CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2026/05/29 12:0 a.m.•11 views

Linux Distros Unpatched Vulnerability : CVE-2026-46235

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: saa7164: add ioremap return checks and cleanups Add checks for ioremap return values in saa7164devsetup. If ioremap for BAR0 or BAR2 fails, release the...

CVE•added 2026/05/28 9:40 a.m.•12 views

Exploits0References4

CVE-2026-46224

The CVE-2026-46224 entry concerns the Linux kernel drm/xe subsystem: a leaked buffer object (bo) in xe_dma_buf_init_obj() during allocation failure. The fix ensures that when drm_gpuvm_resv_object_alloc() fails, storage is freed via xe_bo_free(storage); since xe_dma_buf_init_obj() already frees t...

5.8AI score0.00022EPSS

ATTACKERKB•added 2026/05/28 9:40 a.m.•6 views

CVE-2026-46201

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix dma-buf attachment leak in xegemprimeimport When xedmabufinitobj fails, the attachment from dmabufdynamicattach is not detached. Add dmabufdetach before returning the error. Note: we cannot use goto outerr here becaus...

5.8AI score0.00013EPSS

Exploits0References5Affected Software1

SUSE CVE•added 2026/05/28 3:55 a.m.•6 views

SUSE CVE-2026-45950

In the Linux kernel, the following vulnerability has been resolved: crypto: starfive - Fix memory leak in starfiveaesaeaddoonereq The starfiveaesaeaddoonereq function allocates rctx-adata with kzalloc but fails to free it if sgcopytobuffer or starfiveaeshwinit fails, which lead to memory leaks...

5.8AI score0.00023EPSS

SUSE CVE•added 2026/05/28 3:55 a.m.•6 views

SUSE CVE-2026-45976

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix memory leak in amdgpurasinit When amdgpunbiorasswinit fails in amdgpurasinit, the function returns directly without freeing the allocated con structure, leading to a memory leak. Fix this by jumping to the...

5.8AI score0.00024EPSS

EUVD•added 2026/05/27 3:33 p.m.•7 views

EUVD-2026-32225

In the Linux kernel, the following vulnerability has been resolved: tpm: tpmi2cinfineon: Fix locality leak on getburstcount failure getburstcount can return -EBUSY on timeout. When this happens, the function returns directly without releasing the locality that was acquired at the beginning of...

EUVD•added 2026/05/27 3:33 p.m.•7 views

Exploits0References9

EUVD-2026-32387

In the Linux kernel, the following vulnerability has been resolved: mtd: parsers: Fix memory leak in mtdparsertplinksafeloaderparse The function mtdparsertplinksafeloaderparse allocates buf via mtdparsertplinksafeloaderreadtable. If the allocation for partsidx.name fails inside the loop, the code...

5.9AI score0.00024EPSS

Exploits0References6

EUVD•added 2026/05/27 3:33 p.m.•6 views

EUVD-2026-32337

In the Linux kernel, the following vulnerability has been resolved: tpm: st33zp24: Fix missing cleanup on getburstcount error getburstcount can return -EBUSY on timeout. When this happens, st33zp24send returns directly without releasing the locality acquired earlier. Use goto outerr to ensure...

OSV•added 2026/05/27 2:17 p.m.•3 views

Exploits0References9

UBUNTU-CVE-2026-45871

5.7AI score0.00032EPSS

CVE•added 2026/05/27 12:18 p.m.•12 views

CVE-2026-45976

CVE-2026-45976 affects the Linux kernel DRM/AMDGPU ras init path. The root cause is a memory leak: when amdgpu_nbio_ras_sw_init() fails inside amdgpu_ras_init(), the function returns without freeing the allocated con structure. The fix jumps to the release_con label to properly release the alloca...

5.8AI score0.00024EPSS

Exploits0References5

Cvelist•added 2026/05/27 12:15 p.m.•34 views

CVE-2026-45871 tpm: st33zp24: Fix missing cleanup on get_burstcount() error

0.00032EPSS

Exploits0References8

CVE•added 2026/05/27 12:15 p.m.•9 views

CVE-2026-45871

In the Linux kernel vulnerability CVE-2026-45871, the issue is in TPM st33zp24 handling within get_burstcount(). On a timeout, get_burstcount() may return -EBUSY, causing st33zp24_send() to return without releasing the previously acquired locality. The fix adds proper cleanup using a goto out_err...

CVE•added 2026/05/27 12:15 p.m.•9 views

Exploits0References8

CVE-2026-45863

The CVE-2026-45863 entry documents a Linux kernel memory-leak bug in i3c: dw through dw_i3c_master_i2c_xfers(). The function allocates an xfer via dw_i3c_master_alloc_xfer(), but if pm_runtime_resume_and_get() fails it previously returned without freeing the allocated xfer. The fix adds a call to...

5.8AI score0.00023EPSS

Exploits0References4

Positive Technologies•added 2026/05/27 12:0 a.m.•4 views

PT-2026-43952

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description An issue exists in the rxrpc component regarding the handling of packets with misaligned crypto lengths. The system fails to...

9.8CVSS5.9AI score0.00254EPSS

Exploits12References281

AstraLinux•added 2026/05/20 5:53 a.m.•4 views

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: IB/core: Fixed the issue with the cleanup of the ibcachesetupone function. When ibcacheupdate returns an error, the ibcachesetupone function is exited immediately without proper cleanup. This occurs even though we have already...

6.5CVSS6.3AI score0.00043EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•6 views

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: TLS: Handle the situation where data disappears from the receive queue under TLS ULP. TLS assumes that it owns the receive queue of the TCP socket. This assumption cannot be guaranteed if the reader of the TCP socket entered befo...

7.1CVSS5.7AI score0.0001EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•5 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: dsa: felix: suppress non-changes to the tagging protocol The way that dsatreechangetagproto works is as follows: When dsatreenotify fails, it does not know whether the operation failed midway through a multi-switch tree, or ...

5.5CVSS5.7AI score0.00074EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•1 views

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: net: macvlan: fixed memory leaks in macvlancommonnewlink. kmemleak reports memory leaks in macvlancommonnewlink, as follows: c ip link add link eth0 name .. type macvlan mode source macaddr add kmemleak reports: An unreferenced...

5.5CVSS6.1AI score0.0005EPSS

Exploits0References1

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fixed the vport QoS cleanup mechanism in case of errors. When enabling vport QoS fails, the scheduling node never gets freed, leading to a leak. Added the missing free operation and reset the vport scheduling node point...

5.5CVSS5.7AI score0.00016EPSS