Lucene search
+L

37 matches found

NVD
NVD
added 2026/07/06 8:16 p.m.9 views

CVE-2026-42546

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.3.0 and prior to version 4.11.0, a resource leak exists in OP-TEE’s shared memory cleanup logic because the functio...

3.8CVSS0.00105EPSS
Exploits0References1
OSV
OSV
added 2026/07/06 8:16 p.m.3 views

DEBIAN-CVE-2026-42546

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.3.0 and prior to version 4.11.0, a resource leak exists in OP-TEE’s shared memory cleanup logic because the functio...

3.8CVSS6AI score0.00105EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/06 7:31 p.m.5 views

EUVD-2026-41910

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.3.0 and prior to version 4.11.0, a resource leak exists in OP-TEE’s shared memory cleanup logic because the functio...

3.8CVSS6AI score0.00105EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/06 7:31 p.m.6 views

CVE-2026-42546

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.3.0 and prior to version 4.11.0, a resource leak exists in OP-TEE’s shared memory cleanup logic because the functio...

3.8CVSS6AI score0.00105EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/07/06 7:31 p.m.15 views

CVE-2026-42546

OP-TEE (Trusted Execution Environment for Arm TrustZone) prior to version 4.11.0 contains a resource leak in the shared memory cleanup path. Specifically, cleanup_shm_refs() in core/tee/entry_std.c fails to apply the OPTEE_MSG_ATTR_TYPE_MASK to parameter attributes when processing non-contiguous ...

3.8CVSS6AI score0.00105EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/06 12:0 a.m.9 views

PT-2026-55975

Name of the Vulnerable Software and Affected Versions OP-TEE versions 3.3.0 through 4.10.x Description A resource leak exists in the shared memory cleanup logic of OP-TEE, a Trusted Execution Environment designed for Arm Cortex-A cores using TrustZone technology. The function cleanup shm refs in...

3.8CVSS6.1AI score0.00105EPSS
Exploits0References6
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.13 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: drm/buddy: This issue was addressed by validating the rounded allocation size before proceeding with the allocation process. When the DRMBUDDYCONTIGUOUSALLOCATION flag is set, the requested allocation size is rounded up to the ne...

5.5CVSS5.7AI score0.00127EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/17 7:4 a.m.5 views

Security Bulletin: IBM Cloud Pak for Data System (CPDS 1.0) is affected by multiple vulnerabilities in the cryptography package

Summary IBM Cloud Pak for Data System CPDS 1.0 uses the Python cryptography package, which is affected by multiple security vulnerabilities. CVE-2026-34073 involves improper certificate validation where DNS name constraints are only validated against SANs within child certificates and not the "pe...

9.8CVSS5.5AI score0.00652EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2026/06/09 11:19 a.m.10 views

cryptography: Cryptography: Buffer overflow via non-contiguous buffer in API

A flaw was found in the cryptography library. This vulnerability occurs when a non-contiguous buffer is passed to certain application programming interfaces APIs that accept Python buffers, such as Hash.update. A remote attacker could exploit this to cause a buffer overflow, potentially leading t...

9.8CVSS5.6AI score0.00652EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/06/09 11:18 a.m.8 views

cryptography: Cryptography: Buffer overflow via non-contiguous buffer in API

A flaw was found in the cryptography library. This vulnerability occurs when a non-contiguous buffer is passed to certain application programming interfaces APIs that accept Python buffers, such as Hash.update. A remote attacker could exploit this to cause a buffer overflow, potentially leading t...

9.8CVSS5.6AI score0.00652EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2026/05/09 2:41 a.m.11 views

SUSE CVE-2026-43169

In the Linux kernel, the following vulnerability has been resolved: drm/buddy: Prevent BUGON by validating rounded allocation When DRMBUDDYCONTIGUOUSALLOCATION is set, the requested size is rounded up to the next power-of-two via rounduppowoftwo. Similarly, for non-contiguous allocations with lar...

5.7AI score0.00127EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/06 7:52 p.m.11 views

CVE-2026-43169

A flaw was found in the drm/buddy component of the Linux kernel. This vulnerability occurs when the system processes memory allocation requests, particularly for contiguous or large non-contiguous blocks. Incorrect rounding of the requested size can lead to an allocation exceeding available memor...

5.5CVSS5.8AI score0.00127EPSS
Exploits0References4
NVD
NVD
added 2026/05/06 12:16 p.m.7 views

CVE-2026-43169

In the Linux kernel, the following vulnerability has been resolved: drm/buddy: Prevent BUGON by validating rounded allocation When DRMBUDDYCONTIGUOUSALLOCATION is set, the requested size is rounded up to the next power-of-two via rounduppowoftwo. Similarly, for non-contiguous allocations with lar...

5.5CVSS0.00127EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.11 views

PT-2026-37509

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the drm/buddy component where requested allocation sizes are rounded up using roundup pow of two when DRM BUDDY CONTIGUOUS ALLOCATION is set, or aligned via round up f...

5.5CVSS6.3AI score0.00127EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/27 12:0 a.m.6 views

Fedora 44 : python-cryptography (2026-aa318887d6)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-aa318887d6 advisory. Changelog Wed Apr 8 2026 Jeremy Cline - 46.0.7-1 - Update to 46.0.7 - SECURITY ISSUE: Fixed an issue where non-contiguous buffers could be passed to APIs tha...

9.8CVSS5.5AI score0.00652EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/04/10 11:25 p.m.7 views

SUSE CVE-2026-39892

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. From 45.0.0 to before 46.0.7, if a non-contiguous buffer was passed to APIs which accepted Python buffers e.g. Hash.update, this could lead to buffer overflows. This vulnerability is fixed in...

5.3CVSS6AI score0.00652EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/04/09 9:58 p.m.17 views

CVE-2026-39892

A flaw was found in the cryptography library. This vulnerability occurs when a non-contiguous buffer is passed to certain application programming interfaces APIs that accept Python buffers, such as Hash.update. A remote attacker could exploit this to cause a buffer overflow, potentially leading t...

9.8CVSS6AI score0.00652EPSS
Exploits0References6
OSV
OSV
added 2026/04/08 9:17 p.m.9 views

PYSEC-2026-36

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. From 45.0.0 to before 46.0.7, if a non-contiguous buffer was passed to APIs which accepted Python buffers e.g. Hash.update, this could lead to buffer overflows. This vulnerability is fixed in...

9.8CVSS5.9AI score0.00652EPSS
Exploits0References2
PyPA
PyPA
added 2026/04/08 9:17 p.m.11 views

PYSEC-2026-36

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. From 45.0.0 to before 46.0.7, if a non-contiguous buffer was passed to APIs which accepted Python buffers e.g. Hash.update, this could lead to buffer overflows. This vulnerability is fixed in...

9.8CVSS5.9AI score0.00652EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2026/04/08 9:17 p.m.5 views

CVE-2026-39892

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. From 45.0.0 to before 46.0.7, if a non-contiguous buffer was passed to APIs which accepted Python buffers e.g. Hash.update, this could lead to buffer overflows. This vulnerability is fixed in...

9.8CVSS0.00652EPSS
Exploits0References22
Rows per page
Query Builder