CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2026/05/27 5:7 p.m.•12 views

CVE-2026-46093

A flaw was found in the Linux kernel's memory management vmalloc subsystem. The decayvapoolnode function, when invoked concurrently from the shrinker path, lacks proper serialization. This oversight can lead to race conditions, potentially resulting in memory leaks and affecting system stability...

7.8CVSS5.8AI score0.00127EPSS

NVD•added 2026/05/27 2:17 p.m.•11 views

CVE-2026-46093

7.8CVSS0.00127EPSS

OSV•added 2026/05/27 2:17 p.m.•4 views

UBUNTU-CVE-2026-46093

7.8CVSS5.7AI score0.00127EPSS

ATTACKERKB•added 2026/05/27 12:58 p.m.•7 views

CVE-2026-46093

5.7AI score0.00127EPSS

Exploits0References4Affected Software1

CVE•added 2026/05/27 12:58 p.m.•32 views

CVE-2026-46093

CVE-2026-46093 affects the Linux kernel mm/vmalloc subsystem. The issue arises because decay_va_pool_node() can be invoked concurrently from two paths—the purge path and the shrinker path via vmap_node_shrink_scan—without proper serialization. This leads to races and potential memory leaks. The d...

7.8CVSS5.7AI score0.00127EPSS

Cvelist•added 2026/05/27 12:58 p.m.•39 views

CVE-2026-46093 mm/vmalloc: take vmap_purge_lock in shrinker

7.8CVSS0.00127EPSS

EUVD•added 2026/05/27 12:58 p.m.•19 views

EUVD-2026-32476

5.7AI score0.00127EPSS

Debian CVE•added 2026/05/27 12:58 p.m.•7 views

CVE-2026-46093

7.8CVSS5.7AI score0.00127EPSS

Exploits0

Cvelist•added 2026/05/27 12:15 p.m.•38 views

CVE-2026-45861 gfs2: Fix slab-use-after-free in qd_put

In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix slab-use-after-free in qdput Commit a475c5dd16e5 "gfs2: Free quota data objects synchronously" started freeing quota data objects during filesystem shutdown instead of putting them back onto the LRU list, but it failed ...

7.8CVSS0.00159EPSS

UbuntuCve•added 2026/05/27 12:0 a.m.•10 views

CVE-2026-46093

mm/vmalloc: take vmappurgelock in shrinker...

7.8CVSS5.8AI score0.00127EPSS

CNNVD•added 2026/05/27 12:0 a.m.•6 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the shrinker path of mm/vmalloc not acquiring the vmappurgelock lock. This could lead to...

7.8CVSS5.8AI score0.00127EPSS

Positive Technologies•added 2026/05/27 12:0 a.m.•7 views

PT-2026-43961

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the Linux kernel within the decay va pool node function. This function can be invoked concurrently by purge vmap area lazy during pool purging and by the...

9.8CVSS6.2AI score0.03663EPSS

Exploits14References279

Tenable Nessus•added 2026/05/27 12:0 a.m.•8 views

Linux Distros Unpatched Vulnerability : CVE-2026-46093

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/vmalloc: take vmappurgelock in shrinker decayvapoolnode can be invoked concurrently from two paths: purgevmaparealazy when pools are being purged, and the...

7.8CVSS5.9AI score0.00127EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•3 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Binder: A memory leak has been fixed in binderinit. In binderinit, the destruction of binderallocshrinkerinit is not performed in the correct path, which can lead to memory leaks. Therefore, this commit introduces...

5.3AI score0.00177EPSS

Exploits0References1

AstraLinux•added 2026/05/03 11:59 p.m.•3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm: zswap: fixed a NULL crash in the shrinker function when cgroupdisable=memory is set. Christian reported a NULL dereference in zswap; he was able to trace the issue back to the zswap shrinker function. This issue also appeared...

5.5CVSS5.4AI score0.0019EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•3 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Binder: Fix for use-after-free in shinker’s callback The mmap read lock is used during shinker’s callback, which means that using the alloc-vma pointer is not safe, as it could lead to a race condition with munmap. As of commit...

7.8CVSS5.8AI score0.00295EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•4 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/panfrost: Fixed corruption of the shrinker list caused by the madvise IOCTL. Calling the madvise IOCTL twice on BO causes corruption of the memory shrinker list. This also causes the kernel to crash, because BO is already on...

7.8CVSS5.8AI score0.0026EPSS

Tenable Nessus•added 2026/04/21 12:0 a.m.•3 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013343)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013343 advisory. In the Linux kernel, the following vulnerability has been resolved: binder: fix memory leak in binderinit In binderinit, the destruction of binderallocshrinkerinit i...

5.7AI score0.00177EPSS

SUSE CVE•added 2026/02/01 12:24 a.m.•5 views

SUSE CVE-2025-71181

In the Linux kernel, the following vulnerability has been resolved: rustbinder: remove spinlock in rustshrinkfreepage When forward-porting Rust Binder to 6.18, I neglected to take commit fb56fdf8b9a2 "mm/listlru: split the lock to per-cgroup scope" into account, and apparently I did not end up...

5.5CVSS5.7AI score0.00102EPSS