CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

236 matches found

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: crypto: qat – added parameter checks for RSA. Requests with a source buffer size greater than the size of the key are rejected. This prevents potential integer underflow issues that might occur when copying the source scatterlist...

5.5CVSS6.3AI score0.00248EPSS

Exploits0References2

AstraLinux•added 6 days ago•5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: skmsg: Fixed the incorrect last sg check in skmsgrecvmsg. Also, one instance of a kernel NULL pointer dereferencing was fixed as follows: 224.462334 Call Trace: 224.462394 tcpbpfrecvmsg+0xd3/0x380 224.462441 ? sockhasperm+0x78/0x...

5.5CVSS5.7AI score0.00195EPSS

Exploits0References2

AstraLinux•added 6 days ago•5 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: crypto: qat – added parameter checks for DH. Requests with a source buffer that is larger than the size of the key are being rejected. This is to prevent a possible integer underflow that might occur when copying the source...

5.5CVSS6.3AI score0.00246EPSS

Exploits0References2

SUSE CVE•added 2026/06/09 2:21 a.m.•25 views

SUSE CVE-2026-46289

In the Linux kernel, the following vulnerability has been resolved: lib/scatterlist: fix length calculations in extractkvectosg Patch series "Fix bugs in extractitertosg", v3. Fix bugs in the kvec and user variants of extractitertosg. This series is growing due to useful remarks made by...

5.5CVSS5.4AI score0.00457EPSS

Exploits0References3

RedhatCVE•added 2026/06/08 7:38 p.m.•7 views

CVE-2026-46289

A flaw was found in the Linux kernel's lib/scatterlist component. Incorrect length calculations within the extractkvectosg function, when extracting data from a kvec to a scatterlist, could lead to writing beyond intended page boundaries. Additionally, when extracting a user buffer, the scatterli...

9.8CVSS5.5AI score0.00457EPSS

Exploits0References4

OSV•added 2026/06/08 5:16 p.m.•10 views

UBUNTU-CVE-2026-46289

9.8CVSS5.4AI score0.00457EPSS

Exploits0References8

EUVD•added 2026/06/08 3:46 p.m.•8 views

EUVD-2026-35155

5.4AI score0.00457EPSS

Exploits0References5

CVE•added 2026/06/08 3:46 p.m.•30 views

CVE-2026-46289

In the Linux kernel, CVE-2026-46289 concerns bugs in lib/scatterlist during extract_kvec_to_sg when transferring data from a kvec to a sglist. The main issues: (1) the computed length for a sglist entry can exceed the page size, causing overread; (2) while extracting a user buffer, the sglist can...

9.8CVSS5.4AI score0.00457EPSS

Exploits0References5

Positive Technologies•added 2026/06/08 12:0 a.m.•11 views

PT-2026-47361

Name of the Vulnerable Software and Affected Versions Linux kernel versions 6.3 through 6.5 Description Issues exist in the extract kvec to sg function within the scatterlist library. When extracting from a kvec to a scatterlist, the length for an sglist entry can exceed the number of bytes in th...

9.8CVSS5.5AI score0.00457EPSS

Exploits1References65

AstraLinux•added 2026/05/20 5:53 a.m.•4 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fixed the potential overflow of the shmem scatterlist length. When a scatterlists table of a GEM shmem object with a size of 4 GB or more is populated with pages allocated from the folio format, the .length attribute of...

7.8CVSS5.3AI score0.00129EPSS

Exploits0References1

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Net: TLS – Fix for the WARNING message when using skmsgfree. A splice operation with MSGSPLICEPAGES causes the TLS sendmsg code to use the tlsswsendmsgsplice path to move the user-provided pages from the msg buffer to the msgpl...

5.5CVSS6.4AI score0.00218EPSS

Exploits0References2

SUSE CVE•added 2026/05/20 2:28 a.m.•7 views

SUSE CVE-2026-43492

In the Linux kernel, the following vulnerability has been resolved: lib/crypto: mpi: Fix integer underflow in mpireadrawfromsgl Yiming reports an integer underflow in mpireadrawfromsgl when subtracting "lzeros" from the unsigned "nbytes". For this to happen, the scatterlist "sgl" needs to occupy...

5.5CVSS5.8AI score0.00196EPSS

Exploits0References3

RedHat Linux•added 2026/05/19 8:12 p.m.•6 views

kernel: crypto: af_alg - limit RX SG extraction by receive buffer budget

A flaw was found in the Linux kernel's afalg Algorithm Interface component. This vulnerability allows a local attacker to cause a denial of service DoS by sending specially crafted requests. The afalggetrsgl function fails to properly limit the extraction of receive scatterlist RX SG data based o...

5.5CVSS5.8AI score0.00114EPSS

Exploits0References5

RedHat Linux•added 2026/05/19 2:4 p.m.•30 views

kernel: crypto: af_alg - limit RX SG extraction by receive buffer budget

5.5CVSS5.8AI score0.00114EPSS

Exploits0References5