/damon/core: validate damosquotagoal-nid. nodememcgused,freebp DAMOS quota goal...

7.1CVSS7AI score0.00124EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/01 12:0 a.m.8 views

CVE-2026-37226

FlexRIC v2.0.0 crashes when the iApp receives an E42RICSUBSCRIPTIONREQUEST referencing a non-existent E2 Node. The lookup function returns NULL, which is enforced by assert in Debug builds SIGABRT and dereferenced in Release builds SIGSEGV. A remote unauthenticated attacker can crash the iApp...

6AI score0.00642EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2026/05/28 3:53 a.m.14 views

SUSE CVE-2026-46067

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: validate damosquotagoal-nid for nodememcgused,freebp Users can set damosquotagoal-nid with arbitrary value for nodememcgused,freebp. But DAMON core is using those for NODE-DATA without a validation of the value. Th...

5.5CVSS5.9AI score0.00117EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/27 8:38 p.m.12 views

CVE-2026-46020

A flaw was found in the Linux kernel's DAMON Data Access MONitor core. A privileged local user can exploit this vulnerability by providing an invalid node ID to damosquotagoal-nid for nodememused,freebp via the DAMON user-space tool. This improper validation can lead to an out-of-bounds memory...

7.1CVSS5.8AI score0.00124EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/27 8:10 p.m.11 views

CVE-2026-46067

A flaw was found in the Linux kernel's DAMON Data Access MONitor core component. A local user could exploit this vulnerability by providing an invalid node identifier nid when configuring memory usage tracking goals. This lack of validation allows for out-of-bounds memory access, which can lead t...

7.1CVSS5.8AI score0.00117EPSS
Exploits0References4
NVD
NVD
added 2026/05/27 2:17 p.m.13 views

CVE-2026-46067

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: validate damosquotagoal-nid for nodememcgused,freebp Users can set damosquotagoal-nid with arbitrary value for nodememcgused,freebp. But DAMON core is using those for NODE-DATA without a validation of the value. Th...

7.1CVSS0.00117EPSS
Exploits0References2
NVD
NVD
added 2026/05/27 2:17 p.m.13 views

CVE-2026-46020

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: validate damosquotagoal-nid for nodememused,freebp Patch series "mm/damon/core: validate damosquotagoal-nid". nodememcgused,freebp DAMOS quota goals receive the node id. The node id is used for simeminfonode and...

7.1CVSS0.00124EPSS
Exploits0References3
OSV
OSV
added 2026/05/27 2:17 p.m.8 views

UBUNTU-CVE-2026-46020

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: validate damosquotagoal-nid for nodememused,freebp Patch series "mm/damon/core: validate damosquotagoal-nid". nodememcgused,freebp DAMOS quota goals receive the node id. The node id is used for simeminfonode and...

7.1CVSS5.9AI score0.00124EPSS
Exploits0References7
OSV
OSV
added 2026/05/27 2:17 p.m.9 views

UBUNTU-CVE-2026-46067

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: validate damosquotagoal-nid for nodememcgused,freebp Users can set damosquotagoal-nid with arbitrary value for nodememcgused,freebp. But DAMON core is using those for NODE-DATA without a validation of the value. Th...

7.1CVSS5.9AI score0.00117EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/05/27 12:57 p.m.43 views

CVE-2026-46067 mm/damon/core: validate damos_quota_goal->nid for node_memcg_{used,free}_bp

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: validate damosquotagoal-nid for nodememcgused,freebp Users can set damosquotagoal-nid with arbitrary value for nodememcgused,freebp. But DAMON core is using those for NODE-DATA without a validation of the value. Th...

0.00117EPSS
Exploits0References2
Rows per page
Query Builder