Lucene search
K

361 matches found

NVD
NVD
added 2026/07/06 5:16 p.m.10 views

CVE-2026-43825

Untrusted Java Deserialization in Apache OpenNLP SvmDoccatModel Versions Affected: before 3.0.0-M4 libsvm document categorization module; introduced in OPENNLP-1808 and only present on the 3.x line Description: SvmDoccatModel.deserializeInputStream reads an attacker-controlled stream with...

7.3CVSS0.08786EPSS
Exploits0References2
CVE
CVE
added 2026/07/06 3:42 p.m.10 views

CVE-2026-43825

The CVE concerns Apache OpenNLP’s SvmDoccatModel (libsvm document categorization module), with impact on 3.x releases before 3.0.0-M4. The vulnerability arises in SvmDoccatModel.deserialize(InputStream), which uses java.io.ObjectInputStream.readObject() on an attacker-controlled stream without an...

7.3CVSS6.7AI score0.08786EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/06 3:42 p.m.5 views

CVE-2026-43825

Untrusted Java Deserialization in Apache OpenNLP SvmDoccatModel Versions Affected: before 3.0.0-M4 libsvm document categorization module; introduced in OPENNLP-1808 and only present on the 3.x line Description: SvmDoccatModel.deserializeInputStream reads an attacker-controlled stream with...

7.3CVSS6.7AI score0.08786EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/29 1:15 a.m.13 views

SUSE CVE-2026-46197

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: validate SVM ioctl nattr against buffer size Validate nattr field against the buffer size, preventing out-of-bounds buffer access via user-controlled attribute count. cherry picked from commit...

7.8CVSS5.9AI score0.00139EPSS
Exploits0References17
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-46197

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amdkfd: validate SVM ioctl nattr against buffer size Validate nattr field against the buffer size, preventing out-of-bounds buffer access via user-controlle...

7.8CVSS7.2AI score0.00139EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/28 9:40 a.m.11 views

CVE-2026-46197

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: validate SVM ioctl nattr against buffer size Validate nattr field against the buffer size, preventing out-of-bounds buffer access via user-controlled attribute count. cherry picked from commit...

7.8CVSS5.9AI score0.00139EPSS
Exploits0References8Affected Software1
RedhatCVE
RedhatCVE
added 2026/05/27 9:3 p.m.10 views

CVE-2026-46014

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM and Secure Virtual Machine SVM components. This vulnerability is due to missing save and restore handling for Last Branch Record LBR Model Specific Registers MSRs and MSRIA32DEBUGCTLMSR. A local attacker with access to a...

5.5CVSS5.8AI score0.00093EPSS
Exploits0References4
NVD
NVD
added 2026/05/27 2:17 p.m.16 views

CVE-2026-46076

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Raise UD if unhandled VMMCALL isn't intercepted by L1 Explicitly synthesize a UD for VMMCALL if L2 is active, L1 does NOT want to intercept VMMCALL, nestedsvml2tlbflushenabled is true, and the hypercall is something...

7.9CVSS0.00121EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/27 12:58 p.m.43 views

CVE-2026-46082 KVM: SVM: Inject #UD for INVLPGA if EFER.SVME=0

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Inject UD for INVLPGA if EFER.SVME=0 INVLPGA should cause a UD when EFER.SVME is not set. Add a check to properly inject UD when EFER.SVME=0. sean: tag for stable@...

0.00123EPSS
Exploits0References7
OSV
OSV
added 2026/05/27 12:57 p.m.3 views

CVE-2026-46071 KVM: nSVM: Avoid clearing VMCB_LBR in vmcb12

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Avoid clearing VMCBLBR in vmcb12 svmcopylbrs always marks VMCBLBR dirty in the destination VMCB. However, nestedsvmvmexit uses it to copy LBRs to vmcb12, and clearing clean bits in vmcb12 is not architecturally defined...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2026/05/27 12:55 p.m.18 views

CVE-2026-45987

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Sync interrupt shadow to cached vmcb12 after VMRUN of L2 After VMRUN in guest mode, nestedsynccontrolfromvmcb02 syncs fields written by the CPU from vmcb02 to the cached vmcb12. This is because the cached vmcb12 is use...

5.5CVSS5.7AI score0.00123EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.22 views

PT-2026-43949

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description In the KVM SVM component, the INVLPGA instruction fails to trigger an invalid opcode exception UD when the EFER.SVME variable is not set. This occurs because the system does not properly...

5.5CVSS5.9AI score0.00123EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/xe/vm: moved xesvminit earlier. In xevmcloseandput, we need to be able to call xesvmfini. However, during vm creation, we can call this function on the error path, before actually initializing the svm state. This leads to...

5.5CVSS5.2AI score0.0012EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: A deadlock occurs when the svm range restore operation is performed at process exit. The code kfdprocessnotifierrelease flushes svmrangerestorework, which in turn calls svmrangelistlockandflushwork to flush...

5.5CVSS6.2AI score0.00252EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: drm/amdkfd: Fixed a race condition involving the unreferencing of the vram buffer in the svm code. The unreferencing of prange-svmbo can occur both in the mmu callback and in a callback after migrating to system RAM. Both are...

5.5CVSS5.6AI score0.00174EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Loads the TSC multiplier of L1 based on L1’s state, not L2’s state. When emulating a nested VM-Exit, the TSC multiplier of L1 is loaded if L1’s desired ratio does not match the current ratio. This does not occur if L1’...

5.5CVSS6AI score0.00143EPSS
Exploits0References2
NVD
NVD
added 2026/05/08 2:16 p.m.9 views

CVE-2026-43315

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Remove a user-triggerable WARN on nestedsvmloadcr3 succeeding Drop the WARN in svmsetnestedstate on nestedsvmloadcr3 failing as it is trivially easy to trigger from userspace by modifying CPUID after loading CR3. E.g...

5.5CVSS0.0013EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/05/08 1:11 p.m.31 views

CVE-2026-43315 KVM: nSVM: Remove a user-triggerable WARN on nested_svm_load_cr3() succeeding

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Remove a user-triggerable WARN on nestedsvmloadcr3 succeeding Drop the WARN in svmsetnestedstate on nestedsvmloadcr3 failing as it is trivially easy to trigger from userspace by modifying CPUID after loading CR3. E.g...

0.0013EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.6 views

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-007007)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007007 advisory. In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Flush pages under kvm-lock to fix UAF in svmregisterencregion Do the cache flush of...

7.8CVSS5.6AI score0.00238EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/03/30 12:0 a.m.6 views

Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2026-1494)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1494 advisory. In the Linux kernel, the following vulnerability has been resolved: pagepool: Fix use-after-free in pagepoolrecycleinring CVE-2025-38129 In the Linux kernel, the following vulnerability has be...

9.8CVSS6.5AI score0.00395EPSS
Exploits0References136
Rows per page
Query Builder