CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 5 days ago•5 views

CVE-2026-52949

The CVE-2026-52949 entry affects the Linux kernel DRM/TTM subsystem, specifically the ttm_bo_shrink() path. It describes an infinite LRU walk on backup failure that is fixed by applying the same remedy used for ttm_bo_swapout() (prevents the infinite LRU walk on swapout failure). The patch also c...

5.8AI score0.00162EPSS

AstraLinux•added 2026/06/19 11:10 a.m.•3 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: gfs2: The use-of-free variable issue in gfs2glockshrinkscan has been fixed. The GLFLRU flag is checked under lrulock in gfs2glockremovefromlru, to remove a glock from the lru list in gfs2glockput. During the shrink scan process,...

7.8CVSS5.7AI score0.00243EPSS

AstraLinux•added 2026/06/19 11:10 a.m.•2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm/vmscan: Fixed handling of hwpoisoned large folio entries in shrinkfoliolist. In shrinkfoliolist, the hwpoisoned folio might be a large folio, which cannot be handled by unmappoisonedfolio. For THP, trytounmapone must be called...

5.5CVSS5.6AI score0.00135EPSS

AstraLinux•added 2026/06/19 11:10 a.m.•2 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: dm thin: Fixed the ABBA deadlock between shrinkslab and dmpoolabortmetadata. The following concurrent processes: P1drop cache P2kworker dropcachessysctlhandler dropslab shrinkslab downread&shrinkerrwsem - LOCK A doshrinkslab...

5.5CVSS5.5AI score0.00138EPSS

AstraLinux•added 2026/06/19 11:10 a.m.•11 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: blk-mq: The issue of tag leaks during the shrink nrhwqueues operation has been fixed. Although we don’t need to reallocate the set-tags array when performing shrink nrhwqueues, we still need to free those tags. Otherwise, these...

5.2AI score0.00156EPSS

CVE•added 2026/06/12 9:57 p.m.•16 views

CVE-2026-41158

Summary of CVE-2026-41158: The vulnerability concerns GPU DDK where backed sparse PMRs are not handled by the deferred free mechanism after shrink, allowing a non-privileged user to perform GPU system calls that write to arbitrarily freed physical pages. The root cause is that physical memory all...

7.8CVSS5.3AI score0.00118EPSS

Cvelist•added 2026/06/12 9:57 p.m.•30 views

CVE-2026-41158 GPU DDK - Backed sparse PMRs are not handled by deferred free mechanism after shrink

Software installed and run as a non-privileged user may conduct GPU system calls to write to arbitrary freed physical pages. Physical memory allocated and freed, without the deferred free mechanism can lead to those resources being used for read/write by the GPU after the kernel module has freed...

0.00118EPSS

SUSE CVE•added 2026/05/28 3:57 a.m.•8 views

SUSE CVE-2026-45861

In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix slab-use-after-free in qdput Commit a475c5dd16e5 "gfs2: Free quota data objects synchronously" started freeing quota data objects during filesystem shutdown instead of putting them back onto the LRU list, but it failed ...

7.8CVSS5.8AI score0.00159EPSS

Exploits0References3

Cvelist•added 2026/05/27 12:15 p.m.•44 views

CVE-2026-45861 gfs2: Fix slab-use-after-free in qd_put

7.8CVSS0.00159EPSS

CVE•added 2026/05/27 12:15 p.m.•17 views

CVE-2026-45861

CVE-2026-45861 refers to a Linux kernel vulnerability in the GFS2 file system. The root cause is a slab-use-after-free: during filesystem shutdown, quota data objects were freed without being removed from the LRU list due to the change in the a475c5dd16e5 sequence. As a result, the shrinker (gfs2...

7.8CVSS5.8AI score0.00159EPSS

Exploits0References4Affected Software1

AstraLinux•added 2026/05/20 5:53 a.m.•7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: rustbinder: The spinlock call in rustshrinkfreepage has been removed. When porting Rust Binder to version 6.18, I overlooked including the commit fb56fdf8b9a2 “mm/listlru: split the lock to per-cgroup scope” in the consideration...

5.5CVSS5.4AI score0.00102EPSS

RedhatCVE•added 2026/05/13 2:21 p.m.•7 views

CVE-2026-31214

The torch-checkpoint-shrink.py script in the ml-engineering project in commit 0099885db36a8f06556efe1faf552518852cb1e0 2025-20-27 contains an insecure deserialization vulnerability CWE-502. The script uses torch.load to process PyTorch checkpoint files .pt without enabling the security-restrictiv...

9.8CVSS6.3AI score0.00486EPSS

EUVD•added 2026/05/12 6:30 p.m.•8 views

EUVD-2026-29498

6.3AI score0.00486EPSS

Exploits0References3

Positive Technologies•added 2026/05/12 12:0 a.m.•10 views

PT-2026-40053

6.3AI score0.00486EPSS

Exploits0References3

Tenable Nessus•added 2026/04/21 12:0 a.m.•7 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010831)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010831 advisory. In the Linux kernel, the following vulnerability has been resolved: dm thin: Fix ABBA deadlock between shrinkslab and dmpoolabortmetadata Following concurrent...

5.5CVSS5.9AI score0.00138EPSS

Tenable Nessus•added 2026/04/21 12:0 a.m.•5 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-006943)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006943 advisory. In the Linux kernel, the following vulnerability has been resolved: dm thin: Fix ABBA deadlock between shrinkslab and dmpoolabortmetadata Following concurrent...

5.5CVSS5.8AI score0.00138EPSS