CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2026/05/15 12:1 p.m.•12 views

CVE-2026-43331

A flaw was found in the Linux kernel. When Kernel Coverage KCOV instrumentation is enabled, a local user performing a kexec operation can trigger an invalid state within the x86/kexec component. This invalid state, related to the GS base that KCOV relies on for per-CPU data, causes the kernel to...

5.5CVSS5.8AI score0.00122EPSS

SUSE CVE•added 2026/05/09 2:39 a.m.•6 views

SUSE CVE-2026-43274

In the Linux kernel, the following vulnerability has been resolved: mailbox: mchp-ipc-sbi: fix out-of-bounds access in mchpipcgetclusteraggrirq The clustercfg array is dynamically allocated to hold per-CPU configuration structures, with its size based on the number of online CPUs. Previously, thi...

8.4CVSS5.7AI score0.00131EPSS

OSV•added 2026/03/25 10:27 a.m.•1 views

CVE-2026-23342 bpf: Fix race in cpumap on PREEMPT_RT

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix race in cpumap on PREEMPTRT On PREEMPTRT kernels, the per-CPU xdpbulkqueue bq can be accessed concurrently by multiple preemptible tasks on the same CPU. The original code assumes bqenqueue and cpumapflush run atomically...

4.7CVSS5.7AI score0.00088EPSS

Exploits0References6

Tenable Nessus•added 2026/03/05 12:0 a.m.•3 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005735)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005735 advisory. In the Linux kernel, the following vulnerability has been resolved: tracing: Fix race issue between cpu buffer write and swap Warning happened in rbendcommit at cod...

4.7CVSS5.9AI score0.00123EPSS

Tenable Nessus•added 2026/03/04 12:0 a.m.•3 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005480)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005480 advisory. In the Linux kernel, the following vulnerability has been resolved: tick/broadcast: Move per CPU pointer access into the atomic section The recent fix for making the...

5.5CVSS6.8AI score0.00221EPSS

OSV•added 2026/02/18 4:22 p.m.•3 views

UBUNTU-CVE-2026-23225

In the Linux kernel, the following vulnerability has been resolved: sched/mmcid: Don't assume CID is CPU owned on mode switch Shinichiro reported a KASAN UAF, which is actually an out of bounds access in the MMCID management code. CPU0 CPU1 T1 runs in userspace T0: forkT4 - Switch to per CPU CID...

7.8CVSS5.7AI score0.00113EPSS

Debian CVE•added 2026/01/31 11:42 a.m.•5 views

CVE-2026-23025

In the Linux kernel, the following vulnerability has been resolved: mm/pagealloc: prevent pcp corruption with SMP=n The kernel test robot has reported: BUG: spinlock trylock failure on UP on CPU0, kcompactd0/28 lock: 0xffff888807e35ef0, .magic: dead4ead, .owner: kcompactd0/28, .ownercpu: 0 CPU: 0...

7.8CVSS5.4AI score0.00184EPSS

Exploits0

Tenable Nessus•added 2025/12/31 12:0 a.m.•2 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992894)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992894 advisory. In the Linux kernel, the following vulnerability has been resolved: hrtimers: Handle CPU state correctly on hotplug Consider a scenario where a CPU transitions from...

7.8CVSS6.3AI score0.00223EPSS

RedHat Linux•added 2025/12/17 7:48 a.m.•1 views

kernel: fs: fix UAF/GPF bug in nilfs_mdt_destroy

In the Linux kernel, the following vulnerability has been resolved: fs: fix UAF/GPF bug in nilfsmdtdestroy In allocinode, inodeinitalways could return -ENOMEM if securityinodealloc fails, which causes inode-iprivate uninitialized. Then nilfsismetadatafileinode returns true and nilfsfreeinode...

7.8CVSS6.8AI score0.00206EPSS

Cvelist•added 2025/12/16 2:45 p.m.•26 views

CVE-2025-68262 crypto: zstd - fix double-free in per-CPU stream cleanup

In the Linux kernel, the following vulnerability has been resolved: crypto: zstd - fix double-free in per-CPU stream cleanup The crypto/zstd module has a double-free bug that occurs when multiple tfms are allocated and freed. The issue happens because zstdstreams per-CPU contexts are freed in...

0.00169EPSS

CVE•added 2025/12/16 2:45 p.m.•16 views

CVE-2025-68262

The provided sources describe a Linux kernel vulnerability: a double-free in the crypto/zstd per-CPU streams when multiple tfms are freed, caused by freeing zstd_streams in zstd_exit() on every tfm destruction. The recommended fix is to change lifecycle management so the streams are freed only on...

6.2AI score0.00169EPSS

RedHat Linux•added 2025/11/12 12:40 a.m.•2 views

kernel: fs: fix UAF/GPF bug in nilfs_mdt_destroy

7.8CVSS6.8AI score0.00206EPSS

Tenable Nessus•added 2025/08/12 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2024-44968

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: tick/broadcast: Move per CPU pointer access into the atomic section The recent fix for makin...

5.5CVSS5.7AI score0.00221EPSS

Exploits0References2

RedHat Linux•added 2025/05/13 8:28 a.m.•2 views

kernel: uprobe: avoid out-of-bounds memory access of fetching args

An out-of-bounds overflow vulnerability was found in the Linux kernel. When Uprobe needs to fetch args into a per-CPU buffer and then copy to a ring buffer, sometimes user-space strings and arrays can be very large, but the size of the per-CPU buffer is only page size and checking is not performe...

7.8CVSS7.4AI score0.00233EPSS

CNNVD•added 2025/05/02 12:0 a.m.•2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from tcpmakesynack not disabling preemption when accessing per-CPU variables in the process context...

5.5CVSS6.4AI score0.00149EPSS

Exploits0References9

RedHat Linux•added 2024/11/12 9:11 a.m.•4 views

kernel: mm: vmalloc: check if a hash-index is in cpu_possible_mask

A vulnerability was found in the Linux kernel that involves improper handling of per-CPU data in systems where cpupossiblemask has gaps between CPUs. This can lead to an index which accesses non-existent or unset CPU areas and potentially causes kernel crashes...

5.5CVSS7.2AI score0.00288EPSS

SUSE CVE•added 2024/08/18 2:1 a.m.•1 views

SUSE CVE-2024-43851

In the Linux kernel, the following vulnerability has been resolved: soc: xilinx: rename cpunumber1 to dummycpunumber The per cpu variable cpunumber1 is passed to xlnxeventhandler as argument "devid", but it is not used in this function. So drop the initialization of this variable and rename it to...

5.5CVSS6.3AI score0.00211EPSS

Exploits0References10

OSV•added 2024/07/12 1:15 p.m.•1 views

UBUNTU-CVE-2024-40944

In the Linux kernel, the following vulnerability has been resolved: x86/kexec: Fix bug with call depth tracking The call to ccplatformhas triggers a fault and system crash if call depth tracking is active because the GS segment has been reset by loadsegments and GSBASE is now 0 but call depth...

5.5CVSS5.7AI score0.00239EPSS

Exploits0References13

SUSE CVE•added 2024/04/09 2:29 a.m.•4 views

SUSE CVE-2024-26690

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: protect updates of 64-bit statistics counters As explained by a comment in , write side of struct u64statssync must ensure mutual exclusion, or one seqcount update could be lost on 32-bit platforms, thus blocking...

6.5CVSS6.5AI score0.00709EPSS