Lucene search
+L

176 matches found

nvd
nvd
added 2026/06/24 5:17 p.m.7 views

CVE-2026-52950

In the Linux kernel, the following vulnerability has been resolved: drm/xe/dma-buf: fix UAF with retry loop Retry doesn't work here, since bo will be freed on error, leading to UAF. However, now that we do the alloc & init before the attach, we can now combine this as one unit and have the init d...

7.8CVSS0.00138EPSS
Exploits0References6
cve
cve
added 2026/06/24 4:28 p.m.13 views

CVE-2026-52950

The CVE-2026-52950 issue affects the Linux kernel DRM/XE DMA-BUF path. The vulnerability is a Use-After-Free in the retry loop where a buffer object could be freed on error, potentially leading to memory corruption. The documented fix changes the sequence to allocate and initialize before the att...

7.8CVSS5.7AI score0.00138EPSS
Exploits0References6Affected Software1
susecve
susecve
added 2026/06/16 2:19 a.m.11 views

SUSE CVE-2026-50011

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, RedisArrayAggregator pre-allocates ArrayList with initial capacity equal to the RESP array element count declared in an array header. That count is taken fro...

7.5CVSS5.3AI score0.0038EPSS
Exploits0References4
redhatcve
redhatcve
added 2026/06/15 8:35 a.m.12 views

CVE-2026-50011

A flaw was found in Netty, a network application framework. The RedisArrayAggregator component pre-allocates memory based on the declared element count in a Redis array header. A remote attacker can exploit this by sending a small, malicious Redis array header that claims a huge initial capacity,...

7.5CVSS5.3AI score0.0038EPSS
Exploits0References6
osv
osv
added 2026/06/12 4:16 p.m.6 views

UBUNTU-CVE-2026-50011

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, RedisArrayAggregator pre-allocates ArrayList with initial capacity equal to the RESP array element count declared in an array header. That count is taken fro...

7.5CVSS5.3AI score0.0038EPSS
Exploits0References5
vulnrichment
vulnrichment
added 2026/06/12 2:52 p.m.12 views

CVE-2026-50011 Netty has unbounded pre-allocation in RedisArrayAggregator from RESP array length

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, RedisArrayAggregator pre-allocates ArrayList with initial capacity equal to the RESP array element count declared in an array header. That count is taken fro...

7.5CVSS5.3AI score0.0038EPSS
Exploits0References3
cve
cve
added 2026/06/12 2:52 p.m.59 views

CVE-2026-50011

Netty CVE-2026-50011 affects RedisArrayAggregator in Netty (prior to 4.1.135.Final and 4.2.15.Final). A RESP header can claim a large initial ArrayList capacity, taken from the wire before child messages exist, enabling unbounded pre-allocation. This can cause memory consumption issues. The issue...

7.5CVSS5.3AI score0.0038EPSS
Exploits0References7Affected Software1
cvelist
cvelist
added 2026/06/12 2:10 p.m.34 views

CVE-2026-45416 Netty: SNI handler pre-allocates up to 16 MiB from nine attacker bytes

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, SslClientHelloHandler.decode reads the 24-bit TLS handshake length and, when the ClientHello does not fit in the first record, eagerly allocates...

7.5CVSS0.00461EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/06/05 12:0 a.m.20 views

PT-2026-48903

Name of the Vulnerable Software and Affected Versions Netty versions prior to 4.1.135.Final Netty versions prior to 4.2.15.Final Description Netty is a network application framework for developing protocol servers and clients. The RedisArrayAggregator pre-allocates an ArrayList with an initial...

7.8CVSS5.2AI score0.0038EPSS
Exploits0References59
astralinux
astralinux
added 2026/05/20 5:53 a.m.1 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: btrfs: fixed the issue of resolving backrefs for inline extents followed by prealloc extents. If a file consists of an inline extent followed by a regular or prealloc extent, then a legitimate attempt to resolve a logical...

