Lucene search
+L

3041 matches found

OSV
OSV
added 2 days ago3 views

RLSA-2026:39311 Low: qemu-kvm security update

Kernel-based Virtual Machine KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fixes: qemu-kvm: Heap buffer overflow in virtio-blk SCSI request handling...

6.7CVSS6.2AI score0.00122EPSS
Exploits0References2
Rockylinux
Rockylinux
added 2 days ago4 views

qemu-kvm security update

An update is available for qemu-kvm. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Kernel-based Virtual Machine KVM is a full virtualization solution for Linux...

6.7CVSS6.2AI score0.00122EPSS
Exploits0
RedhatCVE
RedhatCVE
added 3 days ago7 views

CVE-2026-53365

A flaw was found in the Linux kernel's vsock/virtio component. This vulnerability occurs during zerocopy completion for large messages fragmented into multiple socket kernel buffers skbs. An issue in how user arguments uargs are handled for these buffers can lead to pinned user pages not being...

5.5CVSS6.1AI score0.00155EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 4 days ago3 views

CVE-2026-53365

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix zerocopy completion for multi-skb sends When a large message is fragmented into multiple skbs, the zerocopy uarg is only allocated and attached to the last skb in the loop. Non-final skbs carry pinned user pages...

6AI score0.00155EPSS
Exploits0References4Affected Software1
CVE
CVE
added 4 days ago9 views

CVE-2026-53365

CVE-2026-53365 concerns the Linux kernel patch for vsock/virtio zerocopy completion across multi-skb sends. The fix ensures zerocopy uarg is allocated before the send loop and attached to every skb via skb_zcopy_set(), so each skb carries a reference and completion decrements correctly. This prev...

6AI score0.00155EPSS
Exploits0References3
OSV
OSV
added 4 days ago4 views

CVE-2026-53365 vsock/virtio: fix zerocopy completion for multi-skb sends

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix zerocopy completion for multi-skb sends When a large message is fragmented into multiple skbs, the zerocopy uarg is only allocated and attached to the last skb in the loop. Non-final skbs carry pinned user pages...

6AI score0.00155EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 4 days ago6 views

Linux Distros Unpatched Vulnerability : CVE-2026-53365

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vsock/virtio: fix zerocopy completion for multi-skb sends When a large message is fragmented into multiple skbs, the zerocopy uarg is only allocated and attache...

6.1AI score0.00155EPSS
Exploits0References4
OSV
OSV
added 2026/07/09 12:54 p.m.2 views

OESA-2026-2952 qemu security update

QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A vulnerability, which was classified as critical, has been found in QEMU Virtualization Software version unknown.Using CWE to declare the problem leads to CWE-190. The product performs a...

6.7CVSS6.1AI score0.00122EPSS
Exploits0References3
OSV
OSV
added 2026/07/09 12:54 p.m.2 views

OESA-2026-2951 qemu security update

QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A flaw was found in QEMU's virtio-blk device. The issue arises because the device does not properly validate the size of input descriptors before writing data. A malicious guest with high...

6.7CVSS6AI score0.00122EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/07/09 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-3886

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A design error vulnerability has been identified in QEMU. This issue affects the virtio-gpu driver. CVE-2026-3886 Note that Nessus relies on the presence of the...

6.9AI score
Exploits0References2
OSV
OSV
added 2026/07/08 2:58 p.m.4 views

SUSE-SU-2026:2799-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 RT kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-10263: arm64: cputype: Add C1-Ultra definitions bsc1266290. - CVE-2025-40216: iouring/rsrc: don't rely on user vaddr alignment bsc1259764. - CVE-2025-40341:...

9.8CVSS6.8AI score0.93235EPSS
Exploits50References351
Amazon
Amazon
added 2026/07/08 12:0 a.m.5 views

Medium: qemu

Issue Overview: A flaw was found in QEMU's virtio-blk device. The issue arises because the device does not properly validate the size of input descriptors before writing data. A malicious guest with high privileges could exploit this vulnerability by submitting a malformed virtio-blk SCSI request...

6.7CVSS5.9AI score0.00122EPSS
Exploits0
OSV
OSV
added 2026/07/07 5:20 p.m.2 views

OPENSUSE-SU-2026:21253-1 Security update for qemu

This update for qemu fixes the following issues: Update to version 10.0.11. Security issues fixed: - CVE-2026-3886: integer overflow leading to privilege escalation due to lack of proper validation of user-supplied data in the virtio-gpu driver bsc1268061. - CVE-2026-48914: heap buffer overflow d...

6.7CVSS7AI score0.00122EPSS
Exploits0References8
OSV
OSV
added 2026/07/07 5:18 p.m.4 views

SUSE-SU-2026:22550-1 Security update for qemu

This update for qemu fixes the following issues: Update to version 10.0.11. Security issues fixed: - CVE-2026-3886: integer overflow leading to privilege escalation due to lack of proper validation of user-supplied data in the virtio-gpu driver bsc1268061. - CVE-2026-48914: heap buffer overflow d...

6.7CVSS7AI score0.00122EPSS
Exploits0References9
OSV
OSV
added 2026/07/07 5:18 p.m.2 views

SUSE-SU-2026:22576-1 Security update for qemu

This update for qemu fixes the following issues: Update to version 10.0.11. Security issues fixed: - CVE-2026-3886: integer overflow leading to privilege escalation due to lack of proper validation of user-supplied data in the virtio-gpu driver bsc1268061. - CVE-2026-48914: heap buffer overflow d...

6.7CVSS6.2AI score0.00122EPSS
Exploits0References9
OSV
OSV
added 2026/07/06 6:28 a.m.5 views

OESA-2026-2861 qemu security update

QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A vulnerability, which was classified as critical, has been found in QEMU Virtualization Software version unknown.Using CWE to declare the problem leads to CWE-190. The product performs a...

6.7CVSS6AI score0.00122EPSS
Exploits0References3
OSV
OSV
added 2026/07/02 3:49 p.m.10 views

USN-8498-1 linux-nvidia-tegra vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; -...

9.8CVSS6.4AI score0.00686EPSS
Exploits4References298
OSV
OSV
added 2026/07/02 3:24 p.m.10 views

USN-8492-2 linux-aws-6.8, linux-gcp-6.8, linux-gke, linux-gkeop, linux-ibm-6.8, linux-nvidia-lowlatency, linux-oracle-6.8 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; -...

9.8CVSS6.4AI score0.00686EPSS
Exploits4References300
Microsoft CVE
Microsoft CVE
added 2026/07/02 8:4 a.m.3 views

drm/virtio: Fix driver removal with disabled KMS

...

5.5CVSS6.1AI score0.00156EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/07/02 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-53347

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/virtio: Fix driver removal with disabled KMS DRM atomic and modesetting aren't initialized if virtio- gpu driver built with disabled KMS, leading to access ...

6.1AI score0.00156EPSS
Exploits0References2
Rows per page
Query Builder