Lucene search
+L

136 matches found

redhatcve
redhatcve
added 2026/07/01 4:57 p.m.8 views

CVE-2026-53356

A flaw was found in the Linux kernel's drm/i915/gem component. This vulnerability occurs because the sgpage function incorrectly scales pread/pwrite operations for physical Buffer Objects BO when a non-zero offset is used. This can lead to incorrect memory access, potentially allowing an attacker...

5.8AI score0.00164EPSS
Exploits0References4
osv
osv
added 2026/06/25 8:38 a.m.3 views

CVE-2026-53144 drm/amdkfd: fix NULL dereference in get_queue_ids()

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: fix NULL dereference in getqueueids When usrqueueidarray is NULL and numqueues is non-zero, getqueueids returns NULL. The callers check only ISERR on the return value; since ISERRNULL == false the check passes, and...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References8
euvd
euvd
added 2026/06/25 8:38 a.m.6 views

EUVD-2026-39235

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: fix NULL dereference in getqueueids When usrqueueidarray is NULL and numqueues is non-zero, getqueueids returns NULL. The callers check only ISERR on the return value; since ISERRNULL == false the check passes, and...

5.7AI score0.00122EPSS
Exploits0References5
cve
cve
added 2026/06/25 8:38 a.m.14 views

CVE-2026-53144

CVE-2026-53144 affects the Linux kernel's DRM/AMDKFD path, specifically a NULL dereference in get_queue_ids(). If usr_queue_id_array is NULL and num_queues is non-zero, get_queue_ids() can return NULL; callers only check IS_ERR(), so a NULL pointer is not treated as an error, allowing suspend_que...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References5Affected Software1
debiancve
debiancve
added 2026/05/27 12:18 p.m.11 views

CVE-2026-45967

In the Linux kernel, the following vulnerability has been resolved: bpf: Return proper address for non-zero offsets in insn array The mapdirectvalueaddr function of the instruction array map incorrectly adds offset to the resulting address. This is a bug, because later the resolvepseudoldimm64...

5.5CVSS5.7AI score0.00107EPSS
Exploits0
cve
cve
added 2026/05/27 12:18 p.m.21 views

CVE-2026-45967

CVE-2026-45967 : In the Linux kernel, vulnerability in the BPF instruction array map due to the function map_direct_value_addr() adding an offset to the resulting address. The issue has been resolved with a fix that corrects the address calculation, and corresponding selftests were added in a fol...

5.5CVSS5.8AI score0.00107EPSS
Exploits0References2Affected Software1
ubuntucve
ubuntucve
added 2026/05/27 12:0 a.m.16 views

CVE-2026-45967

In the Linux kernel, the following vulnerability has been resolved: bpf: Return proper address for non-zero offsets in insn array The mapdirectvalueaddr function of the instruction array map incorrectly adds offset to the resulting address. This is a bug, because later the resolvepseudoldimm64...

5.5CVSS6.1AI score0.00107EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: ti: icssg-prueth: Fixed a memory leak in XDPDROP for the non-zero-copy mode. Page recycling was removed from the XDPDROP path in emacrunxdp to avoid conflicts with the AFXDP zero-copy mode, which uses xskbufffree instead...

7.5CVSS5.2AI score0.00343EPSS
Exploits0References1
snyk
snyk
added 2026/05/19 12:31 p.m.9 views

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure in the frontend build process when it exits with a non-zero status. An attacker can obtain sensitive environment variables, including credentials, by reviewing build logs or archived build artifacts generated during...

7.2CVSS5.4AI score0.00117EPSS
Exploits0References2
snyk
snyk
added 2026/05/19 12:31 p.m.8 views

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure in the frontend build process when it exits with a non-zero status. An attacker can obtain sensitive environment variables, including credentials, by reviewing build logs or archived build artifacts generated during...

