Lucene search
K

67 matches found

EUVD
EUVD
added 2026/06/24 6:32 p.m.3 views

EUVD-2026-38822

In the Linux kernel, the following vulnerability has been resolved: libceph: handle rbtree insertion error in decodechooseargs A message of type CEPHMSGOSDMAP contains an OSD map that itself contains a CRUSH map. The received CRUSH map may optionally contain chooseargs that get decoded in...

5.7AI score0.0053EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 2026/06/24 4:28 p.m.7 views

CVE-2026-52954

In the Linux kernel, the following vulnerability has been resolved: libceph: handle rbtree insertion error in decodechooseargs A message of type CEPHMSGOSDMAP contains an OSD map that itself contains a CRUSH map. The received CRUSH map may optionally contain chooseargs that get decoded in...

7.5CVSS5.7AI score0.0053EPSS
Exploits0References9Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.8 views

PT-2026-51848

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the libceph component where the decode choose args function fails to properly handle errors during rbtree insertion. When processing a CEPH MSG OSD MAP message...

7.5CVSS5.8AI score0.0053EPSS
Exploits0References10
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ext4: Fixed a traversal bug in ext4mbusepreallocated. During allocation, when searching for pre-allocations PA in the per-inode rbtree, we cannot perform a direct traversal of the tree because ext4mbdiscardgrouppreallocation may...

5.8AI score0.00161EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fixed the WARNON in the iommu probe path. Commit 1a75cc710b95 “iommu/vt-d: Use rbtree to track iommu-probed devices” adds all devices probed by the iommu driver to a rbtree indexed by the source ID of each device. Thi...

5.9CVSS5.6AI score0.00196EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftables: The backend for setting up DEAD bits was changed to use the GC transaction API. The old and buggy gc API and the busy mark approach have been replaced with the GC transaction API. No set elements are remov...

5.5CVSS6.2AI score0.00243EPSS
Exploits0References2
CVE
CVE
added 2026/06/01 12:0 a.m.15 views

CVE-2026-37235

FlexRIC v2.0.0 trusts the xapp_id field from E42 payloads without binding it to the sender’s SCTP association. The valid_xapp_id() check only ensures the value is within the assigned range, enabling a remote unauthenticated attacker to impersonate any xApp by supplying their xapp_id in requests t...

7.5CVSS5.8AI score0.0057EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2026/06/01 12:0 a.m.31 views

CVE-2026-37235

FlexRIC v2.0.0 trusts the xappid field from E42 message payloads without binding it to the sender's SCTP association. The validation function validxappid only checks that the value is within the assigned range. A remote unauthenticated attacker can impersonate any xApp by specifying their xappid ...

0.0057EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/05/08 6:52 p.m.10 views

CVE-2026-41511

OpenMcdf is a fully .NET / C library to manipulate Compound File Binary File Format files, also known as Structured Storage. Prior to version 3.1.3, OpenMcdf does not detect cycles in the directory entry red-black tree of a Compound File Binary CFB document. A crafted CFB file with a cycle in the...

6.2CVSS5.7AI score0.00187EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.13 views

OpenMcdf 安全漏洞

OpenMcdf is an open-source .NET library for manipulating compound file binary formats. Versions of OpenMcdf prior to 3.1.3 contained security vulnerabilities, which stemmed from undetected loops in the red-black tree used to manage directory entries, potentially leading to infinite loops...

6.2CVSS5.8AI score0.00187EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2026/04/22 10:9 p.m.26 views

OpenMcdf has an Infinite loop DoS via crafted CFB directory cycle

Summary OpenMcdf does not detect cycles in the directory entry red-black tree of a Compound File Binary CFB document. A crafted CFB file with a cycle in the LeftSiblingID / RightSiblingID chain causes Storage.EnumerateEntries and Storage.OpenStream to loop indefinitely, consuming the calling thre...

6.2CVSS5.8AI score0.00187EPSS
Exploits1References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.10 views

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011349)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011349 advisory. In the Linux kernel, the following vulnerability has been resolved: fs/proc: fix uaf in procreaddirde Pde is erased from subdir rbtree through rberase, but not set...

5.9AI score0.00544EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.7 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013099)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013099 advisory. In the Linux kernel, the following vulnerability has been resolved: fs/proc: fix uaf in procreaddirde Pde is erased from subdir rbtree through rberase, but not set...

5.9AI score0.00544EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2026/03/23 12:0 a.m.3 views

Siemens SIMATIC S7-1500 NULL Pointer Dereference (CVE-2025-38468)

"In the Linux kernel, the following vulnerability has been resolved: net/sched: Return NULL when htblookupleaf encounters an empty rbtree htblookupleaf has a BUGON that can trigger with the following: tc qdisc del dev lo root tc qdisc add dev lo root handle 1: htb default 1 tc class add dev lo...

5.5CVSS6.2AI score0.00162EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/12/10 4:24 a.m.3 views

CVE-2023-53813

In the Linux kernel, the following vulnerability has been resolved: ext4: fix rbtree traversal bug in ext4mbusepreallocated During allocations, while looking for preallocationsPA in the per inode rbtree, we can't do a direct traversal of the tree because ext4mbdiscardgrouppreallocation can...

6.4CVSS5.5AI score0.00161EPSS
Exploits0References4
EUVD
EUVD
added 2025/12/09 6:30 p.m.6 views

EUVD-2025-201869

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix infinite loop in insertextenttree When we get wrong extent info data, and look up extentnode in rb tree, it will cause infinite loop CONFIGF2FSCHECKFS=n. Avoiding this by return NULL and print some kernel messages in th...

5.9AI score0.00186EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/12/09 4:9 a.m.28 views

CVE-2025-40333 f2fs: fix infinite loop in __insert_extent_tree()

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix infinite loop in insertextenttree When we get wrong extent info data, and look up extentnode in rb tree, it will cause infinite loop CONFIGF2FSCHECKFS=n. Avoiding this by return NULL and print some kernel messages in th...

0.00186EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2025/12/09 12:1 a.m.3 views

CVE-2023-53813

In the Linux kernel, the following vulnerability has been resolved: ext4: fix rbtree traversal bug in ext4mbusepreallocated During allocations, while looking for preallocationsPA in the per inode rbtree, we can't do a direct traversal of the tree because ext4mbdiscardgrouppreallocation can...

5.4AI score0.00161EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/12/08 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-40271

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/proc: fix uaf in procreaddirde Pde is erased from subdir rbtree through rberase, but not set the node to EMPTY, which may result in uaf access. We should us...

6AI score0.00544EPSS
Exploits3References3
EUVD
EUVD
added 2025/12/07 12:30 a.m.3 views

EUVD-2025-201584

In the Linux kernel, the following vulnerability has been resolved: fs/proc: fix uaf in procreaddirde Pde is erased from subdir rbtree through rberase, but not set the node to EMPTY, which may result in uaf access. We should use RBCLEARNODE set the erased node to EMPTY, then pdesubdirnext will...

6AI score0.00544EPSS
Exploits3References9
Rows per page
Query Builder