CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

AstraLinux•added 5 days ago•4 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: In the tty subsystem, for the ngsm module, a race condition occurred during the modification of the status line of a dead connection. The gsmcleanupmux function cleans up the GSM-related resources by closing all Data Link Control...

5.5CVSS5.1AI score0.00172EPSS

RedhatCVE•added 2026/06/05 7:22 p.m.•7 views

CVE-2026-7154

A weakness has been identified in Totolink A8000RU 7.1cu.643b20200521. This affects the function setAdvancedInfoShow of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument ttyserver can lead to os command injection. The attack can be launched...

10CVSS7.5AI score0.01785EPSS

Exploits0References1

SUSE CVE•added 2026/05/28 3:57 a.m.•7 views

SUSE CVE-2026-45866

In the Linux kernel, the following vulnerability has been resolved: serial: caif: fix use-after-free in caifserial ldiscclose There is a use-after-free bug in caifserial where handletx may access ser-tty after the tty has been freed. The race condition occurs between ldiscclose and packet...

EUVD•added 2026/05/27 3:33 p.m.•12 views

Exploits0References4

EUVD-2026-32332

NVD•added 2026/05/27 2:16 p.m.•11 views

Exploits0References9

CVE-2026-45866

0.00211EPSS

OSV•added 2026/05/27 2:16 p.m.•3 views

UBUNTU-CVE-2026-45866

Cvelist•added 2026/05/27 12:15 p.m.•35 views

Exploits0References3

CVE-2026-45866 serial: caif: fix use-after-free in caif_serial ldisc_close()

0.00211EPSS

CVE•added 2026/05/27 12:15 p.m.•19 views

CVE-2026-45866

The CVE-2026-45866 issue is a use-after-free in caif_serial within the Linux kernel where handle_tx() may access ser->tty after the tty is freed due to tty_kref_put() occurring in ldisc_close() while the network device is still active. The race between ldisc_close() and packet transmission can...

CNNVD•added 2026/05/27 12:0 a.m.•7 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the reuse of resources after the caifserial protocol is disabled. This could lead to acces...

5.8AI score0.00211EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: added a sanity check for gsm-receive in gsmreceivebuf A null pointer dereference can occur when attempting to access the “gsm-receive” function in gsmldreceivebuf. Currently, the code assumes that gsm-recieve is only...

5.5CVSS6.1AI score0.00186EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: requires CAPNETADMIN to attach NGSM0710 ldisc Any unprivileged user can attach to NGSM0710 ldisc, but it still requires CAPNETADMIN to create a GSM network. Additionally, requiring CAPNETADMIN for the initial namespace...

5.5CVSS6.2AI score0.00238EPSS

Exploits1References2

AstraLinux•added 2026/05/20 5:53 a.m.•10 views

Astra Linux - уязвимость в ffmpeg

Before ffmpeg version 4.3, the tty demuxer did not have a ‘readprobe’ function assigned to it. By creating a legitimate “ffconcat” file that references an image, followed by a file that triggers the tty demuxer, the contents of the second file will be copied into the output file verbatim as long ...

5.5CVSS6.8AI score0.0088EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•5 views

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: The tty function causes a deadlock when calling printk, under the ttyport-lock condition. The ptywrite function invokes kmalloc, which may also invoke a normal printk to print failure messages. This can lead to a deadlock in the...

5.5CVSS6.1AI score0.00226EPSS

Exploits0References1

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ipack: ipoctal: fixed the stack information leak. The name of the tty driver is also used after registering the driver, and it must specifically not be allocated on the stack to avoid leaking information to the user space or...

5.5CVSS5.2AI score0.00243EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•7 views

Astra Linux – Vulnerability in Containerd

Containerd is an open-source container runtime. A bug was discovered in Containerd’s CRI implementation, where a user could exhaust memory on the host. In the CRI stream server, a goroutine is launched to handle terminal resize events if a TTY is requested. If the user’s process fails to launch d...

6.5CVSS6.8AI score0.01022EPSS

NVD•added 2026/05/08 3:16 p.m.•23 views

CVE-2026-43458

In the Linux kernel, the following vulnerability has been resolved: serial: caif: hold tty-link reference in ldiscopen and serrelease A reproducer triggers a KASAN slab-use-after-free in ptywriteroom when caifserial's TX path calls ttywriteroom. The faulting access is on tty-link-port. Hold an...

7.8CVSS0.00117EPSS