1219 matches found
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the KVM x86 architecture’s failure to handle the -EBUSY error when checking nested events,...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from insufficient TLB invalidation during memory compression in the Alpha architecture. This...
EUVD-2026-27378
In the Linux kernel, the following vulnerability has been resolved: x86-64: rename misleadingly named 'copyusernocache' function This function was a masterclass in bad naming, for various historical reasons. It claimed to be a non-cached user copy. It is literally neither of those things. It's a...
CVE-2026-43073
CVE-2026-43073 stems from a misnamed x86-64 kernel routine __copy_user_nocache(), a non-temporal destination copy with exception handling that is not actually a pure user-kernel copy and has complex alignment behavior. The fix renames the function and normalizes the prototype so callers perform p...
CVE-2026-35233
An unprivileged attacker can craft a user-space process with a malicious ELF binary containing an out-of-range shlink field. When root-level dtrace attaches to -- or instruments -- that process via dtrace -p , pid probes, or USDT, the ELF parser reads heap memory beyond the allocated section cach...
UBUNTU-CVE-2026-35233
An unprivileged attacker can craft a user-space process with a malicious ELF binary containing an out-of-range shlink field. When root-level dtrace attaches to -- or instruments -- that process via dtrace -p , pid probes, or USDT, the ELF parser reads heap memory beyond the allocated section cach...
CVE-2026-31699
In the Linux kernel, the following vulnerability has been resolved: crypto: ccp: Don't attempt to copy CSR to userspace if PSP command failed When retrieving the PEK CSR, don't attempt to copy the blob to userspace if the firmware command failed. If the failure was due to an invalid length, i.e...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from attempting to copy IDs into user space after the PSP command fails. This could lead to a buffer overflo...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from attempting to copy a CSR into user space after the PSP command fails. This could lead to a buffer...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an absence of limits on the number of rfkill events. This vulnerability may lead to the creation ...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of boundary checks in the system call dispatch table. This vulnerability may allow for...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011074)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011074 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix immediate work request flush to completion queue Correctly set send queue element...
CVE-2026-40317
NovumOS is a custom 32-bit operating system written in Zig and x86 Assembly. In versions prior to 0.24, Syscall 12 JumpToUser accepts an arbitrary entry point address from user-space registers without validation, allowing any Ring 3 user-mode process to jump to kernel addresses and execute...
CVE-2026-40317
NovumOS is a custom 32-bit operating system written in Zig and x86 Assembly. In versions prior to 0.24, Syscall 12 JumpToUser accepts an arbitrary entry point address from user-space registers without validation, allowing any Ring 3 user-mode process to jump to kernel addresses and execute...
USN-8183-1 linux-gcp, linux-gcp-6.17 vulnerabilities
Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...
USN-8183-1: Linux kernel (GCP) vulnerabilities
Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...
USN-8177-1 linux, linux-realtime vulnerabilities
Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007625)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007625 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: storage: Fix memory leak in USB bulk transport A kernel memory leak was identified by the...
SUSE-SU-2026:21052-1 Security update for the Linux Kernel RT (Live Patch 14 for SUSE Linux Enterprise Micro 6.0)
This update for the SUSE Linux Enterprise Kernel 6.4.0-38.1 fixes various security issues The following security issues were fixed: - CVE-2025-40159: xsk: Harden userspace-supplied xdpdesc validation bsc1253404. - CVE-2025-71120: SUNRPC: svcauthgss: avoid NULL deref on zero length gsstoken in...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006613)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006613 advisory. In the Linux kernel, the following vulnerability has been resolved: xfrm: Zero padding when dumping algos and encap When copying data to user-space we should ensure...