31 matches found
SUSE CVE-2026-45893
In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix & Optimize table creation from possibly unaligned memory Source blob may come from userspace and might be unaligned. Try to optize the copying process by avoiding unaligned memory accesses. - Added Fixes tag - Added...
PT-2026-44305
In the Linux kernel, the following vulnerability has been resolved: pseries/papr-hvpipe: Prevent kernel stack memory leak to userspace The hdr variable is allocated on the stack and only hdr.version and hdr.flags are initialized explicitly. Because the struct papr hvpipe hdr contains reserved...
CVE-2026-45975
A flaw was found in the Linux kernel's ublk subsystem. A local attacker could exploit a race condition where the kernel reads struct ublksrvctrlcmd from userspace-mapped memory without proper synchronization. This allows a malicious user to concurrently write to the structure, potentially causing...
EUVD-2026-32359
In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix & Optimize table creation from possibly unaligned memory Source blob may come from userspace and might be unaligned. Try to optize the copying process by avoiding unaligned memory accesses. - Added Fixes tag - Added...
CVE-2026-6386
In order to apply a particular protection key to an address range, the kernel must update the corresponding page table entries. The subroutine which handled this failed to take into account the presence of 1GB largepage mappings created using the shmcreatelargepage3 interface. In particular, it...
PT-2026-22922
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The UFX IOCTL REPORT DAMAGE ioctl does not correctly copy data from user space to kernel space. Instead, it directly references the memory, which can lead to issues if invalid data is...
CVE-2025-40176
In the Linux kernel, the following vulnerability has been resolved: tls: wait for pending async decryptions if tlsstrpmsghold fails Async decryption calls tlsstrpmsghold to create a clone of the input skb to hold references to the memory it uses. If we fail to allocate that clone, proceeding with...
PT-2025-49057
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to Transparent Huge Pages THP. When memory error injection occurs on a THP mapped to userspace, the kernel can panic instead of terminating the...
EUVD-2015-0677
Malware in sbrugna...
CVE-2022-50215 scsi: sg: Allow waiting for commands to complete on removed device
In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Allow waiting for commands to complete on removed device When a SCSI device is removed while in active use, currently sg will immediately return -ENODEV on any attempt to wait for active commands that were sent before t...
Linux io_uring Out-Of-Bounds Access
iouaddrmap in iouring handles multi-page region dangerously in a way that may allow for out-of-bounds access. iouaddrmap wants to import a region from userspace, and then address the imported region through the linear mapping area. This requires that the imported region is physically contiguous. ...
SUSE CVE-2024-42262
In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix potential memory leak in the performance extension If fetching of userspace memory fails during the main loop, all drm sync objs looked up until that point will be leaked because of the missing drmsyncobjput. Fix it ...
SUSE CVE-2024-42263
In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix potential memory leak in the timestamp extension If fetching of userspace memory fails during the main loop, all drm sync objs looked up until that point will be leaked because of the missing drmsyncobjput. Fix it by...
AZL-48480 CVE-2024-43819 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: kvm: s390: Reject memory region operations for ucontrol VMs This change rejects the KVMSETUSERMEMORYREGION and KVMSETUSERMEMORYREGION2 ioctls when called on a ucontrol VM. This is necessary since ucontrol VMs have kvm-arch.gmap s...
CVE-2024-42263
In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix potential memory leak in the timestamp extension If fetching of userspace memory fails during the main loop, all drm sync objs looked up until that point will be leaked because of the missing drmsyncobjput. Fix it by...
DEBIAN-CVE-2024-42263
In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix potential memory leak in the timestamp extension If fetching of userspace memory fails during the main loop, all drm sync objs looked up until that point will be leaked because of the missing drmsyncobjput. Fix it by...
UBUNTU-CVE-2024-42262
In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix potential memory leak in the performance extension If fetching of userspace memory fails during the main loop, all drm sync objs looked up until that point will be leaked because of the missing drmsyncobjput. Fix it ...
CVE-2024-42263
In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix potential memory leak in the timestamp extension If fetching of userspace memory fails during the main loop, all drm sync objs looked up until that point will be leaked because of the missing drmsyncobjput. Fix it by...
UBUNTU-CVE-2024-35988
In the Linux kernel, the following vulnerability has been resolved: riscv: Fix TASKSIZE on 64-bit NOMMU On NOMMU, userspace memory can come from anywhere in physical RAM. The current definition of TASKSIZE is wrong if any RAM exists above 4G, causing spurious failures in the userspace access...
CVE-2024-35988
In the Linux kernel, the following vulnerability has been resolved: riscv: Fix TASKSIZE on 64-bit NOMMU On NOMMU, userspace memory can come from anywhere in physical RAM. The current definition of TASKSIZE is wrong if any RAM exists above 4G, causing spurious failures in the userspace access...