614 matches found
EUVD-2026-45819
In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Don't setup bogus ioviter for silencing At transition to the ioviter for PCM data transfer, we blindly applied the ioviter setup also for silencing i.e. data = NULL, and it leads to a calculation of bogus ioviter...
CVE-2026-64134 ALSA: pcm: Don't setup bogus iov_iter for silencing
In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Don't setup bogus ioviter for silencing At transition to the ioviter for PCM data transfer, we blindly applied the ioviter setup also for silencing i.e. data = NULL, and it leads to a calculation of bogus ioviter...
CVE-2026-64134
CVE-2026-64134 relates to the Linux kernel ALSA PCM path. The issue occurred when transitioning to iov_iter for PCM data transfer, where the iov_iter setup was erroneously applied for silencing (data = NULL), producing a bogus iov_iter and a NULL dereference on some architectures, notably RISC-V....
CVE-2026-64134
In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Don't setup bogus ioviter for silencing At transition to the ioviter for PCM data transfer, we blindly applied the ioviter setup also for silencing i.e. data = NULL, and it leads to a calculation of bogus ioviter...
PT-2026-61451
In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Don't setup bogus iov iter for silencing At transition to the iov iter for PCM data transfer, we blindly applied the iov iter setup also for silencing i.e. data = NULL, and it leads to a calculation of bogus iov iter...
USN-8547-1 linux-gcp-5.15, linux-intel-iotg-5.15 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - RISC-V architecture; - Cryptographic API; - InfiniBand drivers; - IOMMU subsystem; - Network drivers; -...
Ubuntu 22.04 LTS : Linux kernel (Raspberry Pi) vulnerabilities (USN-8527-1)
The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8527-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in...
HTTPS Fetch, Linux dup2 Command Shell, Reverse TCP Stager
Fetch and execute an RISC-V 64-bit payload from an HTTPS server. dup2 socket in s1, then execve. Connect back to the attacker Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule...
TFTP Fetch, Linux dup2 Command Shell, Bind TCP Stager
Fetch and execute an RISC-V 64-bit payload from a TFTP server. dup2 socket in s1, then execve. Listen for a connection Module Options...
HTTP Fetch, Linux dup2 Command Shell, Reverse TCP Stager
Fetch and execute an RISC-V 64-bit payload from an HTTP server. dup2 socket in s1, then execve. Connect back to the attacker Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule inclu...
FTP Fetch, Linux Command Shell, Bind TCP Inline
Fetch and execute an RISC-V 32-bit payload from an FTP server. Listen for a connection and spawn a command shell Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include...
FTP Fetch, Linux Execute Command
Fetch and execute an RISC-V 32-bit payload from an FTP server. Execute an arbitrary command Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include...
FTP Fetch, Linux Chmod
Fetch and execute an RISC-V 32-bit payload from an FTP server. Runs chmod on the specified file with specified mode. Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include...
FTP Fetch, Linux Command Shell, Reverse TCP Inline
Fetch and execute an RISC-V 64-bit payload from an FTP server. Connect back to attacker and spawn a command shell. Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include...
FTP Fetch, Linux dup2 Command Shell, Bind TCP Stager
Fetch and execute an RISC-V 64-bit payload from an FTP server. dup2 socket in s1, then execve. Listen for a connection Module Options...
Byte XORi Encoder
Byte XOR encoder for RISC-V 64-bit Little Endian. Encodes the payload byte-by-byte with a 1-byte XOR key using the xori instruction. Useful when R-type XOR instruction bytes 0x33 are bad characters. Module Options msf use encoder/riscv64le/bytexori msf encoderbytexori show actions ...actions... m...
Byte XORi Encoder
Byte XOR encoder for RISC-V 32-bit Little Endian. Encodes the payload byte-by-byte with a 1-byte XOR key using the xori instruction. Useful when R-type XOR instruction bytes 0x33 are bad characters. Module Options msf use encoder/riscv32le/bytexori msf encoderbytexori show actions ...actions... m...
XOR Encoder
Dword XOR encoder for RISC-V 32-bit Little Endian. Encodes the payload with a 4-byte XOR key. Module Options msf use encoder/riscv32le/longxor msf encoderlongxor show actions ...actions... msf encoderlongxor set ACTION msf encoderlongxor show options ...show and set options... msf encoderlongxor...
USN-8493-1 linux, linux-aws, linux-aws-5.15, linux-aws-fips, linux-azure, linux-azure-5.15, linux-azure-fde-5.15, linux-fips, linux-gcp, linux-gcp-fips, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-intel-iot-realtime, linux-intel-iotg, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-nvidia-tegra-igx, linux-oracle, linux-realtime vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - RISC-V architecture; - Cryptographic API; - InfiniBand drivers; - IOMMU subsystem; - Network drivers; -...
CVE-2026-53312
A flaw was found in the Linux kernel's IOMMU Input/Output Memory Management Unit component for RISC-V architectures. An integer overflow in the invalidation path can lead to an infinite loop. This vulnerability could allow a local attacker to cause a Denial of Service DoS by triggering the overfl...