Lucene search
K

24 matches found

Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.16 views

PT-2026-52927

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the arm64 architecture early kernel mapping process. For 4K pages, the early kernel mapping may utilize 2MB block entries, but kernel segments are only 64KB aligned...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References19
OSV
OSV
added 2026/05/28 10:16 a.m.18 views

UBUNTU-CVE-2026-46113

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix shadow paging use-after-free due to unexpected GFN The shadow MMU computes GFNs for direct shadow pages using sp-gfn plus the SPTE index. This assumption breaks for shadow paging if the guest page tables are modifie...

8.8CVSS5.7AI score0.00126EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/05/28 9:35 a.m.34 views

CVE-2026-46105 scsi: mpt3sas: Limit NVMe request size to 2 MiB

In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Limit NVMe request size to 2 MiB The HBA firmware reports NVMe MDTS values based on the underlying drive capability. However, because the driver allocates a fixed 4K buffer for the PRP list, accommodating at most 5...

7.8CVSS0.00127EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/20 10:16 a.m.8 views

CVE-2026-9064

A flaw was found in 389-ds-base. The getldapmessagecontrolsext function in the LDAP server does not enforce an upper bound on the number of controls per LDAP message. A remote, unauthenticated attacker can send a specially crafted LDAP request containing hundreds of thousands of minimal controls...

7.5CVSS5.7AI score0.00815EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: x86/mm/identmap: Use GB pages only when a full GB page should be mapped. When identpudinit uses only GB pages to create identity maps, large ranges of addresses that are not actually requested can be included in the resulting...

5.5CVSS6.1AI score0.0022EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.5 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013360)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013360 advisory. In the Linux kernel, the following vulnerability has been resolved: x86/mm/identmap: Use gbpages only where full GB page should be mapped. When identpudinit uses onl...

5.5CVSS6.7AI score0.0022EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/03/03 9:29 a.m.5 views

Astra Linux – Vulnerability in Ruby-Rack

Rack is a modular Ruby web server interface. In versions prior to 2.2.19, 3.1.17, and 3.2.2, “Rack::Multipart::Parser” stores non-file form fields fields without a filename entirely in memory as Ruby String objects. A single large text field in a multipart/form-data request hundreds of megabytes ...

7.5CVSS6.6AI score0.00528EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2025/11/29 9:1 a.m.6 views

In libexpat through 2.7.3, a crafted file with an approximate size of 2 MiB can lead to dozens of seconds of processing time.

...

5.5CVSS7AI score0.00183EPSS
Exploits0
OSV
OSV
added 2025/11/28 7:15 a.m.7 views

AZL-72814 CVE-2025-66382 affecting package expat 2.6.4-4

In libexpat through 2.7.3, a crafted file with an approximate size of 2 MiB can lead to dozens of seconds of processing time...

5.5CVSS5.7AI score0.00183EPSS
Exploits0References1
Snyk
Snyk
added 2025/11/28 6:48 a.m.8 views

Inefficient Algorithmic Complexity

Overview Affected versions of this package are vulnerable to Inefficient Algorithmic Complexity through the processing of a specially crafted file of approximately 2 MiB in size. An attacker can cause significant delays in processing by submitting such a file. Remediation There is no fixed versio...

5.5CVSS6.8AI score0.00183EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/11/28 12:0 a.m.5 views

PT-2025-48315

Name of the Vulnerable Software and Affected Versions libexpat versions through 2.7.3 Description A specially crafted file, approximately 2 MiB in size, can cause significant processing delays, potentially lasting for dozens of seconds. Recommendations Update to a version later than 2.7.3...

5.5CVSS6.5AI score0.00183EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2025/02/26 12:0 a.m.4 views

PT-2025-8486 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, specifically in the fs/ntfs3 module. The issue arises when the NTFS BOOT sectors per clusters field has a value greater than 0x80...

6.4AI score0.00245EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.4 views

PT-2025-49789

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s drm/gpusvm subsystem related to the hmm pfn to map order function. The issue arises when the huge memory map hmm range partially overlaps a huge page,...

7.1CVSS6.3AI score0.00319EPSS
Exploits1References396
OSV
OSV
added 2024/10/21 7:15 p.m.6 views

AZL-51342 CVE-2024-50017 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: x86/mm/identmap: Use gbpages only where full GB page should be mapped. When identpudinit uses only GB pages to create identity maps, large ranges of addresses not actually requested can be included in the resulting table; a 4K...

5.5CVSS6.3AI score0.0022EPSS
Exploits0References1
OSV
OSV
added 2024/10/21 7:15 p.m.2 views

DEBIAN-CVE-2024-50017

In the Linux kernel, the following vulnerability has been resolved: x86/mm/identmap: Use gbpages only where full GB page should be mapped. When identpudinit uses only GB pages to create identity maps, large ranges of addresses not actually requested can be included in the resulting table; a 4K...

5.5CVSS5.8AI score0.0022EPSS
Exploits0References1
OSV
OSV
added 2024/10/21 7:15 p.m.10 views

AZL-51497 CVE-2024-50017 affecting package kernel for versions less than 6.6.78.1-1

In the Linux kernel, the following vulnerability has been resolved: x86/mm/identmap: Use gbpages only where full GB page should be mapped. When identpudinit uses only GB pages to create identity maps, large ranges of addresses not actually requested can be included in the resulting table; a 4K...

5.5CVSS6.3AI score0.0022EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2024/09/19 3:11 a.m.4 views

SUSE CVE-2024-46718

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Don't overmap identity VRAM mapping Overmapping the identity VRAM mapping is triggering hardware bugs on certain platforms. Use 2M pages for the last unaligned to 1G VRAM chunk. v2: - Always use 2M pages for last chunk Fe...

5.5CVSS8AI score0.00179EPSS
Exploits0References3
OSV
OSV
added 2024/09/18 7:15 a.m.3 views

DEBIAN-CVE-2024-46718

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Don't overmap identity VRAM mapping Overmapping the identity VRAM mapping is triggering hardware bugs on certain platforms. Use 2M pages for the last unaligned to 1G VRAM chunk. v2: - Always use 2M pages for last chunk Fe...

5.5CVSS5.4AI score0.00179EPSS
Exploits0References1
OSV
OSV
added 2024/09/18 7:15 a.m.5 views

UBUNTU-CVE-2024-46718

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Don't overmap identity VRAM mapping Overmapping the identity VRAM mapping is triggering hardware bugs on certain platforms. Use 2M pages for the last unaligned to 1G VRAM chunk. v2: - Always use 2M pages for last chunk Fe...

5.5CVSS6.5AI score0.00179EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2024/08/05 12:0 a.m.7 views

PT-2024-33857

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue concerns the Linux kernel's identity mapping, where the use of GB pages can lead to the inclusion of large ranges of addresses not actually requested, including areas marked...

5.5CVSS5.5AI score0.0022EPSS
Exploits0
Rows per page
Query Builder