CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

AstraLinux•added 2026/05/20 5:53 a.m.•7 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: cxl/pmem: Fixed race conditions related to nvdimm registration. A loop of the form: c while true; do modprobe cxlpci; modprobe -r cxlpci; done …fails with the following crash signature: BUG: Kernel NULL pointer dereference,...

5.7AI score0.0002EPSS

Exploits0References1

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: acpi: nfit: fixed the narrowing conversion in acpinfitctl. Syzkaller reported a warning in tonfitbusuuid: “Only secondary bus families can be translated.” This warning is emitted if the argument equals NVDIMMBUSFAMILYNFIT == 0...

5.5CVSS6.5AI score0.0003EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•3 views

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: nvdimm: Fix firmware activation deadlock scenarios Lockdep reports the following deadlock scenarios for CXL root device power-management, deviceprepare, operations, and deviceshutdown operations for 'ndregion' devices: Chain exis...

5.5CVSS6.3AI score0.0001EPSS

Exploits0References1

AstraLinux•added 2026/05/03 11:59 p.m.•4 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: powerpc/paprscm: Fix leaking nvdimmeventsmap elements Right now 'char ' elements allocated for individual 'statid' in 'paprscmpriv.nvdimmeventsmap' during paprscmpmucheckevents, get leaked in paprscmremove and paprscmpmuregister,...

5.5CVSS6.5AI score0.00126EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•4 views

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: nvdimm: Fix memleak of pmu attrgroups in unregisternvdimmpmu Memory pointed by 'ndpmu-pmu.attrgroups' is allocated in function 'registernvdimmpmu' and is lost after 'kfreendpmu' call in function 'unregisternvdimmpmu'...

6.5AI score0.0003EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•1 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: cxl: Fix race of nvdimmbus object when creating nvdimm objects Found issue during running of cxl-translate.sh unit test. Adding a 3s sleep right before the test seems to make the issue reproduce fairly consistently. The...

4.7CVSS5.8AI score0.00014EPSS

Exploits0References1

Tenable Nessus•added 2026/04/21 12:0 a.m.•3 views

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-010946)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010946 advisory. In the Linux kernel, the following vulnerability has been resolved: libnvdimm/labels: Fix divide error in ndlabeldatainit If a faulty CXL memory device returns a...

5.5CVSS6.4AI score0.00081EPSS

Tenable Nessus•added 2026/04/05 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2026-31399

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nvdimm/bus: Fix potential use after free in asynchronous initialization Dingisoul with KASAN reports a use after free if deviceadd fails in ndasyncdeviceregiste...

7.8CVSS5.8AI score0.00015EPSS

Exploits0References3

SUSE CVE•added 2026/04/03 11:25 p.m.•3 views

SUSE CVE-2026-31399

In the Linux kernel, the following vulnerability has been resolved: nvdimm/bus: Fix potential use after free in asynchronous initialization Dingisoul with KASAN reports a use after free if deviceadd fails in ndasyncdeviceregister. Commit b6eae0f61db2 "libnvdimm: Hold reference on parent while...

EUVD•added 2026/04/03 6:31 p.m.•1 views

Exploits0References3

EUVD-2026-18780

5.7AI score0.00015EPSS

Exploits0References7

RedhatCVE•added 2026/04/03 5:4 p.m.•1 views

CVE-2026-31399

A flaw was found in the Linux kernel's nvdimm/bus component. During asynchronous device initialization, if the deviceadd function fails in ndasyncdeviceregister, a use-after-free vulnerability can occur. This happens because the device's reference count drops to zero before the parent pointer is...

4.7CVSS6.1AI score0.00015EPSS

NVD•added 2026/04/03 4:16 p.m.•0 views

CVE-2026-31399

7.8CVSS0.00015EPSS

Exploits0References8

UbuntuCve•added 2026/04/03 4:16 p.m.•0 views

CVE-2026-31399

OSV•added 2026/04/03 4:16 p.m.•2 views

Exploits0References8

UBUNTU-CVE-2026-31399

ATTACKERKB•added 2026/04/03 3:16 p.m.•0 views

Exploits0References9

CVE-2026-31399

5.7AI score0.00015EPSS

Exploits0References9Affected Software1

CVE•added 2026/04/03 3:16 p.m.•7 views

CVE-2026-31399

CVE-2026-31399 concerns the Linux kernel, specifically a use-after-free in the nvme/nvdimm bus async initialization path. The issue arises if device_add() fails during nd_async_device_register(): the parent device reference could drop to 0 before the parent pointer is accessed, leading to use-aft...

Exploits0References8Affected Software1

SUSE CVE•added 2026/03/25 4:55 p.m.•2 views

SUSE CVE-2026-23348

4.7CVSS5.7AI score0.00014EPSS

Exploits0References3

RedhatCVE•added 2026/03/25 12:48 p.m.•0 views

CVE-2026-23348

A flaw was found in the Linux kernel, specifically within the CXL Compute Express Link and NVDIMM Non-Volatile Dual In-line Memory Module subsystems. A race condition can occur when NVDIMM objects attempt to reprobe after the cxlacpi module is removed, while the nvdimmbus object is missing. This...

5.5CVSS5.8AI score0.00014EPSS

EUVD•added 2026/03/25 12:30 p.m.•2 views

EUVD-2026-15317

5.7AI score0.00014EPSS