Lucene search
K

29 matches found

SUSE CVE
SUSE CVE
added 4 days ago6 views

SUSE CVE-2026-53311

In the Linux kernel, the following vulnerability has been resolved: fuse: fix uninit-value in fusedentryrevalidate fusedentryrevalidate may be called with a dentry that didn't had -dtime initialised. The issue was found with KMSAN, where lookupopen calls dalloc, followed by drevalidate, as shown...

5.7AI score0.00154EPSS
Exploits0References2
NVD
NVD
added 6 days ago6 views

CVE-2026-53311

In the Linux kernel, the following vulnerability has been resolved: fuse: fix uninit-value in fusedentryrevalidate fusedentryrevalidate may be called with a dentry that didn't had -dtime initialised. The issue was found with KMSAN, where lookupopen calls dalloc, followed by drevalidate, as shown...

0.00154EPSS
Exploits0References3
OSV
OSV
added 6 days ago2 views

UBUNTU-CVE-2026-53311

In the Linux kernel, the following vulnerability has been resolved: fuse: fix uninit-value in fusedentryrevalidate fusedentryrevalidate may be called with a dentry that didn't had -dtime initialised. The issue was found with KMSAN, where lookupopen calls dalloc, followed by drevalidate, as shown...

5.7AI score0.00154EPSS
Exploits0References6
EUVD
EUVD
added 6 days ago5 views

EUVD-2026-39846

In the Linux kernel, the following vulnerability has been resolved: fuse: fix uninit-value in fusedentryrevalidate fusedentryrevalidate may be called with a dentry that didn't had -dtime initialised. The issue was found with KMSAN, where lookupopen calls dalloc, followed by drevalidate, as shown...

5.7AI score0.00154EPSS
Exploits0References3
CVE
CVE
added 6 days ago5 views

CVE-2026-53311

The CVE-2026-53311 entry concerns the Linux kernel fuse module. It describes a bug in fuse_dentry_revalidate() where a dentry could be passed without initialized ->d_time, discovered via KMSAN traces involving lookup_open(), __d_alloc(), d_revalidate(), and related path_openat/open_last_lookup...

5.7AI score0.00154EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 6 days ago8 views

PT-2026-52950

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists where the fuse dentry revalidate function may be called with a dentry that has an uninitialized d time variable. This behavior was identified using KMSAN, occurring when...

5.7AI score0.00154EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/05/13 8:23 p.m.6 views

CVE-2026-43983

Pocket ID is an OIDC provider that allows users to authenticate with their passkeys to your services. Prior to 2.6.0, The createTokenFromRefreshToken function oidcservice.go validates the refresh token's cryptographic integrity but does not re-validate the user's current authorization state befor...

8.5CVSS5.8AI score0.00247EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2026/03/09 10:2 a.m.1 views

kernel: Linux kernel: Use-after-free in device mapper due to race condition in zone reporting

A flaw was found in the Linux kernel's device mapper dm component. When setting up zone append emulation resources, a race condition can occur if the blkrevalidatediskzones function fails while another process simultaneously calls dmblkreportzones. This timing issue can lead to a use-after-free...

7.8CVSS5.7AI score0.00159EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/01/27 12:0 a.m.5 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005093)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005093 advisory. In the Linux kernel, the following vulnerability has been resolved: hfs: fix to initialize fields of hfsinodeinfo after hfsallocinode Syzbot reports uninitialized...

5.5CVSS6.6AI score0.00274EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/07/03 11:23 p.m.4 views

SUSE CVE-2025-38141

In the Linux kernel, the following vulnerability has been resolved: dm: fix dmblkreportzones If dmgetlivetable returned NULL, dmputlivetable was never called. Also, it is possible that md-zonerevalidatemap will change while calling this function. Only read it once, so that we are always using the...

7.8CVSS6.5AI score0.00159EPSS
Exploits0References12
NVD
NVD
added 2025/07/03 9:15 a.m.7 views

CVE-2025-38141

In the Linux kernel, the following vulnerability has been resolved: dm: fix dmblkreportzones If dmgetlivetable returned NULL, dmputlivetable was never called. Also, it is possible that md-zonerevalidatemap will change while calling this function. Only read it once, so that we are always using the...

