Lucene search
K

355 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: fuse: We are returning to using readaheadfolio for readahead. In commit 3eab9d7bc2f4 “fuse: converting readahead to use folio”, the logic was changed to use the new folio version of readahead. This removes the reference to the...

7.8CVSS5.8AI score0.00198EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: tls: Fixed a NULL dereference issue in tlsswspliceeof, where an empty plaintext/ciphertext buffer could cause confusion in the sendfile process. When the plaintext/ciphertext skmsg is empty, the send path becomes confused because...

5.5CVSS5.7AI score0.00172EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

There exists a use-after-free vulnerability in the Linux kernel through the iouring mechanism and the IORINGOPSPLICE operation. If the IORINGOPSPLICE operation lacks the IOWQWORKFILES flag, it indicates that the operation will not utilize current-nsproxy. As a result, its reference counter is not...

7.8CVSS6.7AI score0.00407EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: ipv4, ipv6: Fixed the handling of transhdrlen in ip,6appenddata. Including transhdrlen in the packet length is a problem when the packet is partially filled e.g., a sendMSGMORE operation occurred previously when appending to a...

5.5CVSS5.5AI score0.00226EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/05/19 1:2 a.m.107 views

Exploit for Write-what-where Condition in Linux Linux_Kernel

Dirty Frag - kernel Linux critical Vulnerability- CVE-2026-432...

8.8CVSS5.9AI score0.93235EPSS
Exploits33
GithubExploit
GithubExploit
added 2026/05/16 4:2 p.m.109 views

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

CVE-2026-31431 - Linux Kernel AFALG "Copy Fail" Local Privile...

7.8CVSS7.3AI score0.96267EPSS
Exploits230
GithubExploit
GithubExploit
added 2026/05/15 9:24 p.m.99 views

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

copyfail — CVE-2026-31431 4-byte page-cache write primitive →...

7.8CVSS7.3AI score0.96267EPSS
Exploits230
Schneier on Security
Schneier on Security
added 2026/05/12 11:6 a.m.15 views

Copy.Fail Linux Vulnerability

This is the worst Linux vulnerability in years. TL;DR copy.fail is a Linux kernel local privilege escalation, not a browser or clipboard attack. Disclosed by Theori on 29 April 2026 with a working PoC. It abuses the kernel crypto API AFALG sockets plus splice to write four bytes at a time straigh...

5.9AI score
Exploits0
EUVD
EUVD
added 2026/05/11 9:30 a.m.9 views

EUVD-2026-29037

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpcinputcallevent and the RESPONSE handler in rxrpcverifyresponse copy the skb to a linear one before calling into the security o...

7.8CVSS5.8AI score0.92766EPSS
Exploits20References4
CVE
CVE
added 2026/05/11 6:26 a.m.183 views

CVE-2026-43500

Summary: CVE-2026-43500 affects the Linux kernel RXRPC path for DATA/RESPONSE packets. The issue occurs when skb fragments are externally owned (e.g., via splice() or frag lists) and the code path decrypts in place, binding frag pages into the AEAD/skcipher SGL. The fix extends the gate to unshar...

7.8CVSS5.8AI score0.92766EPSS
In wildExploits20References9Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/11 6:26 a.m.6 views

CVE-2026-43500

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpcinputcallevent and the RESPONSE handler in rxrpcverifyresponse copy the skb to a linear one before calling into the security o...

7.8CVSS5.8AI score0.92766EPSS
Exploits20References6Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/11 6:26 a.m.16 views

CVE-2026-43500 rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpcinputcallevent and the RESPONSE handler in rxrpcverifyresponse copy the skb to a linear one before calling into the security o...

7.8CVSS5.8AI score0.92766EPSS
Exploits20References5
VulnCheck KEV
VulnCheck KEV
added 2026/05/11 12:0 a.m.147 views

VulnCheck KEV: CVE-2026-43284

In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSGSPLICEPAGES can attach pages from a pipe directly to an skb. TCP marks such skbs with SKBFLSHAREDFRAG after skbsplicefromiter, so later paths that may modify packet data ca...

8.8CVSS5.8AI score0.93235EPSS
In wildExploits31References2
VulnCheck KEV
VulnCheck KEV
added 2026/05/11 12:0 a.m.121 views

VulnCheck KEV: CVE-2026-43500

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpcinputcallevent and the RESPONSE handler in rxrpcverifyresponse copy the skb to a linear one before calling into the security o...

7.8CVSS5.8AI score0.92766EPSS
In wildExploits20References2
Tenable Nessus
Tenable Nessus
added 2026/05/10 12:0 a.m.9 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-017400)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017400 advisory. In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSGSPLICEPAGES can attach pages from a pipe...

8.8CVSS6AI score0.93235EPSS
Exploits31References4
Tenable Nessus
Tenable Nessus
added 2026/05/10 12:0 a.m.12 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-017398)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017398 advisory. In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSGSPLICEPAGES can attach pages from a pipe...

8.8CVSS6AI score0.93235EPSS
Exploits31References4
Tenable Nessus
Tenable Nessus
added 2026/05/10 12:0 a.m.7 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-017397)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017397 advisory. In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSGSPLICEPAGES can attach pages from a pipe...

8.8CVSS6AI score0.93235EPSS
Exploits31References4
GithubExploit
GithubExploit
added 2026/05/08 4:14 p.m.129 views

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

CVE-2026-31431 - Exploit de Escalada de Privilegios en Linux...

7.8CVSS6AI score0.96267EPSS
Exploits230
NVD
NVD
added 2026/05/08 3:17 p.m.13 views

CVE-2026-43470

In the Linux kernel, the following vulnerability has been resolved: nfs: return EISDIR on nfs3proccreate if dalias is a dir If we found an alias through nfs3docreate/nfsaddorobtain /dsplicealias which happens to be a dir dentry, we don't return any error, and simply forget about this alias, but t...

5.5CVSS0.00116EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/08 2:22 p.m.6 views

CVE-2026-43470

In the Linux kernel, the following vulnerability has been resolved: nfs: return EISDIR on nfs3proccreate if dalias is a dir If we found an alias through nfs3docreate/nfsaddorobtain /dsplicealias which happens to be a dir dentry, we don't return any error, and simply forget about this alias, but t...

5.8AI score0.00116EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder