1572 matches found
Exploit for CVE-2026-23416
CVE-2026-23416-POC POC for CVE-2026-23416 linux kernel 6.17-l...
📄 LuaJIT 2.1.1774638290 Arbitrary Code Execution
LuaJIT's Foreign Function Interface FFI provides unrestricted access to native C functions including syscall, mmap, mprotect and arbitrary shared library loading. When FFI is accessible to untrusted Lua code in embedding scenarios OpenResty, Redis, game engines, IoT, an attacker can achieve...
UBUNTU-CVE-2026-23241
In the Linux kernel, the following vulnerability has been resolved: audit: add missing syscalls to read class The "at" variant of getxattr and listxattr are missing from the audit read class. Calling getxattrat or listxattrat on a file to read its extended attributes will bypass audit rules such...
CVE-2026-23241
CVE-2026-23241 affects the Linux kernel audit subsystem: the read class was missing getxattrat()/listxattrat() syscalls, enabling bypass of audit rules (e.g., -w /tmp/test -p rwa). Upstream patches add the missing syscalls to the audit read class. Connected OSV entries report Root:Ubuntu-24.04 an...
CVE-2026-23241 audit: add missing syscalls to read class
In the Linux kernel, the following vulnerability has been resolved: audit: add missing syscalls to read class The "at" variant of getxattr and listxattr are missing from the audit read class. Calling getxattrat or listxattrat on a file to read its extended attributes will bypass audit rules such...
Fedora 42 : perl-Crypt-URandom (2026-b0bf6e9c9b)
The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-b0bf6e9c9b advisory. This release fixes CVE-2026-2474 a heap buffer overflow and handling failed read syscalls. Tenable has extracted the preceding description block...
CVE-2021-26410
Improper syscall input validation in ASP AMD Secure Processor may force the kernel into reading syscall parameter values from its own memory space allowing an attacker to infer the contents of the kernel memory leading to potential information disclosure...
CVE-2025-71203
In the Linux kernel, the following vulnerability has been resolved: riscv: Sanitize syscall table indexing under speculation The syscall number is a user-controlled value used to index into the syscall table. Use arrayindexnospec to clamp this value after the bounds check to prevent speculative...
SUSE CVE-2025-71203
In the Linux kernel, the following vulnerability has been resolved: riscv: Sanitize syscall table indexing under speculation The syscall number is a user-controlled value used to index into the syscall table. Use arrayindexnospec to clamp this value after the bounds check to prevent speculative...
AZL-77757 CVE-2025-71203 affecting package kernel 6.6.126.1-1
In the Linux kernel, the following vulnerability has been resolved: riscv: Sanitize syscall table indexing under speculation The syscall number is a user-controlled value used to index into the syscall table. Use arrayindexnospec to clamp this value after the bounds check to prevent speculative...
CVE-2025-71203
In the Linux kernel, the following vulnerability has been resolved: riscv: Sanitize syscall table indexing under speculation The syscall number is a user-controlled value used to index into the syscall table. Use arrayindexnospec to clamp this value after the bounds check to prevent speculative...
CVE-2025-71203
In the Linux kernel, the following vulnerability has been resolved: riscv: Sanitize syscall table indexing under speculation The syscall number is a user-controlled value used to index into the syscall table. Use arrayindexnospec to clamp this value after the bounds check to prevent speculative...
UBUNTU-CVE-2025-71203
In the Linux kernel, the following vulnerability has been resolved: riscv: Sanitize syscall table indexing under speculation The syscall number is a user-controlled value used to index into the syscall table. Use arrayindexnospec to clamp this value after the bounds check to prevent speculative...
CVE-2025-71203
CVE-2025-71203 concerns the Linux kernel where a user-controlled syscall number could be used to index the syscall table, enabling potential data leakage via cache side channels. The mitigation is to clamp the index with array_index_nospec() after the bounds check to prevent speculative out-of-bo...
CVE-2025-71203 riscv: Sanitize syscall table indexing under speculation
In the Linux kernel, the following vulnerability has been resolved: riscv: Sanitize syscall table indexing under speculation The syscall number is a user-controlled value used to index into the syscall table. Use arrayindexnospec to clamp this value after the bounds check to prevent speculative...
CVE-2025-71203
In the Linux kernel, the following vulnerability has been resolved: riscv: Sanitize syscall table indexing under speculation The syscall number is a user-controlled value used to index into the syscall table. Use arrayindexnospec to clamp this value after the bounds check to prevent speculative...
CVE-2025-71203
In the Linux kernel, the following vulnerability has been resolved: riscv: Sanitize syscall table indexing under speculation The syscall number is a user-controlled value used to index into the syscall table. Use arrayindexnospec to clamp this value after the bounds check to prevent speculative...
CVE-2025-71203 riscv: Sanitize syscall table indexing under speculation
In the Linux kernel, the following vulnerability has been resolved: riscv: Sanitize syscall table indexing under speculation The syscall number is a user-controlled value used to index into the syscall table. Use arrayindexnospec to clamp this value after the bounds check to prevent speculative...
Linux Distros Unpatched Vulnerability : CVE-2025-71203
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - riscv: Sanitize syscall table indexing under speculation The syscall number is a user-controlled value used to index into the syscall table. Use arrayindexnospe...
CVE-2021-26410
Improper syscall input validation in ASP AMD Secure Processor may force the kernel into reading syscall parameter values from its own memory space allowing an attacker to infer the contents of the kernel memory leading to potential information disclosure...