CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

AstraLinux•added 4 days ago•1 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: Fixed page mapping issues when vmareaallocpages uses high-order allocation modes with an order of 0 as the default. The vmappagesrangenoflush function assumes that the pages argument contains pages with the same page...

5.5CVSS6.1AI score0.0022EPSS

AstraLinux•added 4 days ago•2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: - acpi: nfit: vmalloc-out-of-bounds read in acpinfitctl A issue detected by syzbot with KASAN has also been fixed: BUG: KASAN: vmalloc-out-of-bounds in cmdtofunc, drivers/acpi/nfit/core.c:416 inline BUG: KASAN:...

6CVSS7AI score0.00535EPSS

Tenable Nessus•added 2026/06/10 12:0 a.m.•8 views

Linux Distros Unpatched Vulnerability : CVE-2026-46281

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vmalloc: fix buffer overflow in vreallocnodealign Commit 4c5d3365882d mm/vmalloc: allow to set node and align in vrealloc added the ability to force a new...

6.2AI score0.00183EPSS

SUSE CVE•added 2026/06/09 2:21 a.m.•11 views

SUSE CVE-2026-46281

In the Linux kernel, the following vulnerability has been resolved: vmalloc: fix buffer overflow in vreallocnodealign Commit 4c5d3365882d "mm/vmalloc: allow to set node and align in vrealloc" added the ability to force a new allocation if the current pointer is on the wrong NUMA node, or if an...

5.5CVSS5.8AI score0.00183EPSS

RedhatCVE•added 2026/06/08 8:4 p.m.•9 views

CVE-2026-46281

A flaw was found in the Linux kernel. When shrinking a vmalloc allocation using the vreallocnodealign function, if the requested new size is smaller than the old size, an out-of-bounds write can occur. This memory corruption vulnerability could allow a local attacker to cause a denial of service ...

7CVSS5.5AI score0.00183EPSS

NVD•added 2026/06/08 5:16 p.m.•7 views

CVE-2026-46281

0.00183EPSS

OSV•added 2026/06/08 5:16 p.m.•5 views

UBUNTU-CVE-2026-46281

5.7AI score0.00183EPSS

Exploits0References6

CVE•added 2026/06/08 3:41 p.m.•19 views

CVE-2026-46281

The CVE affects the Linux kernel vmalloc path. A buffer overflow could occur in vrealloc_node_align() when reallocating with shrinking, because old_size bytes could be copied into a newly allocated buffer of size 'size' before the fix. The issue arises during need_realloc when a new object is all...

5.8AI score0.00183EPSS

Cvelist•added 2026/06/08 3:41 p.m.•35 views

CVE-2026-46281 vmalloc: fix buffer overflow in vrealloc_node_align()

0.00183EPSS

EUVD•added 2026/06/08 3:41 p.m.•7 views

EUVD-2026-35146

5.8AI score0.00183EPSS

ATTACKERKB•added 2026/06/08 3:41 p.m.•2 views

CVE-2026-46281

5.7AI score0.00183EPSS

Exploits0References4Affected Software1

Positive Technologies•added 2026/06/08 12:0 a.m.•12 views

PT-2026-47353

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A buffer overflow exists in the vrealloc node align function. When a request is made to shrink an allocation size old size and a new allocation is required due to NUMA node or alignment...

9.1CVSS5.6AI score0.00457EPSS

Exploits1References62

Tenable Nessus•added 2026/06/03 12:0 a.m.•7 views

Linux Distros Unpatched Vulnerability : CVE-2026-45853

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amdgpu: Use kvfree instead of kfree in amdgpugmcgetnpsmemranges amdgpudiscoverygetnpsinfo internally allocates memory for ranges using kvcalloc, which may u...

5.9AI score0.002EPSS

RedhatCVE•added 2026/05/28 4:47 a.m.•9 views

CVE-2026-45853

A flaw was found in the Linux kernel's drm/amdgpu component. The amdgpudiscoverygetnpsinfo function incorrectly deallocates memory by using kfree instead of kvfree, even when memory was allocated with kvcalloc which may use vmalloc. This improper memory handling can lead to memory corruption. Suc...

5.8AI score0.002EPSS

SUSE CVE•added 2026/05/28 3:57 a.m.•11 views

SUSE CVE-2026-45853

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Use kvfree instead of kfree in amdgpugmcgetnpsmemranges amdgpudiscoverygetnpsinfo internally allocates memory for ranges using kvcalloc, which may use vmalloc for large allocation. Using kfree to release vmalloc memor...

5.8AI score0.002EPSS

SUSE CVE•added 2026/05/28 3:52 a.m.•10 views

SUSE CVE-2026-46093

In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: take vmappurgelock in shrinker decayvapoolnode can be invoked concurrently from two paths: purgevmaparealazy when pools are being purged, and the shrinker via vmapnodeshrinkscan. However, decayvapoolnode is not safe t...

6.3CVSS5.7AI score0.00127EPSS

RedhatCVE•added 2026/05/27 5:7 p.m.•11 views

CVE-2026-46093

A flaw was found in the Linux kernel's memory management vmalloc subsystem. The decayvapoolnode function, when invoked concurrently from the shrinker path, lacks proper serialization. This oversight can lead to race conditions, potentially resulting in memory leaks and affecting system stability...

7.8CVSS5.8AI score0.00127EPSS

EUVD•added 2026/05/27 3:33 p.m.•10 views

EUVD-2026-32255

In the Linux kernel, the following vulnerability has been resolved: bpf: Limit bpf program signature size Practical BPF signatures are significantly smaller than KMALLOCMAXCACHESIZE Allowing larger sizes opens the door for abuse by passing excessive size values and forcing the kernel into expensi...

5.8AI score0.00121EPSS