Lucene search
K

614 matches found

NVD
NVD
added 5 days ago7 views

CVE-2026-45257

The KTLS receive path decrypted each record in place, assuming that the mbufs holding received data were anonymous and safe to modify. This assumption does not hold for data placed on a socket by sendfile2, which can reference file-backed memory directly through non-anonymous MEXTPG pages or...

7.8CVSS0.00154EPSS
Exploits0References4
CVE
CVE
added 5 days ago109 views

CVE-2026-45257

CVE-2026-45257 : FreeBSD KTLS receive path decrypts in place, enabling an unprivileged local user to overwrite a file’s page cache via sendfile(2) data over a loopback connection when KTLS receive is enabled. This can corrupt the backing file and allow privilege escalation by overwriting setuid/t...

7.8CVSS5.8AI score0.00154EPSS
Exploits0References4Affected Software1
The Hacker News
The Hacker News
added 5 days ago21 views

New Linux pedit COW Exploit Enables Root Access by Poisoning Cached Binaries

A flaw in the Linux kernel's traffic-control subsystem can let a local unprivileged user gain root on affected systems. CVE-2026-46331, nicknamed "pedit COW ," is an out-of-bounds write in the packet-editing action actpedit that corrupts shared page-cache memory. A public, working exploit appeare...

6.1AI score0.00259EPSS
Exploits9
Tenable Nessus
Tenable Nessus
added 5 days ago7 views

SUSE SLES15: kernel-livepatch-6_4_0-150600_23_95-default / etc (SUSE-SU-2026:2520-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2520-1 advisory. This update for the SUSE Linux Enterprise Kernel 6.4.0-150600.23.95 fixes various security issues The following security issues were fixed: -...

9.8CVSS6.5AI score0.0049EPSS
Exploits8References17
Tenable Nessus
Tenable Nessus
added 5 days ago6 views

SUSE SLES15 Security Update : kernel (Live Patch 24 for SUSE Linux Enterprise 15 SP6) (SUSE-SU-2026:2608-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2608-1 advisory. This update for the SUSE Linux Enterprise Kernel 6.4.0-150600.23.103 fixes various security issues The following security issues were fixed: -...

9.8CVSS6.6AI score0.0049EPSS
Exploits8References17
OSV
OSV
added 6 days ago2 views

UBUNTU-CVE-2026-53167

In the Linux kernel, the following vulnerability has been resolved: fuse: limit FUSENOTIFYRETRIEVE to uptodate folios FUSENOTIFYRETRIEVE must be limited to uptodate folios; !uptodate folios can contain uninitialized data. Since FUSENOTIFYRETRIEVE is intended to only return data that is already in...

6.8CVSS5.7AI score0.00166EPSS
Exploits0References6
EUVD
EUVD
added 6 days ago4 views

EUVD-2026-39258

In the Linux kernel, the following vulnerability has been resolved: fuse: limit FUSENOTIFYRETRIEVE to uptodate folios FUSENOTIFYRETRIEVE must be limited to uptodate folios; !uptodate folios can contain uninitialized data. Since FUSENOTIFYRETRIEVE is intended to only return data that is already in...

5.7AI score0.00166EPSS
Exploits0References3
CVE
CVE
added 6 days ago11 views

CVE-2026-53167

In the Linux kernel, CVE-2026-53167 concerns FUSE_NOTIFY_RETRIEVE: the operation must be limited to uptodate folios because !uptodate folios may contain uninitialized data. The fix ensures FUSE_NOTIFY_RETRIEVE only returns data already present in the page cache and does not wait for data from the...

5.7AI score0.00166EPSS
Exploits0References3
EUVD
EUVD
added last week7 views

EUVD-2026-38886

In the Linux kernel, the following vulnerability has been resolved: f2fs: avoid reading already updated pages during GC We found the following issue during fuzz testing: page: refcount:3 mapcount:0 mapping:00000000b6e89c65 index:0x18b2dc pfn:0x161ba9 memcg:f8ffff800e269c00 aops:f2fsmetaaops ino:2...

5.7AI score0.00166EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.7 views

TencentOS Server 4: kernel (TSSA-2026:0540)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0540 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

7.8CVSS6.3AI score0.00259EPSS
Exploits9References2
RedHat Linux
RedHat Linux
added 2026/06/22 6:44 a.m.8 views

kernel: net/sched: act_pedit: extend the writable skb range per key

A flaw was found in the Linux kernel's traffic control packet editing pedit subsystem. In tcfpeditact, the copy-on-write COW range for skbensurewritable is computed once before iterating over edit keys, but the calculation does not account for runtime header offsets added by typed keys. This can...

7.8CVSS5.8AI score0.00259EPSS
Exploits9References6
RedHat Linux
RedHat Linux
added 2026/06/19 4:39 p.m.7 views

kernel: net/sched: act_pedit: extend the writable skb range per key

A flaw was found in the Linux kernel's traffic control packet editing pedit subsystem. In tcfpeditact, the copy-on-write COW range for skbensurewritable is computed once before iterating over edit keys, but the calculation does not account for runtime header offsets added by typed keys. This can...

7.8CVSS5.8AI score0.00259EPSS
Exploits9References6
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.1 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: mm: Use memallocnofssave in pagecacheraorder. See commit f2c817bed58d “mm: Use memallocnofssave in readahead”, ensure that pagecacheraorder does not attempt to reclaim file-backed pages too often, as this can lead to a deadlock...

5.5CVSS6.1AI score0.0018EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm/filemap: Make MAXPAGECACHEORDER acceptable to xarray. Patch series “mm/filemap: Limit page cache size to that supported by xarray”, version 2. Currently, xarray cannot support arbitrary page cache sizes. More details can be...

5.5CVSS5.8AI score0.00211EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: mm/memfd: Fixed an issue where information leaks occurred during the handling of hugetlb folios. When allocating hugetlb folios for memfd, three initialization steps are missing: 1. The folios are not zeroed, resulting in kern...

5.4AI score0.00176EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: nilfs2: Fixed a potential deadlock that could occur when creating new symlinks. Syzbot reported that the pagesymlink function, called by nilfssymlink, triggers memory reclamation at the filesystem level. This can lead to circular...

5.5CVSS6.1AI score0.00206EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: s390/dasd: Fixed the issue of invalid dereferencing of indirect CCW data pointers. The issue occurred in dasdeckddumpsense, where an invalid dereferencing of the indirect CCW data pointer led to a kernel panic in certain error...

5.5CVSS5.8AI score0.00205EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ceph: fix crash after fscryptencryptpagecacheblocks error The function movedirtyfolioinpagearray was created by the commit ce80b76dd327 "ceph: introduce cephprocessfoliobatch method". The code for this function was moved from...

5.5CVSS5.3AI score0.00119EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: hugetlbfs: Do not delete the error page from the page cache. This change is very similar to the change made for shmem 1. It addresses the same issue, but for the HugeTLBFS mechanism instead. Currently, when a poisoned HugeTLB pag...

5.5CVSS5.9AI score0.00159EPSS
Exploits0References2
NVD
NVD
added 2026/06/16 8:16 a.m.12 views

CVE-2026-46331

In the Linux kernel, the following vulnerability has been resolved: net/sched: fix pedit partial COW leading to page cache corruption tcfpeditact computes the COW range for skbensurewritable once before the key loop using tcfpoffmaxhint, but the hint does not account for the runtime header offset...

7.8CVSS0.00259EPSS
Exploits9References29
Rows per page
Query Builder