Lucene search
K

23 matches found

CVE
CVE
added 2026/06/24 4:29 p.m.8 views

CVE-2026-52994

CVE-2026-52994 affects the Linux kernel virtio transport for vsock zcopy: virtio_transport_init_zcopy_skb() previously used iter->count as the size for msg_zerocopy_realloc(), which then desks mm_account_pinned_pages() for RLIMIT_MEMLOCK. Because iter->count is consumed by virtio_transport_...

5.7AI score0.00173EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.8 views

PT-2026-51888

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the vsock/virtio implementation regarding MSG ZEROCOPY pinned-pages accounting. The function virtio transport init zcopy skb uses iter-count as the size argument for m...

6AI score0.00173EPSS
Exploits0References12
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iouring: Fixed the issue of releasing pinned pages when iouaddrmap fails. Looking at the error path of iouaddrmap, if we fail to pin the pages for any reason, ret will be set to -EINVAL, and the error handler will not properly...

5.5CVSS6.1AI score0.00207EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/22 2:20 a.m.10 views

SUSE CVE-2026-43502

In the Linux kernel, the following vulnerability has been resolved: net/rds: handle zerocopy send cleanup before the message is queued A zerocopy send can fail after user pages have been pinned but before the message is attached to the sending socket. The purge path currently infers zerocopy stat...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-43502

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/rds: handle zerocopy send cleanup before the message is queued A zerocopy send can fail after user pages have been pinned but before the message is attached...

7.8CVSS7AI score0.00123EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/21 12:17 p.m.13 views

EUVD-2026-31275

In the Linux kernel, the following vulnerability has been resolved: net/rds: handle zerocopy send cleanup before the message is queued A zerocopy send can fail after user pages have been pinned but before the message is attached to the sending socket. The purge path currently infers zerocopy stat...

5.7AI score0.00123EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/08/08 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2022-49989

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xen/privcmd: fix error exit of privcmdioctldmop The error exit of privcmdioctldmop is calling unlockpages potentially with pages being NULL, leading to a NULL...

5.5CVSS6.5AI score0.00197EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2024/11/12 9:11 a.m.4 views

kernel: io_uring: Fix release of pinned pages when __io_uaddr_map fails

A flaw was found in the iouring subsystem in the Linux kernel, where pinned pages are not properly released if the iouaddrmap function fails. This could lead to resource leaks or other unintended behaviors...

5.5CVSS7.1AI score0.00207EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2024/07/18 3:6 a.m.4 views

SUSE CVE-2022-48797

In the Linux kernel, the following vulnerability has been resolved: mm: don't try to NUMA-migrate COW pages that have other uses Oded Gabbay reports that enabling NUMA balancing causes corruption with his Gaudi accelerator test load: "All the details are in the bug, but the bottom line is that...

5.5CVSS6.8AI score0.00239EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2024/05/21 2:0 a.m.8 views

SUSE CVE-2024-35831

In the Linux kernel, the following vulnerability has been resolved: iouring: Fix release of pinned pages when iouaddrmap fails Looking at the error path of iouaddrmap, if we fail after pinning the pages for any reasons, ret will be set to -EINVAL and the error handler won't properly release the...

5.5CVSS6.5AI score0.00207EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2024/05/17 11:42 p.m.31 views

CVE-2024-35831

A flaw was found in the iouring subsystem in the Linux kernel, where pinned pages are not properly released if the iouaddrmap function fails. This could lead to resource leaks or other unintended behaviors. Mitigation Mitigation for this issue is either not available or the currently available...

5.5CVSS8.6AI score0.00207EPSS
Exploits0References4
NVD
NVD
added 2024/05/17 2:15 p.m.18 views

CVE-2024-35831

In the Linux kernel, the following vulnerability has been resolved: iouring: Fix release of pinned pages when iouaddrmap fails Looking at the error path of iouaddrmap, if we fail after pinning the pages for any reasons, ret will be set to -EINVAL and the error handler won't properly release the...

5.5CVSS7.4AI score0.00207EPSS
Exploits0References4
OSV
OSV
added 2024/05/17 2:15 p.m.2 views

DEBIAN-CVE-2024-35831

In the Linux kernel, the following vulnerability has been resolved: iouring: Fix release of pinned pages when iouaddrmap fails Looking at the error path of iouaddrmap, if we fail after pinning the pages for any reasons, ret will be set to -EINVAL and the error handler won't properly release the...

5.5CVSS5.5AI score0.00207EPSS
Exploits0References1
OSV
OSV
added 2024/05/17 2:15 p.m.2 views

UBUNTU-CVE-2024-35831

In the Linux kernel, the following vulnerability has been resolved: iouring: Fix release of pinned pages when iouaddrmap fails Looking at the error path of iouaddrmap, if we fail after pinning the pages for any reasons, ret will be set to -EINVAL and the error handler won't properly release the...

5.5CVSS6.1AI score0.00207EPSS
Exploits0References12
Cvelist
Cvelist
added 2024/05/17 1:41 p.m.34 views

CVE-2024-35831 io_uring: Fix release of pinned pages when __io_uaddr_map fails

In the Linux kernel, the following vulnerability has been resolved: iouring: Fix release of pinned pages when iouaddrmap fails Looking at the error path of iouaddrmap, if we fail after pinning the pages for any reasons, ret will be set to -EINVAL and the error handler won't properly release the...

7.4AI score0.00207EPSS
Exploits0References4
CVE
CVE
added 2024/05/17 1:41 p.m.151 views

CVE-2024-35831

CVE-2024-35831 (Linux kernel io_uring issue) : The vulnerability arises in the error path of __io_uaddr_map where, after pinning pages, the error handler may not release the pinned pages if the function fails. This can occur under memory fragmentation and results in improper cleanup. The base CVS...

5.5CVSS6.6AI score0.00207EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2024/05/17 1:41 p.m.25 views

CVE-2024-35831 io_uring: Fix release of pinned pages when __io_uaddr_map fails

In the Linux kernel, the following vulnerability has been resolved: iouring: Fix release of pinned pages when iouaddrmap fails Looking at the error path of iouaddrmap, if we fail after pinning the pages for any reasons, ret will be set to -EINVAL and the error handler won't properly release the...

6.7AI score0.00207EPSS
Exploits0References4
OSV
OSV
added 2024/05/17 1:41 p.m.17 views

CVE-2024-35831 io_uring: Fix release of pinned pages when __io_uaddr_map fails

In the Linux kernel, the following vulnerability has been resolved: iouring: Fix release of pinned pages when iouaddrmap fails Looking at the error path of iouaddrmap, if we fail after pinning the pages for any reasons, ret will be set to -EINVAL and the error handler won't properly release the...

5.5CVSS6.1AI score0.00207EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2024/03/25 6:15 p.m.12 views

CVE-2023-45824 OroPlatform's pinned entity creation form shows pages of other users

OroPlatform is a PHP Business Application Platform BAP. A logged in user can access page state data of pinned pages of other users by pageId hash. This vulnerability is fixed in 5.1.4...

4.3CVSS7AI score0.0044EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/03/25 12:0 a.m.6 views

PT-2024-13289 · Unknown · Oroplatform

Name of the Vulnerable Software and Affected Versions: OroPlatform versions prior to 5.1.4 Description: A logged in user can access page state data of pinned pages of other users by pageId hash. This issue allows unauthorized access to sensitive information. Recommendations: For versions prior to...

4.3CVSS7AI score0.0044EPSS
Exploits0References10
Rows per page
Query Builder