7.8CVSS0.00159EPSS
Exploits0References3
OSV
OSV
added 2025/07/03 9:15 a.m.7 views

AZL-64595 CVE-2025-38140 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: dm: limit swapping tables for devices with zone write plugs dmrevalidatezones only allowed new or previously unzoned devices to call blkrevalidatediskzones. If the device was already zoned, disk-nrzones would always equal...

5.5CVSS5.8AI score0.00137EPSS
Exploits0References1
OSV
OSV
added 2025/07/03 9:15 a.m.1 views

DEBIAN-CVE-2025-38141

In the Linux kernel, the following vulnerability has been resolved: dm: fix dmblkreportzones If dmgetlivetable returned NULL, dmputlivetable was never called. Also, it is possible that md-zonerevalidatemap will change while calling this function. Only read it once, so that we are always using the...

7.8CVSS6.2AI score0.00159EPSS
Exploits0References1
OSV
OSV
added 2025/07/03 9:15 a.m.3 views

UBUNTU-CVE-2025-38141

In the Linux kernel, the following vulnerability has been resolved: dm: fix dmblkreportzones If dmgetlivetable returned NULL, dmputlivetable was never called. Also, it is possible that md-zonerevalidatemap will change while calling this function. Only read it once, so that we are always using the...

7.8CVSS6.5AI score0.00159EPSS
Exploits0References13
Vulnrichment
Vulnrichment
added 2025/07/03 8:35 a.m.5 views

CVE-2025-38141 dm: fix dm_blk_report_zones

In the Linux kernel, the following vulnerability has been resolved: dm: fix dmblkreportzones If dmgetlivetable returned NULL, dmputlivetable was never called. Also, it is possible that md-zonerevalidatemap will change while calling this function. Only read it once, so that we are always using the...

6.5AI score0.00159EPSS
Exploits0References3
OSV
OSV
added 2025/02/26 7:1 a.m.4 views

DEBIAN-CVE-2022-49376

In the Linux kernel, the following vulnerability has been resolved: scsi: sd: Fix potential NULL pointer dereference If sdprobe sees an early error before sdkp-device is initialized, sdzbcreleasedisk is called. This causes a NULL pointer dereference when sdiszoned is called inside that function...

5.5CVSS5.4AI score0.00246EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2024/10/25 3:6 a.m.9 views

SUSE CVE-2024-49982

In the Linux kernel, the following vulnerability has been resolved: aoe: fix the potential use-after-free problem in more places For fixing CVE-2023-6270, f98364e92662 "aoe: fix the potential use-after-free problem in aoecmdcfgpkts" makes tx calling devput instead of doing in aoecmdcfgpkts. It...

5.5CVSS7.9AI score0.00259EPSS
Exploits0References26
OSV
OSV
added 2024/10/21 8:15 p.m.1 views

DEBIAN-CVE-2022-49003

In the Linux kernel, the following vulnerability has been resolved: nvme: fix SRCU protection of nvmenshead list Walking the nvmenshead siblings list is protected by the head's srcu in nvmensheadsubmitbio but not nvmempathrevalidatepaths. Removing namespaces from the list also fails to synchroniz...

4.7CVSS4.8AI score0.00229EPSS
Exploits0References1
OSV
OSV
added 2024/10/21 6:15 p.m.1 views

UBUNTU-CVE-2024-49982

In the Linux kernel, the following vulnerability has been resolved: aoe: fix the potential use-after-free problem in more places For fixing CVE-2023-6270, f98364e92662 "aoe: fix the potential use-after-free problem in aoecmdcfgpkts" makes tx calling devput instead of doing in aoecmdcfgpkts. It...

7.8CVSS6.5AI score0.00259EPSS
Exploits0References43
Positive Technologies
Positive Technologies
added 2024/10/21 12:0 a.m.6 views

PT-2024-11866 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to the fixed version Description: The issue is related to the Linux kernel's NVMe component, specifically with the nvme mpath revalidate paths function in drivers/nvme/host/multipath.c and the nvme ns remove functi...

9.1CVSS6.6AI score0.03651EPSS
Exploits10References1696
Rows per page
Query Builder