7.2CVSS5.4AI score0.00117EPSS
Exploits0References2
nvd
nvd
added 2026/05/19 12:16 p.m.16 views

CVE-2026-7860

A possible information disclosure vulnerability exists in the Vaadin Maven plugin and Vaadin Gradle plugin that exposes the full set of environment variables in build logs whenever the frontend build process exits with a non-zero status. Because the build environment may contain credentials...

5.8CVSS0.00117EPSS
Exploits0References2
redhatcve
redhatcve
added 2026/05/06 8:46 p.m.10 views

CVE-2026-43187

A flaw was found in the Linux kernel's XFS filesystem. Incorrect handling of freemap entries when deleting attribute leaf freemap entries can lead to a situation where zero-length freemap entries with a non-zero base are left behind. Subsequent setxattr operations can cause these entries to overl...

8.8CVSS5.8AI score0.00469EPSS
Exploits0References4
attackerkb
attackerkb
added 2026/04/30 5:41 p.m.9 views

CVE-2026-33845

A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable and may cause information disclosure or denial of service...

9.1CVSS5.2AI score0.00805EPSS
Exploits0References19
euvd
euvd
added 2026/04/30 5:41 p.m.7 views

EUVD-2026-26392

A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable and may cause information disclosure or denial of service...

7.5CVSS5.2AI score0.00805EPSS
Exploits0References2
cve
cve
added 2026/04/25 8:46 a.m.26 views

CVE-2026-31675

CVE-2026-31675 — Linux kernel netem out-of-bounds in packet corruption The issue arises in net/sched: sch_netem where the packet corruption logic selects an index into skb->data using get_random_u32_below(skb_headlen(skb)). For AF_PACKET TX_RING sending fully non-linear packets over an IPIP tu...

7.8CVSS5.6AI score0.00126EPSS
Exploits0References5Affected Software1
nessus
nessus
added 2026/04/07 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-23453

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: ti: icssg-prueth: Fix memory leak in XDPDROP for non-zero-copy mode Page recycling was...

7.5CVSS5.7AI score0.00343EPSS
Exploits0References2
susecve
susecve
added 2026/04/03 11:27 p.m.5 views

SUSE CVE-2026-23453

In the Linux kernel, the following vulnerability has been resolved: net: ti: icssg-prueth: Fix memory leak in XDPDROP for non-zero-copy mode Page recycling was removed from the XDPDROP path in emacrunxdp to avoid conflicts with AFXDP zero-copy mode, which uses xskbufffree instead. However, this...

7.5CVSS5.7AI score0.00343EPSS
Exploits0References3
redhatcve
redhatcve
added 2026/04/03 6:52 p.m.6 views

CVE-2026-23453

A flaw was found in the Linux kernel's net: ti: icssg-prueth network driver. When XDP eXpress Data Path programs drop packets in non-zero-copy mode, memory pages are not properly returned to the system's page pool. This memory leak can lead to Out of Memory OOM conditions, causing a Denial of...

7.5CVSS5.9AI score0.00343EPSS
Exploits0References4
euvd
euvd
added 2026/04/03 6:31 p.m.7 views

EUVD-2026-18706

In the Linux kernel, the following vulnerability has been resolved: net: ti: icssg-prueth: Fix memory leak in XDPDROP for non-zero-copy mode Page recycling was removed from the XDPDROP path in emacrunxdp to avoid conflicts with AFXDP zero-copy mode, which uses xskbufffree instead. However, this...

5.8AI score0.00343EPSS
Exploits0References3
nvd
nvd
added 2026/04/03 4:16 p.m.5 views

CVE-2026-23453

In the Linux kernel, the following vulnerability has been resolved: net: ti: icssg-prueth: Fix memory leak in XDPDROP for non-zero-copy mode Page recycling was removed from the XDPDROP path in emacrunxdp to avoid conflicts with AFXDP zero-copy mode, which uses xskbufffree instead. However, this...

7.5CVSS0.00343EPSS
Exploits0References2
Rows per page
Query Builder