CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSSF Malicious Packages•added 2026/05/25 3:12 p.m.•10 views

Malicious code in vue-compiler-sfc-plugin (npm)

6.1AI score

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: net:sfc: fixed the issue of non-freezed interrupts in legacy IRQ mode. The SFC driver can be configured using modparam to work with MSI-X, MSI, or legacy IRQ interrupts. In the latter case, the interrupt was not properly...

5.5CVSS6.5AI score0.00019EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: - For the spi: amlogic: spifc-a4 component, there is a issue where the ECC engine is not registered properly upon probe failures, and the remove callback is not executed. - The amlsfcprobe function registers the on-host NAND E...

5.5CVSS5.8AI score0.00015EPSS

Exploits0References1

AstraLinux•added 2026/05/20 5:53 a.m.•1 views

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: sfc: Fix for kernel panic when creating VFs. When creating VFs, a kernel panic can occur when calling efxef10tryupdatenicstatsvf. When releasing a DMA coherent buffer, under certain circumstances, it is necessary to unmap the...

5.5CVSS6.1AI score0.0001EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•4 views

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: sfc: Fixed an issue where a use-after-free occurred when disabling SRIOV. The use-after-free is detected by kfence when disabling SRIOV. What was read after being freed was vf-pcidev: it was freed from pcidisablesriov, and lat...

7.8CVSS6.3AI score0.00016EPSS

SUSE CVE•added 2026/05/13 3:33 a.m.•4 views

SUSE CVE-2026-43461

In the Linux kernel, the following vulnerability has been resolved: spi: amlogic: spifc-a4: Fix DMA mapping error handling Fix three bugs in amlsfcdmabuffersetup error paths: 1. Unnecessary goto: When the first DMA mapping sfc-daddr fails, nothing needs cleanup. Use direct return instead of goto...

Tenable Nessus•added 2026/05/13 12:0 a.m.•1 views

Exploits0References3

Linux Distros Unpatched Vulnerability : CVE-2026-43460

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - spi: rockchip-sfc: Fix double-free in remove callback The driver uses devmspiregistercontroller for registration, which automatically unregisters the controller...

RedhatCVE•added 2026/05/09 1:11 a.m.•5 views

CVE-2026-43460

A flaw was found in the Linux kernel's rockchip-sfc driver. This vulnerability occurs because the driver attempts to unregister a Serial Peripheral Interface SPI controller twice during device removal. This double-free operation can lead to memory corruption, which may allow a local attacker to...

EUVD•added 2026/05/08 3:31 p.m.•5 views

Exploits0References4

EUVD-2026-28766

In the Linux kernel, the following vulnerability has been resolved: spi: rockchip-sfc: Fix double-free in remove callback The driver uses devmspiregistercontroller for registration, which automatically unregisters the controller via devm cleanup when the device is removed. The manual call to...

5.9AI score0.00013EPSS

Exploits0References4

NVD•added 2026/05/08 3:16 p.m.•6 views

CVE-2026-43460

7.8CVSS0.00013EPSS

Exploits0References3

UbuntuCve•added 2026/05/08 3:16 p.m.•4 views

CVE-2026-43461

UbuntuCve•added 2026/05/08 3:16 p.m.•6 views

Exploits0References5

CVE-2026-43460

OSV•added 2026/05/08 3:16 p.m.•3 views

Exploits0References5

UBUNTU-CVE-2026-43460

ATTACKERKB•added 2026/05/08 2:22 p.m.•3 views

Exploits0References6

CVE-2026-43460

5.9AI score0.00013EPSS

Exploits0References4Affected Software1

Cvelist•added 2026/05/08 2:22 p.m.•28 views

CVE-2026-43460 spi: rockchip-sfc: Fix double-free in remove() callback

0.00013EPSS

Exploits0References3

ATTACKERKB•added 2026/05/08 2:22 p.m.•5 views

CVE-2026-43461

5.8AI score0.00013EPSS

Exploits0References4Affected Software1

CVE•added 2026/05/08 2:22 p.m.•4 views

CVE-2026-43460

In the Linux kernel rockchip-sfc driver, CVE-2026-43460 is caused by a double-free of an SPI controller: the driver uses devm_spi_register_controller(), which auto-unregisters on device removal, but remove() also calls spi_unregister_controller(), creating a double-free. The mitigation implemente...

Exploits0References3Affected Software1

Debian CVE•added 2026/05/08 2:22 p.m.•3 views

CVE-2026-43460

AstraLinux•added 2026/05/03 11:59 p.m.•4 views

Exploits0

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: sfc: fix TX channel offset when using legacy interrupts In legacy interrupt mode the txchanneloffset was hardcoded to 1, but that's not correct if efxsepparatetxchannels is false. In that case, the offset is 0 because the tx queu...

5.5CVSS5.9AI score0.00018EPSS