Lucene search
+L

3120 matches found

redhatcve
redhatcve
added 2026/07/08 5:30 a.m.6 views

CVE-2026-54234

A flaw was found in vLLM, a high-throughput and memory-efficient inference and serving engine for Large Language Models LLMs. A remote attacker can exploit this vulnerability by sending a specially crafted multi-request speculative decoding workload through public gRPC Generate and Abort endpoint...

7.5CVSS5.9AI score0.00343EPSS
Exploits1References6
nessus
nessus
added 2026/07/07 12:0 a.m.9 views

Ubuntu 26.04 LTS : Linux kernel (NVIDIA) vulnerabilities (USN-8507-1)

"The remote Ubuntu 26.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8507-1 advisory. It was discovered that some AMD processors did not properly clear data in the floating point divider unit during speculative execution. A local attacker...

9.8CVSS7.1AI score0.00675EPSS
Exploits28References237
osv
osv
added 2026/07/06 8:20 a.m.5 views

USN-8507-1 linux-nvidia vulnerabilities

It was discovered that some AMD processors did not properly clear data in the floating point divider unit during speculative execution. A local attacker could use this to expose sensitive information. CVE-2025-54505 Several security issues were discovered in the Linux kernel. An attacker could...

9.8CVSS6.8AI score0.00675EPSS
Exploits28References237
ubuntu
ubuntu
added 2026/07/06 8:20 a.m.8 views

USN-8507-1: Linux kernel (NVIDIA) vulnerabilities

It was discovered that some AMD processors did not properly clear data in the floating point divider unit during speculative execution. A local attacker could use this to expose sensitive information. CVE-2025-54505 Several security issues were discovered in the Linux kernel. An attacker could...

9.8CVSS6.8AI score0.00675EPSS
Exploits28
ptsecurity
ptsecurity
added 2026/07/06 12:0 a.m.10 views

PT-2026-55997

Name of the Vulnerable Software and Affected Versions vLLM versions prior to 0.24.0 Description A flaw in the rejection sampler during multi-request speculative decoding workloads allows the production of a recovered token equal to the model vocabulary size boundary value. This value is converted...

7.5CVSS5.9AI score0.00343EPSS
Exploits1References5
nessus
nessus
added 2026/07/03 12:0 a.m.24 views

Ubuntu 26.04 LTS : Linux kernel vulnerabilities (USN-8488-1)

"The remote Ubuntu 26.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8488-1 advisory. It was discovered that some AMD processors did not properly clear data in the floating point divider unit during speculative execution. A local attacker...

9.8CVSS7.1AI score0.00675EPSS
Exploits28References237
osv
osv
added 2026/07/02 3:2 p.m.9 views

USN-8488-2 linux-raspi vulnerabilities

It was discovered that some AMD processors did not properly clear data in the floating point divider unit during speculative execution. A local attacker could use this to expose sensitive information. CVE-2025-54505 Several security issues were discovered in the Linux kernel. An attacker could...

9.8CVSS6.8AI score0.00675EPSS
Exploits28References237
osv
osv
added 2026/07/01 4:43 p.m.11 views

USN-8488-1 linux, linux-aws, linux-gcp, linux-ibm, linux-oracle, linux-realtime vulnerabilities

It was discovered that some AMD processors did not properly clear data in the floating point divider unit during speculative execution. A local attacker could use this to expose sensitive information. CVE-2025-54505 Several security issues were discovered in the Linux kernel. An attacker could...

9.8CVSS6.8AI score0.00675EPSS
Exploits28References237
ubuntu
ubuntu
added 2026/07/01 4:7 p.m.15 views

USN-8488-1: Linux kernel vulnerabilities

It was discovered that some AMD processors did not properly clear data in the floating point divider unit during speculative execution. A local attacker could use this to expose sensitive information. CVE-2025-54505 Several security issues were discovered in the Linux kernel. An attacker could...

9.8CVSS5.9AI score0.00675EPSS
Exploits28
nessus
nessus
added 2026/06/08 12:0 a.m.16 views

SUSE SLES16 Security Update : kernel (SUSE-SU-2026:21845-1)

The remote SUSE Linux SLES16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:21845-1 advisory. The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2023-2058:...

9.8CVSS7AI score0.0138EPSS
Exploits19References659
redhatcve
redhatcve
added 2026/06/05 7:25 p.m.11 views

CVE-2026-44223

vLLM is an inference and serving engine for large language models LLMs. From to before 0.20.0, the extracthiddenstates speculative decoding proposer in vLLM returns a tensor with an incorrect shape after the first decode step, causing a RuntimeError that crashes the EngineCore process. The crash ...

6.5CVSS5.5AI score0.00367EPSS
Exploits0References1
nvd
nvd
added 2026/05/27 2:17 p.m.13 views

CVE-2026-46063

In the Linux kernel, the following vulnerability has been resolved: x86/shstk: Prevent deadlock during shstk sigreturn During sigreturn the shadow stack signal frame is popped. The kernel does this by reading the shadow stack using normal read accesses. When it can't assume the memory is shadow...

5.5CVSS0.00094EPSS
Exploits0References5
cvelist
cvelist
added 2026/05/27 12:57 p.m.41 views

CVE-2026-46063 x86/shstk: Prevent deadlock during shstk sigreturn

In the Linux kernel, the following vulnerability has been resolved: x86/shstk: Prevent deadlock during shstk sigreturn During sigreturn the shadow stack signal frame is popped. The kernel does this by reading the shadow stack using normal read accesses. When it can't assume the memory is shadow...

0.00094EPSS
Exploits0References5
euvd
euvd
added 2026/05/27 12:57 p.m.14 views

EUVD-2026-32445

In the Linux kernel, the following vulnerability has been resolved: x86/shstk: Prevent deadlock during shstk sigreturn During sigreturn the shadow stack signal frame is popped. The kernel does this by reading the shadow stack using normal read accesses. When it can't assume the memory is shadow...

5.8AI score0.00094EPSS
Exploits0References5
cve
cve
added 2026/05/27 12:57 p.m.36 views

CVE-2026-46063

The CVE-2026-46063 issue affects the Linux kernel with x86 shadow stack (shstk) handling of sigreturn. Root cause: during a shadow-stack sigframe read, the kernel previously held the mmap lock while verifying VMA flags to distinguish shadow stack memory. A page fault during this read could trigge...

5.5CVSS5.8AI score0.00094EPSS
Exploits0References5Affected Software1
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

A division-by-zero error on some AMD processors may potentially return speculative data, resulting in a loss of confidentiality...

5.5CVSS6.7AI score0.12405EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10, Linux

Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions...

6.5CVSS7.1AI score0.03764EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: gpio: Prevent potential speculation leaks in gpiodevicegetdesc The userspace may trigger a speculative read of an address outside the gpio descriptor array. Users can do this by calling gpioioctl with an offset that is out of...

5.5CVSS6.4AI score0.00248EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: arm64: Errata: Add a workaround for speculative unprivileged loads on Cortex-A520. Implement the workaround according to erratum 2966298 for ARM Cortex-A520. On an affected Cortex-A520 core, a speculative unprivileged load may le...

4.7CVSS5.8AI score0.00602EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.14 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: bpf: Do not report a verification bug for missing bpfsccvisit calls on speculative execution paths. Syzbot generated a program that triggers a verifierbug call in maybeexitscc. maybeexitscc assumes that, when called for a state...

6AI score0.00241EPSS
Exploits0References2
Rows per page
Query Builder