Lucene search
K

530 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-53207

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/memory-failure: fix hugetlblock AA deadlock in gethugepageforhwpoison Two concurrent madviseMADVHWPOISON calls on the same hugetlb page can trigger a recursi...

5.5CVSS6AI score0.00099EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2026/06/27 8:5 a.m.7 views

mm/memory-failure: fix hugetlb_lock AA deadlock in get_huge_page_for_hwpoison

...

5.5CVSS5.8AI score0.00099EPSS
Exploits0
NVD
NVD
added 2026/06/25 9:16 a.m.6 views

CVE-2026-53207

In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: fix hugetlblock AA deadlock in gethugepageforhwpoison Two concurrent madviseMADVHWPOISON calls on the same hugetlb page can trigger a recursive spinlock self-deadlock AA deadlock on hugetlblock when racing with...

5.5CVSS0.00099EPSS
Exploits0References6
OSV
OSV
added 2026/06/25 9:16 a.m.3 views

UBUNTU-CVE-2026-53207

In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: fix hugetlblock AA deadlock in gethugepageforhwpoison Two concurrent madviseMADVHWPOISON calls on the same hugetlb page can trigger a recursive spinlock self-deadlock AA deadlock on hugetlblock when racing with...

5.5CVSS5.7AI score0.00099EPSS
Exploits0References9
EUVD
EUVD
added 2026/06/25 8:39 a.m.5 views

EUVD-2026-39298

In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: fix hugetlblock AA deadlock in gethugepageforhwpoison Two concurrent madviseMADVHWPOISON calls on the same hugetlb page can trigger a recursive spinlock self-deadlock AA deadlock on hugetlblock when racing with...

5.8AI score0.00099EPSS
Exploits0References6
CVE
CVE
added 2026/06/25 8:39 a.m.14 views

CVE-2026-53207

The CVE-2026-53207 issue affects the Linux kernel mm/memory-failure path, where concurrent MADV_HWPOISON calls on the same hugetlb page can deadlock the non-recursive hugetlb_lock. The root cause is a sequence where a GUP reference is dropped under the hugetlb_lock, allowing free_huge_folio to re...

5.5CVSS5.8AI score0.00099EPSS
Exploits0References6Affected Software1
SUSE CVE
SUSE CVE
added 2026/05/30 2:20 a.m.24 views

SUSE CVE-2026-6324

A flaw was found in libsoup. A remote attacker could exploit an unsigned to signed conversion error in the soupbodyinputstreamreadchunked function by sending a malicious HTTP request. This vulnerability occurs when libsoup operates behind a non-libsoup proxy server or as a proxy in front of a...

4.8CVSS5.8AI score0.00872EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.12 views

Roundcube Webmail 安全漏洞

Roundcube Webmail is a browser-based open source IMAP client from Roundcube open source, which supports address book management, message searching, spell checking and more. A security vulnerability exists in Roundcube Webmail versions prior to 1.6.16 and 1.7.1, which originates from a poison bypa...

3.7CVSS5.9AI score0.00433EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: x86/MCE: Always save the CS register in cases of AMD Zen IF Poison errors. The Instruction Fetch IF units on current AMD Zen-based systems do not guarantee a synchronous MC for errors related to poison consumption. Therefore,...

5.5CVSS6.5AI score0.00136EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Performing garbage collection on re-declared JavaScript variables led to a “user-after-poison” situation, and potentially caused a exploitable crash. This vulnerability affects Firefox 85, Thunderbird 78.7, and Firefox ESR 78.7...

8.8CVSS7.3AI score0.01196EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Mariadb 10.3

It was discovered that MariaDB v10.7 contains a use-after-poison issue in the interceptormemset function located at /libsanitizer/sanitizercommon/sanitizercommoninterceptors.inc...

7.5CVSS7.4AI score0.02082EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Firefox

The incorrect use of the '' method could lead to a “user-after-poison” situation and potentially cause a exploitable crash. This vulnerability affects Firefox versions earlier than 85...

8.8CVSS7.8AI score0.0089EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: USB: core: Fixed a hang issue in usbkillurb by adding memory barriers. The syzbot fuzzer has identified a bug in which processes hang while waiting for usbkillurb to return. It turns out that the issue isn’t related to unmounting...

7.1CVSS6.4AI score0.00186EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/amdgpu: Skip vcn poison irq release on VF VF does not enable VCN poison irq in VCNv2.5. Skip releasing it and avoid call trace during deinitialization. 71.913601 drm Clean up the vf2pf work item 71.915088 ------------ Cut...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References1
Snyk
Snyk
added 2026/05/19 9:0 p.m.6 views

Malicious Package

Overview github.com/shopsprint/decimal is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS5.8AI score
Exploits0References2
OSV
OSV
added 2026/05/14 12:2 a.m.9 views

OSV-2026-726 Use-after-poison in md_build_attribute

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=512429151 Crash type: Use-after-poison READ 1 Crash state: mdbuildattribute mdprocessallblocks mdparse...

5.8AI score
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/05/12 3:31 a.m.8 views

SUSE CVE-2026-43298

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Skip vcn poison irq release on VF VF doesn't enable VCN poison irq in VCNv2.5. Skip releasing it and avoid call trace during deinitialization. 71.913601 drm clean up the vf2pf work item 71.915088 ------------ cut here...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/08 6:31 p.m.10 views

CVE-2026-43298

A flaw was found in the amdgpu graphics driver within the Linux kernel. During deinitialization, the driver attempts to release a Video Core Next VCN poison interrupt request IRQ on a Virtual Function VF even when it was not enabled. This can cause a kernel warning and lead to system instability,...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/08 3:31 p.m.12 views

EUVD-2026-28568

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Skip vcn poison irq release on VF VF doesn't enable VCN poison irq in VCNv2.5. Skip releasing it and avoid call trace during deinitialization. 71.913601 drm clean up the vf2pf work item 71.915088 ------------ cut here...

5.7AI score0.00121EPSS
Exploits0References4
NVD
NVD
added 2026/05/08 2:16 p.m.23 views

CVE-2026-43298

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Skip vcn poison irq release on VF VF doesn't enable VCN poison irq in VCNv2.5. Skip releasing it and avoid call trace during deinitialization. 71.913601 drm clean up the vf2pf work item 71.915088 ------------ cut here...

5.5CVSS0.00121EPSS
Exploits0References3
Rows per page
Query Builder