Lucene search
+L

1931 matches found

osv
osv
added 2026/05/27 2:17 p.m.11 views

UBUNTU-CVE-2026-45914

In the Linux kernel, the following vulnerability has been resolved: Revert "hwmon: ibmpex fix use-after-free in high/low store" This reverts commit 6946c726c3f4c36f0f049e6f97e88c510b15f65d. Jean Delvare points out that the patch does not completely fix the reported problem, that it in fact...

7.8CVSS5.7AI score0.00126EPSS
Exploits0References11
osv
osv
added 2026/05/27 2:17 p.m.9 views

UBUNTU-CVE-2026-46075

In the Linux kernel, the following vulnerability has been resolved: crypto: atmel-sha204a - Fix potential UAF and memory leak in remove path Unregister the hwrng to prevent new -read calls and flush the Atmel I2C workqueue before teardown to prevent a potential UAF if a queued callback runs while...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References7
osv
osv
added 2026/05/27 2:17 p.m.9 views

UBUNTU-CVE-2026-45922

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix memory leak in GETDATADIRECTSYSFSPATH handler The UVERBSHANDLERMLX5IBMETHODGETDATADIRECTSYSFSPATH function allocates memory for the device path using kobjectgetpath. If the length of the device path exceeds the...

5.5CVSS5.9AI score0.00155EPSS
Exploits0References3
attackerkb
attackerkb
added 2026/05/27 12:58 p.m.7 views

CVE-2026-46075

In the Linux kernel, the following vulnerability has been resolved: crypto: atmel-sha204a - Fix potential UAF and memory leak in remove path Unregister the hwrng to prevent new -read calls and flush the Atmel I2C workqueue before teardown to prevent a potential UAF if a queued callback runs while...

5.7AI score0.00129EPSS
Exploits0References7Affected Software1
osv
osv
added 2026/05/27 12:58 p.m.2 views

CVE-2026-46075 crypto: atmel-sha204a - Fix potential UAF and memory leak in remove path

In the Linux kernel, the following vulnerability has been resolved: crypto: atmel-sha204a - Fix potential UAF and memory leak in remove path Unregister the hwrng to prevent new -read calls and flush the Atmel I2C workqueue before teardown to prevent a potential UAF if a queued callback runs while...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References9
cve
cve
added 2026/05/27 12:56 p.m.46 views

CVE-2026-46020

CVE-2026-46020 affects the Linux kernel DAMON subsystem. The issue arises from unvalidated damos_quota_goal->nid for node_mem_{used,free}_bp, which is used by si_meminfo_node() and NODE_DATA(), potentially enabling out-of-bounds memory access via DAMON_SYSFS. The provided patch series mm/damon...

7.1CVSS5.9AI score0.00124EPSS
Exploits0References3Affected Software1
osv
osv
added 2026/05/27 12:17 p.m.1 views

CVE-2026-45922 RDMA/mlx5: Fix memory leak in GET_DATA_DIRECT_SYSFS_PATH handler

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix memory leak in GETDATADIRECTSYSFSPATH handler The UVERBSHANDLERMLX5IBMETHODGETDATADIRECTSYSFSPATH function allocates memory for the device path using kobjectgetpath. If the length of the device path exceeds the...

5.5CVSS6.1AI score0.00155EPSS
Exploits0References7
cve
cve
added 2026/05/27 12:17 p.m.22 views

CVE-2026-45922

In CVE-2026-45922, the Linux kernel RDMA/mlx5 GET_DATA_DIRECT_SYSFS_PATH handler leaks memory: it allocates device-path memory with kobject_get_path() and, if the path length exceeds the output buffer, returns -ENOSPC without freeing, causing a memory leak. The fix adds a kfree() in the error pat...

