1571 matches found
EUVD-2026-24846
In the Linux kernel, the following vulnerability has been resolved: s390/syscalls: Add spectre boundary for syscall dispatch table The s390 syscall number is directly controlled by userspace, but does not have an arrayindexnospec boundary to prevent access past the syscall function pointer tables...
CVE-2026-31483
In the Linux kernel, the following vulnerability has been resolved: s390/syscalls: Add spectre boundary for syscall dispatch table The s390 syscall number is directly controlled by userspace, but does not have an arrayindexnospec boundary to prevent access past the syscall function pointer tables...
CVE-2026-31483 s390/syscalls: Add spectre boundary for syscall dispatch table
In the Linux kernel, the following vulnerability has been resolved: s390/syscalls: Add spectre boundary for syscall dispatch table The s390 syscall number is directly controlled by userspace, but does not have an arrayindexnospec boundary to prevent access past the syscall function pointer tables...
CVE-2026-31483
CVE-2026-31483 affects the s390 architecture in the Linux kernel. The root cause is a missing array_index_nospec() boundary in the syscall dispatch table, allowing a user-controlled syscall number to exceed the function pointer table and potentially read kernel memory via speculative execution (S...
PT-2026-34388
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description In the s390 architecture, the syscall number is directly controlled by userspace. The absence of an array index nospec boundary allows for potential access beyond the syscall function...
Linux Distros Unpatched Vulnerability : CVE-2026-31483
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - s390/syscalls: Add spectre boundary for syscall dispatch table The s390 syscall number is directly controlled by userspace, but does not have an arrayindexnospe...
Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011383)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011383 advisory. In the Linux kernel, the following vulnerability has been resolved: afunix: Fix garbage collector racing against connect Garbage collector does not take into accoun...
CVE-2026-40572
NovumOS is a custom 32-bit operating system written in Zig and x86 Assembly. In versions prior to 0.24, Syscall 15 MemoryMapRange allows Ring 3 user-mode processes to map arbitrary virtual address ranges into their address space without validating against forbidden regions, including critical...
CVE-2026-40572
NovumOS is a custom 32-bit operating system written in Zig and x86 Assembly. In versions prior to 0.24, Syscall 15 MemoryMapRange allows Ring 3 user-mode processes to map arbitrary virtual address ranges into their address space without validating against forbidden regions, including critical...
EUVD-2026-23640
NovumOS is a custom 32-bit operating system written in Zig and x86 Assembly. In versions prior to 0.24, Syscall 15 MemoryMapRange allows Ring 3 user-mode processes to map arbitrary virtual address ranges into their address space without validating against forbidden regions, including critical...
CVE-2026-40572
NovumOS vulnerability CVE-2026-40572: In versions prior to 0.24, Syscall 15 (MemoryMapRange) lets Ring-3 user processes map arbitrary virtual ranges into their address space without validating against forbidden regions, including kernel structures (IDT, GDT, TSS, page tables). This can allow a lo...
CVE-2026-40572 NovumOS has Arbitrary Memory Mapping via Syscall 15 (MemoryMapRange)
NovumOS is a custom 32-bit operating system written in Zig and x86 Assembly. In versions prior to 0.24, Syscall 15 MemoryMapRange allows Ring 3 user-mode processes to map arbitrary virtual address ranges into their address space without validating against forbidden regions, including critical...
CVE-2026-40317
NovumOS (a custom 32-bit OS written in Zig/x86 Assembly) prior to version 0.24 is affected by a local privilege-escalation in the Syscall 12 JumpToUser interface. The vulnerability arises because JumpToUser accepts an arbitrary entry-point address from user-space without validation, enabling any ...
CVE-2026-40317 NovumOS has Privilege Escalation in the Syscall Interface
NovumOS is a custom 32-bit operating system written in Zig and x86 Assembly. In versions prior to 0.24, Syscall 12 JumpToUser accepts an arbitrary entry point address from user-space registers without validation, allowing any Ring 3 user-mode process to jump to kernel addresses and execute...
CVE-2026-40317 NovumOS has Privilege Escalation in the Syscall Interface
NovumOS is a custom 32-bit operating system written in Zig and x86 Assembly. In versions prior to 0.24, Syscall 12 JumpToUser accepts an arbitrary entry point address from user-space registers without validation, allowing any Ring 3 user-mode process to jump to kernel addresses and execute...
NovumOS 安全漏洞
NovumOS is an 32-bit protected mode operating system developed by MinecAnton209. Versions of NovumOS prior to 0.24 contained security vulnerabilities; these vulnerabilities stemmed from Syscall 12 not verifying the entry address provided by the user space, which could lead to local privilege...
PT-2026-33549
Name of the Vulnerable Software and Affected Versions NovumOS versions prior to 0.24 Description Syscall 15 'MemoryMapRange' allows Ring 3 user-mode processes to map arbitrary virtual address ranges into their address space without validating against forbidden regions. This includes critical kern...
PT-2026-33547
Name of the Vulnerable Software and Affected Versions NovumOS versions prior to 0.24 Description Syscall 12 'JumpToUser' accepts an arbitrary entry point address from user-space registers without validation. This allows a Ring 3 user-mode process to jump to kernel addresses and execute arbitrary...
ClawLess: A Security Model of AI Agents
Autonomous AI agents powered by Large Language Models can reason, plan, and execute complex tasks, but their ability to autonomously retrieve information and run code introduces significant security risks. Existing approaches attempt to regulate agent behavior through training or prompting, which...
Exploit for CVE-2026-23416
CVE-2026-23416-POC POC for CVE-2026-23416 linux kernel 6.17-l...