Lucene search
K

13 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-53159

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - misc: fastrpc: fix DMA address corruption due to findvma misuse fastrpcgetargs uses findvma to look up the VMA for a user-provided pointer and compute a DMA...

5.5CVSS6AI score0.00176EPSS
Exploits0References3
NVD
NVD
added 2026/06/25 9:16 a.m.10 views

CVE-2026-53159

In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: fix DMA address corruption due to findvma misuse fastrpcgetargs uses findvma to look up the VMA for a user-provided pointer and compute a DMA address offset. When the address falls in a gap before the returned VMA,...

5.5CVSS0.00176EPSS
Exploits0References8
OSV
OSV
added 2026/06/25 9:16 a.m.4 views

UBUNTU-CVE-2026-53159

In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: fix DMA address corruption due to findvma misuse fastrpcgetargs uses findvma to look up the VMA for a user-provided pointer and compute a DMA address offset. When the address falls in a gap before the returned VMA,...

8.5CVSS5.7AI score0.00176EPSS
Exploits0References10
EUVD
EUVD
added 2026/06/25 8:38 a.m.5 views

EUVD-2026-39250

In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: fix DMA address corruption due to findvma misuse fastrpcgetargs uses findvma to look up the VMA for a user-provided pointer and compute a DMA address offset. When the address falls in a gap before the returned VMA,...

5.7AI score0.00176EPSS
Exploits0References7
CVE
CVE
added 2026/06/25 8:38 a.m.17 views

CVE-2026-53159

CVE-2026-53159 affects the Linux kernel in the misc: fastrpc path. The vulnerability arises in fastrpc_get_args(), which uses find_vma() to locate the VMA for a user pointer and compute a DMA address offset. If the address lies in a gap before the returned VMA, the expression (ptr & PAGE_MASK) - ...

5.5CVSS5.7AI score0.00176EPSS
Exploits0References8Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/08 2:22 p.m.10 views

CVE-2026-43434

In the Linux kernel, the following vulnerability has been resolved: rustbinder: check ownership before using vma When installing missing pages or zapping them, Rust Binder will look up the vma in the mm by address, and then call vminsertpage or zappagerangesingle. However, if the vma is closed an...

5.7AI score0.00128EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/01/14 3:16 p.m.4 views

UBUNTU-CVE-2025-71130

In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Zero-initialize the eb.vma array in i915gemdoexecbuffer Initialize the eb.vma array with values of 0 when the eb structure is first set up. In particular, this sets the eb-vmai.vma pointers to NULL, simplifying...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References27
Tenable Nessus
Tenable Nessus
added 2025/12/30 12:0 a.m.5 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-992285)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992285 advisory. In the Linux kernel, the following vulnerability has been resolved: android: binder: stop saving a pointer to the VMA Do not record a pointer to a VMA outside of the...

7.8CVSS5.2AI score0.00153EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2025/09/22 11:42 p.m.3 views

SUSE CVE-2022-50240

In the Linux kernel, the following vulnerability has been resolved: android: binder: stop saving a pointer to the VMA Do not record a pointer to a VMA outside of the mmaplock for later use. This is unsafe and there are a number of failure paths after the recorded VMA pointer may be freed during...

7.8CVSS6.4AI score0.00153EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2024/02/22 3:6 a.m.3 views

SUSE CVE-2023-52438

In the Linux kernel, the following vulnerability has been resolved: binder: fix use-after-free in shinker's callback The mmap read lock is used during the shrinker's callback, which means that using alloc-vma pointer isn't safe as it can race with munmap. As of commit dd2283f2605e "mm: mmap: zap...

7.8CVSS6.1AI score0.00295EPSS
Exploits0References3
OSV
OSV
added 2024/02/20 9:15 p.m.1 views

DEBIAN-CVE-2023-52438

In the Linux kernel, the following vulnerability has been resolved: binder: fix use-after-free in shinker's callback The mmap read lock is used during the shrinker's callback, which means that using alloc-vma pointer isn't safe as it can race with munmap. As of commit dd2283f2605e "mm: mmap: zap...

7.8CVSS5.8AI score0.00295EPSS
Exploits0References1
OSV
OSV
added 2024/02/20 9:15 p.m.1 views

UBUNTU-CVE-2023-52438

In the Linux kernel, the following vulnerability has been resolved: binder: fix use-after-free in shinker's callback The mmap read lock is used during the shrinker's callback, which means that using alloc-vma pointer isn't safe as it can race with munmap. As of commit dd2283f2605e "mm: mmap: zap...

7.8CVSS6.2AI score0.00295EPSS
Exploits0References18
Cvelist
Cvelist
added 2024/02/20 6:34 p.m.22 views

CVE-2023-52438 binder: fix use-after-free in shinker's callback

In the Linux kernel, the following vulnerability has been resolved: binder: fix use-after-free in shinker's callback The mmap read lock is used during the shrinker's callback, which means that using alloc-vma pointer isn't safe as it can race with munmap. As of commit dd2283f2605e "mm: mmap: zap...

7.6AI score0.00295EPSS
Exploits0References7
Rows per page
Query Builder