5.5CVSS6AI score0.00155EPSS
Exploits0References4Affected Software1
cvelist
cvelist
added 2026/05/27 12:17 p.m.42 views

CVE-2026-45922 RDMA/mlx5: Fix memory leak in GET_DATA_DIRECT_SYSFS_PATH handler

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix memory leak in GETDATADIRECTSYSFSPATH handler The UVERBSHANDLERMLX5IBMETHODGETDATADIRECTSYSFSPATH function allocates memory for the device path using kobjectgetpath. If the length of the device path exceeds the...

0.00155EPSS
Exploits0References4
cvelist
cvelist
added 2026/05/27 12:17 p.m.44 views

CVE-2026-45914 Revert "hwmon: (ibmpex) fix use-after-free in high/low store"

In the Linux kernel, the following vulnerability has been resolved: Revert "hwmon: ibmpex fix use-after-free in high/low store" This reverts commit 6946c726c3f4c36f0f049e6f97e88c510b15f65d. Jean Delvare points out that the patch does not completely fix the reported problem, that it in fact...

0.00126EPSS
Exploits0References7
osv
osv
added 2026/05/27 12:17 p.m.2 views

CVE-2026-45914 Revert "hwmon: (ibmpex) fix use-after-free in high/low store"

In the Linux kernel, the following vulnerability has been resolved: Revert "hwmon: ibmpex fix use-after-free in high/low store" This reverts commit 6946c726c3f4c36f0f049e6f97e88c510b15f65d. Jean Delvare points out that the patch does not completely fix the reported problem, that it in fact...

7.8CVSS6.5AI score0.00126EPSS
Exploits0References10
cnnvd
cnnvd
added 2026/05/27 12:0 a.m.8 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the GETDATADIRECTSYSFSPATH function in the RDMA/mlx5 driver. This function does not release the...

5.8AI score0.00155EPSS
Exploits0References4
ubuntucve
ubuntucve
added 2026/05/27 12:0 a.m.11 views

CVE-2026-45922

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix memory leak in GETDATADIRECTSYSFSPATH handler The UVERBSHANDLERMLX5IBMETHODGETDATADIRECTSYSFSPATH function allocates memory for the device path using kobjectgetpath. If the length of the device path exceeds the...

5.5CVSS6.1AI score0.00155EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/05/27 12:0 a.m.22 views

PT-2026-43789

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the RDMA/mlx5 component within the UVERBS HANDLERMLX5 IB METHOD GET DATA DIRECT SYSFS PATH function. The function uses kobject get path to allocate memory for the...

5.6AI score0.00155EPSS
Exploits0References13
ptsecurity
ptsecurity
added 2026/05/27 12:0 a.m.21 views

PT-2026-43887

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description Privileged users can trigger an out-of-bounds memory access via DAMON SYSFS. The issue occurs because the node ID in damos quota goal-nid for node mem used bp and node mem free bp is used i...

7.1CVSS6AI score0.00124EPSS
Exploits0
astralinux
astralinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: vduse: Fixed NULL pointer dereferencing during sysfs access. The control device does not have a drvdata field. Therefore, a NULL pointer dereferencing will occur when accessing the msgtimeout attribute of the control device via...

5.5CVSS6.2AI score0.00245EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: The block operation involving GFPNOIO around the sysfs-store function. The sysfs-store function is called with the queue frozen. Meanwhile, there are several -store callbacks such as updatenrrequests, wbt, scheduler that use...

5.5CVSS5.3AI score0.00119EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: spi: Fix for statistics allocation. The controller per-cpu statistics is not allocated until after the controller has been registered with the driver core. This creates a window during which accessing the sysfs attributes may lea...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: coresight: ETR: Fixed the “use-after-free” issue related to ETR buffer usage When ETR is enabled as CSMODESYSFS, if the buffer size is changed and the feature is re-enabled, currently, sysfsbuf will point to the newly allocated...

6.6AI score0.00155EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: md: initbioset in mddevinit. IO operations may be required before mdrun, such as updating metadata after writing to sysfs. Without bioset, this triggers a NULL pointer dereference, as shown below: BUG: NULL pointer dereference in...

5.2AI score0.00145EPSS
Exploits0References1
Rows per page
Query Builder