5.5CVSS6AI score0.00146EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ext4: Fixed a traversal bug in ext4mbusepreallocated. During allocation, when searching for pre-allocations PA in the per-inode rbtree, we cannot perform a direct traversal of the tree because ext4mbdiscardgrouppreallocation may...

5.8AI score0.00167EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: udf: Fixed the issue of discarding data before allocation at the indirect extent boundary. When the preallocation extent is the first one in the extent block, the code would corrupt the extent tree header instead. This issue has...

5.5CVSS6.2AI score0.00254EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fixed races among concurrent prealloc/proc write operations. We currently have no protection against concurrent changes to PCM buffer preallocations via proc files. This could potentially lead to UAF or other strange...

7.8CVSS6.1AI score0.00267EPSS
Exploits0References2
nvd
nvd
added 2026/05/08 3:17 p.m.10 views

CVE-2026-44500

ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.4.0, prior to zebra-chain version 7.0.0, and prior to zebra-network version 6.0.0, several inbound deserialization paths in Zebra allocated buffers sized against generic transport or block-size ceilings before the tighter...

5.3CVSS0.00362EPSS
Exploits1References1
vulnrichment
vulnrichment
added 2026/05/08 3:10 p.m.10 views

CVE-2026-44500 ZEBRA: Allocation Amplification in Inbound Network Deserializers

ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.4.0, prior to zebra-chain version 7.0.0, and prior to zebra-network version 6.0.0, several inbound deserialization paths in Zebra allocated buffers sized against generic transport or block-size ceilings before the tighter...

5.3CVSS5.8AI score0.00362EPSS
Exploits1References1
attackerkb
attackerkb
added 2026/05/08 3:10 p.m.8 views

CVE-2026-44500

ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.4.0, prior to zebra-chain version 7.0.0, and prior to zebra-network version 6.0.0, several inbound deserialization paths in Zebra allocated buffers sized against generic transport or block-size ceilings before the tighter...

5.3CVSS5.8AI score0.00362EPSS
Exploits1References2Affected Software1
cve
cve
added 2026/05/08 3:10 p.m.31 views

CVE-2026-44500

ZCV-64500: Allocation amplification in Zebra inbound deserializers affects Zebra nodes prior to 4.4.0 across zebrad, zebra-chain, and zebra-network. Inbound messages (headers, blocks, transactions) could be deserialized using generic transport or block-size ceilings, causing unauthenticated/post-...

5.3CVSS5.8AI score0.00362EPSS
Exploits1References1Affected Software3
cnnvd
cnnvd
added 2026/05/08 12:0 a.m.12 views

zebra 安全漏洞

Zebra is an open-source Zcash implementation built using Rust by the Zcash Foundation. Versions of Zebra prior to 4.4.0 contained security vulnerabilities. These vulnerabilities stemmed from excessive buffer sizes allocated for multiple inbound deserialization paths, which could allow attackers t...

5.3CVSS5.9AI score0.00362EPSS
Exploits1References1
osv
osv
added 2026/05/07 8:55 p.m.7 views

GHSA-438Q-JX8F-CCCV Zebra Vulnerable to Allocation Amplification in Inbound Network Deserializers

CVE-2026-44500: Allocation Amplification in Inbound Network Deserializers Summary Several inbound deserialization paths in Zebra allocated buffers sized against generic transport or block-size ceilings before the tighter protocol or consensus limits were enforced. An unauthenticated or...

5.3CVSS5.8AI score0.00362EPSS
Exploits1References4
euvd
euvd
added 2026/04/22 3:31 p.m.5 views

EUVD-2026-24776

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free and NULL deref in smbgrantoplock smbgrantoplock has two issues in the oplock publication sequence: 1 opinfo is linked into ci-moplist via opinfoadd before addleasegloballist is called. If...

5.7AI score0.0045EPSS
Exploits0References6
Rows per page
Query Builder