Lucene search
K

1219 matches found

Fedora
Fedora
added 2026/06/08 1:24 a.m.18 views

[SECURITY] Fedora 44 Update: haveged-1.9.22-1.fc44

A Linux entropy source using the HAVEGE algorithm Haveged is a user space entropy daemon which is not dependent upon the standard mechanisms for harvesting randomness for the system entropy pool. This is important in systems with high entropy needs or limited user interaction e.g. headless server...

7.8CVSS5.4AI score0.00185EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/05 7:50 p.m.12 views

CVE-2021-46747

Insufficient granularity of access control in ASP AMD Secure Processor may allow an attacker with an untrusted user space application to map sensitive SMN System Management Network apertures leading to a potential escalation of privileges...

7.1CVSS5.4AI score0.00097EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:41 p.m.14 views

CVE-2025-59610

Memory Corruption when processing IOCTL requests with mismatched API versions due to concurrent modification of user-space buffer...

6.4CVSS5.4AI score0.00056EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:23 p.m.10 views

CVE-2026-35233

An unprivileged attacker can craft a user-space process with a malicious ELF binary containing an out-of-range shlink field. When root-level dtrace attaches to -- or instruments -- that process via dtrace -p , pid probes, or USDT, the ELF parser reads heap memory beyond the allocated section cach...

4.4CVSS5.5AI score0.00108EPSS
Exploits0References1
NVD
NVD
added 2026/06/01 11:16 p.m.12 views

CVE-2025-59610

Memory Corruption when processing IOCTL requests with mismatched API versions due to concurrent modification of user-space buffer...

6.4CVSS0.00056EPSS
Exploits0References1
CVE
CVE
added 2026/06/01 10:5 p.m.35 views

CVE-2025-59610

CVE-2025-59610 represents a memory corruption vulnerability that occurs when processing IOCTL requests with mismatched API versions, caused by concurrent modification of a user-space buffer. The CVSS 3.1 vector (L/H/C/I/A) indicates a Local, High complexity, High privileges required, no user inte...

6.4CVSS5.8AI score0.00056EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/01 10:5 p.m.12 views

CVE-2025-59610 Time-of-check Time-of-use (TOCTOU) Race Condition in Camera Driver

Memory Corruption when processing IOCTL requests with mismatched API versions due to concurrent modification of user-space buffer...

6.4CVSS5.8AI score0.00056EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/01 7:1 p.m.13 views

EUVD-2021-34843

Insufficient granularity of access control in ASP AMD Secure Processor may allow an attacker with an untrusted user space application to map sensitive SMN System Management Network apertures leading to a potential escalation of privileges...

7.1CVSS5.8AI score0.00097EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporation. There is a security vulnerability in Qualcomm Chipsets, which stems from concurrent modifications to user-space buffer areas, leading to memory corruption when processing IOCTL requests with mismatched API versions...

6.4CVSS5.7AI score0.00056EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/05/29 1:16 a.m.17 views

SUSE CVE-2026-46145

In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Validate rxhashkeylen Sashiko points out that rxhashkeylen comes from a uAPI structure and is blindly passed to memcpy, allowing the userspace to trash kernel memory. Bounds check it so the memcpy cannot overflow...

7CVSS5.9AI score0.00142EPSS
Exploits0References7
NVD
NVD
added 2026/05/28 10:16 a.m.13 views

CVE-2026-46145

In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Validate rxhashkeylen Sashiko points out that rxhashkeylen comes from a uAPI structure and is blindly passed to memcpy, allowing the userspace to trash kernel memory. Bounds check it so the memcpy cannot overflow...

7.8CVSS0.00142EPSS
Exploits0References12
Cvelist
Cvelist
added 2026/05/28 9:36 a.m.35 views

CVE-2026-46145 RDMA/mana: Validate rx_hash_key_len

In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Validate rxhashkeylen Sashiko points out that rxhashkeylen comes from a uAPI structure and is blindly passed to memcpy, allowing the userspace to trash kernel memory. Bounds check it so the memcpy cannot overflow...

7.8CVSS0.00142EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/28 9:35 a.m.30 views

CVE-2026-46117 RDMA/mana: Remove user triggerable WARN_ON() in mana_ib_create_qp_rss()

In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Remove user triggerable WARNON in manaibcreateqprss Sashiko points out that the user can specify WQs sharing the same CQ as a part of the uAPI and this will trigger the WARNON then go on to corrupt the kernel. Just...

7.8CVSS0.00129EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.15 views

PT-2026-44268

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description An issue exists in the RDMA/mana component where the rx hash key len variable, which originates from a uAPI structure, is passed to the memcpy function without proper validation. This lack ...

9.8CVSS5.9AI score0.00675EPSS
Exploits6References356
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a memory leak in the kernel stack within pseries papr-hvpipe, allowing uninitialized bytes to be leaked...

5.8AI score0.00126EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/27 12:57 p.m.15 views

EUVD-2026-32435

In the Linux kernel, the following vulnerability has been resolved: net: rds: fix MR cleanup on copy error rdsrdmamap hands sg/pages ownership to the transport after getmr succeeds. If copying the generated cookie back to user space fails after that point, the error path must not free those...

5.8AI score0.00129EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/27 12:15 p.m.46 views

CVE-2026-45852 RDMA/rxe: Fix double free in rxe_srq_from_init

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix double free in rxesrqfrominit In rxesrqfrominit, the queue pointer 'q' is assigned to 'srq-rq.queue' before copying the SRQ number to user space. If copytouser fails, the function calls rxequeuecleanup to free the...

7.8CVSS0.00175EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of listnextentry in cgroupstoragegetnextkey. This approach does not return NULL, potentially...

5.8AI score0.00114EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the exynos-drm driver’s viidiconnectionioctl function, which directly derefreshes user-space...

7.1CVSS5.9AI score0.00126EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.19 views

PT-2026-43930

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A deadlock can occur during the shadow stack signal frame pop process in the sigreturn operation. The kernel attempts to verify that it is reading actual shadow stack memory by holding t...

5.5CVSS6AI score0.00094EPSS
Exploits0
Rows per page
Query Builder