CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2026/05/08 9:48 p.m.•8 views

CLSA-2026-1778276927 kernel: Fix of 33 CVEs

rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present - xfrm: esp: avoid in-place decrypt on shared skb frags - ext4: avoid OOB when system.data xattr changes underneath the filesystem CVE-2024-47701 - gpiolib: cdev: fix uninitialised kfifo CVE-2024-36898 - wifi: mt76: Fix...

7.8CVSS7.1AI score0.00495EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Firmware: armscmi: Account for failed debug initialization. When the SCMI debug subsystem fails to initialize, the related debug root will be missing, and the underlying descriptor will be NULL. This fault condition should be...

5.2AI score0.00168EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Firmware: armscmi: Balances the device reference count when destroying devices. Using devicefindchild to find the appropriate SCMI device to destroy causes an imbalance in the device reference count. This occurs because...

5.5CVSS6.2AI score0.0016EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•11 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Firmware: armscmi: Fixed a slab-use-after-free in scmibusnotifier. The scmidev-name is released prematurely in scmidevicedestroy, which causes a slab-use-after-free when accessing scmidev-name in scmibusnotifier. Therefore, the...

7.8CVSS6.7AI score0.00221EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: The regulator: scmi – a fix was made to the refcount leak in scmiregulatorprobe. The offindnodebyname function returns a node pointer with the refcount incremented; we should use ofnodeput on it after processing. Add the missing...

5.5CVSS5.7AI score0.0024EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•6 views

Astra Linux – Vulnerability in Linux 5.15, Linux

In the Linux kernel, the following vulnerability has been resolved: Firmware: armscmi: Hardened access to reset domains. Accessing reset domain descriptors via indexes in SCMI driver requests, through the SCMI reset operation interface, may potentially lead to out-of-bound violations if the SCMI...

8.1CVSS5.7AI score0.00737EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Firmware: armscmi: Fixed a double-free in the SMC transport cleanup process. When the generic SCMI code destroys a channel, it calls the chanfree callback function, which is defined by each transport. Since multiple protocols may...

5.5CVSS5.2AI score0.00227EPSS

SUSE CVE•added 2026/04/25 1:39 a.m.•3 views

SUSE CVE-2026-31544

In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Fix NULL dereference on notify error path Since commit b5daf93b809d1 "firmware: armscmi: Avoid notifier registration for unsupported events" the call chains leading to the helper scmieventhandlergetops expect a...

5.4AI score0.00121EPSS

RedhatCVE•added 2026/04/24 4:57 p.m.•3 views

CVE-2026-31544

A flaw was found in the Linux kernel's armscmi firmware component. The scmieventhandlergetops helper function can return a NULL pointer when an event handler is not found or created, instead of an expected error pointer. This improper handling of the error path leads to a NULL dereference...

5.5CVSS5.4AI score0.00121EPSS

Exploits0References4

NVD•added 2026/04/24 3:16 p.m.•0 views

CVE-2026-31544

5.5CVSS0.00121EPSS

OSV•added 2026/04/24 3:16 p.m.•2 views

DEBIAN-CVE-2026-31544

5.5CVSS5.3AI score0.00121EPSS

UbuntuCve•added 2026/04/24 3:16 p.m.•2 views

CVE-2026-31544

5.5CVSS5.3AI score0.00121EPSS

Exploits0References5

CVE•added 2026/04/24 2:33 p.m.•4 views

CVE-2026-31544

The CVE-2026-31544 issue affects the Linux kernel firmware component arm_scmi, where the helper __scmi_event_handler_get_ops could yield a NULL instead of an ERR_PTR when an event handler is missing or not created. This caused a NULL dereference in the notify error path, potentially leading to a ...

5.5CVSS5.3AI score0.00121EPSS

Exploits0References3Affected Software1

ATTACKERKB•added 2026/04/24 2:33 p.m.•1 views

CVE-2026-31544

5.3AI score0.00121EPSS

Exploits0References4Affected Software1

Cvelist•added 2026/04/24 2:33 p.m.•28 views

CVE-2026-31544 firmware: arm_scmi: Fix NULL dereference on notify error path

0.00121EPSS

EUVD•added 2026/04/24 2:33 p.m.•3 views

EUVD-2026-25437

5.3AI score0.00121EPSS

Debian CVE•added 2026/04/24 2:33 p.m.•1 views

CVE-2026-31544

5.5CVSS5.2AI score0.00121EPSS

Exploits0

Positive Technologies•added 2026/04/24 12:0 a.m.•6 views

PT-2026-34896

In the Linux kernel, the following vulnerability has been resolved: firmware: arm scmi: Fix NULL dereference on notify error path Since commit b5daf93b809d1 "firmware: arm scmi: Avoid notifier registration for unsupported events" the call chains leading to the helper scmi event handler get ops...

5.3AI score0.00121EPSS

Exploits0References4

Tenable Nessus•added 2026/04/24 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2026-31544

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - firmware: armscmi: Fix NULL dereference on notify error path Since commit b5daf93b809d1 firmware: armscmi: Avoid notifier registration for unsupported events th...

5.5CVSS5.8AI score0.00121EPSS