Lucene search
K

1636 matches found

OSV
OSV
added 2026/06/30 10:3 a.m.11 views

SUSE-SU-2026:2238-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2023-20585: x86/CPU: Fix FPDSS on Zen1 bsc1243603. - CVE-2025-54518: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache bsc1264013. -...

9.8CVSS6.9AI score0.03663EPSS
Exploits32References449
RedhatCVE
RedhatCVE
added 2026/06/26 1:6 p.m.7 views

CVE-2026-53114

A flaw was found in the Linux kernel's performance monitoring unit perf/amd/ibs. An issue exists where calling perfallowkernel from a Non-Maskable Interrupt NMI handler is unsafe. This could lead to a system crash, resulting in a Denial of Service DoS for the affected system...

5.5CVSS5.7AI score0.00154EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/24 4:30 p.m.7 views

EUVD-2026-38982

In the Linux kernel, the following vulnerability has been resolved: perf/amd/ibs: Avoid calling perfallowkernel from the IBS NMI handler Calling perfallowkernel from the NMI context is unsafe and could be fatal. Capture the permission at event-initialization time by storing it in event-hw.flags,...

5.8AI score0.00154EPSS
Exploits0References3
CVE
CVE
added 2026/06/24 4:30 p.m.7 views

CVE-2026-53114

CVE-2026-53114 affects the Linux kernel perf/amd/ibs component. The flaw arises from calling perf_allow_kernel() within the IBS NMI handler, which is unsafe and could be fatal. The fix caches the permission at event initialization by storing it in event->hw.flags and makes the NMI handler rely...

5.8AI score0.00154EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.2 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: Tracing: Do not register unsupported perf events Synthetic events currently do not have a function to register perf events. This leads to calling the tracepoint register functions with a NULL function pointer, which triggers the...

5.5CVSS5.9AI score0.00136EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: perf/x86/amd: Check the event before enabling it to avoid a General Protection Fault GPF. On AMD machines, cpuc-eventsidx can become NULL due to a subtle race condition with NMI-throttle-x86pmustop. Check if the event is NULL in...

5.9AI score0.00168EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.9 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: bpf: Fixed the stackmap overflow check in bpfgetstackid Syzkaller reported a KASAN vulnerability related to out-of-bounds write operations in bpfgetstackid, when copying stack trace data. This issue occurs when the perf trace...

5.9AI score0.00157EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: perf: sched: Fixed a crash in perf when using the new isusertask helper. To obtain a user space stacktrace, the current task must be a user task that has executed in user space. It was previously possible to determine whether a...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.5 views

PT-2026-52008

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Linux kernel where the perf allow kernel function is called from the IBS NMI handler. Calling this function within the NMI Non-Maskable Interrupt context is unsafe...

6.8CVSS6AI score0.00154EPSS
Exploits0References15
RedhatCVE
RedhatCVE
added 2026/06/23 1:26 p.m.9 views

CVE-2026-47141

A flaw was found in vm2, an open-source virtual machine VM sandbox for Node.js. Prior to version 3.11.4, NodeVM, a component of vm2, improperly exposed certain process-wide observability builtins, such as diagnosticschannel, asynchooks, and perfhooks. These builtins, which are designed for...

8.6CVSS5.7AI score0.00308EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.17 views

SUSE SLES12 Security Update : kernel (SUSE-SU-2026:2450-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2450-1 advisory. The SUSE Linux Enterprise 12 SP5 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-10263:...

9.8CVSS6.9AI score0.00563EPSS
Exploits21References260
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux

A flaw was discovered in the Linux kernel. A memory use-after-free vulnerability was identified in the perf subsystem, allowing a local attacker with permission to monitor perf events, thereby corrupting memory and potentially escalating privileges. The most significant threat of this vulnerabili...

7.8CVSS6.6AI score0.00302EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: drm/i915/gem: The i915gemcontext link is now moved under ref protection. i915perf assumes that it can use the i915gemcontext reference to protect its i915-gem.contexts.list iteration. However, this requires that we do not remo...

7.8CVSS6.3AI score0.00248EPSS
Exploits0References2
NVD
NVD
added 2026/06/12 3:16 p.m.12 views

CVE-2026-47141

vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, NodeVM exposes some process-wide observability builtins when they are allowed through require.builtin. The diagnosticschannel, asynchooks, and perfhooks builtins are not blocked by the dangerous builtin denylist. These modules...

6.9CVSS0.00308EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/12 2:17 p.m.11 views

CVE-2026-47141 vm2: NodeVM observability builtins leak host process and HTTP request data

vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, NodeVM exposes some process-wide observability builtins when they are allowed through require.builtin. The diagnosticschannel, asynchooks, and perfhooks builtins are not blocked by the dangerous builtin denylist. These modules...

6.9CVSS5.3AI score0.00308EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/12 2:17 p.m.13 views

EUVD-2026-36449

vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, NodeVM exposes some process-wide observability builtins when they are allowed through require.builtin. The diagnosticschannel, asynchooks, and perfhooks builtins are not blocked by the dangerous builtin denylist. These modules...

6.9CVSS5.2AI score0.00308EPSS
Exploits0References3
CVE
CVE
added 2026/06/12 2:17 p.m.40 views

CVE-2026-47141

CVE-2026-47141 affects vm2 NodeVM where diagnostics_channel, async_hooks, and perf_hooks observability builtins were exposed to sandboxed code before patching in vm2 3.11.4. These process‑wide modules can leak host data (e.g., HTTP headers, AsyncResource state, performance entries) into the sandb...

6.9CVSS5.2AI score0.00308EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.19 views

EulerOS Virtualization 2.12.0 : kernel (EulerOS-SA-2026-2102)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : netfilter: ctnetlink: remove refcounting in expectation dumpersCVE-2025-39764 nvme: nvme-fc: Ensure -ioerrwork is cancelled in...

9.8CVSS6.2AI score0.0071EPSS
Exploits0References103
SUSE CVE
SUSE CVE
added 2026/06/04 2:21 a.m.11 views

SUSE CVE-2026-46272

In the Linux kernel, the following vulnerability has been resolved: coresight: tmc-etr: Fix race condition between sysfs and perf mode When trying to run perf and sysfs mode simultaneously, the WARNON in tmcetrenablehw is triggered sometimes: WARNING: CPU: 42 PID: 3911571 at...

5.9AI score0.00088EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/03 6:47 p.m.11 views

CVE-2026-46272

A flaw was found in the Linux kernel's Coresight Trace Memory Controller TMC Embedded Trace Router ETR driver. A race condition can occur when both the sysfs and perf modes are used simultaneously. This can lead to a kernel warning, potentially causing system instability or unexpected behavior...

4.7CVSS5.8AI score0.00088EPSS
Exploits0References4
Rows per page
Query Builder