100 matches found
CVE-2026-46013
In the Linux kernel, the following vulnerability has been resolved: mm/memfdluo: fix physical address conversion in putfolios cleanup In memfdluoretrievefolios's putfolios cleanup path: 1. khorestorefolio expects a physaddrt physical address but receives a raw PFN pfolio-pfn. This causes...
CVE-2026-46013
Technical details about CVE-2026-46013 are not publicly provided in the supplied connected documents. Available sources reference the CVE at a high level only. Monitor for updates.
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: dm flakey: Do not corrupt the zero page. When we need to zero a certain range on a block device, the function blkdevissuezeropages submits a write request with the bio vector pointing to the zero page. If we use the dm-flakey...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: The issue of using NULL for folio handling in movepageshugepmd has been fixed. movepageshugepmd handles UFFDIOMOVE operations for both normal THPs and huge zero pages. For the huge zero page, srcfolio is explicitly...
Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel
CVE-2026-31431 AFALG AEAD Local Privilege Escalation Exploi...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013706)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013706 advisory. In the Linux kernel, the following vulnerability has been resolved: dm flakey: don't corrupt the zero page When we need to zero some range on a block device, the...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010873)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010873 advisory. In the Linux kernel, the following vulnerability has been resolved: dm flakey: don't corrupt the zero page When we need to zero some range on a block device, the...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013157)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013157 advisory. In the Linux kernel, the following vulnerability has been resolved: dm flakey: don't corrupt the zero page When we need to zero some range on a block device, the...
SUSE CVE-2026-31397
In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: fix use of NULL folio in movepageshugepmd movepageshugepmd handles UFFDIOMOVE for both normal THPs and huge zero pages. For the huge zero page path, srcfolio is explicitly set to NULL, and is used as a sentinel to...
EUVD-2026-18776
In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: fix use of NULL folio in movepageshugepmd movepageshugepmd handles UFFDIOMOVE for both normal THPs and huge zero pages. For the huge zero page path, srcfolio is explicitly set to NULL, and is used as a sentinel to...
CVE-2026-31397
In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: fix use of NULL folio in movepageshugepmd movepageshugepmd handles UFFDIOMOVE for both normal THPs and huge zero pages. For the huge zero page path, srcfolio is explicitly set to NULL, and is used as a sentinel to...
CVE-2026-31397
In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: fix use of NULL folio in movepageshugepmd movepageshugepmd handles UFFDIOMOVE for both normal THPs and huge zero pages. For the huge zero page path, srcfolio is explicitly set to NULL, and is used as a sentinel to...
CVE-2026-31397 mm/huge_memory: fix use of NULL folio in move_pages_huge_pmd()
In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: fix use of NULL folio in movepageshugepmd movepageshugepmd handles UFFDIOMOVE for both normal THPs and huge zero pages. For the huge zero page path, srcfolio is explicitly set to NULL, and is used as a sentinel to...
CVE-2026-29079
Lexbor is a web browser engine library. Prior to 2.7.0, a type‑confusion vulnerability exists in Lexbor’s HTML fragment parser. When ns = UNDEF, a comment is created using the “unknown element” constructor. The comment’s data are written into the element’s fields via an unsafe cast, corrupting th...
CVE-2026-29079
Lexbor is a web browser engine library. Prior to 2.7.0, a type‑confusion vulnerability exists in Lexbor’s HTML fragment parser. When ns = UNDEF, a comment is created using the “unknown element” constructor. The comment’s data are written into the element’s fields via an unsafe cast, corrupting th...
UBUNTU-CVE-2026-29079
Lexbor is a web browser engine library. Prior to 2.7.0, a type‑confusion vulnerability exists in Lexbor’s HTML fragment parser. When ns = UNDEF, a comment is created using the “unknown element” constructor. The comment’s data are written into the element’s fields via an unsafe cast, corrupting th...
EUVD-2026-12054
Lexbor is a web browser engine library. Prior to 2.7.0, a type‑confusion vulnerability exists in Lexbor’s HTML fragment parser. When ns = UNDEF, a comment is created using the “unknown element” constructor. The comment’s data are written into the element’s fields via an unsafe cast, corrupting th...
CVE-2026-29079
Lexbor is a web browser engine library. Prior to 2.7.0, a type‑confusion vulnerability exists in Lexbor’s HTML fragment parser. When ns = UNDEF, a comment is created using the “unknown element” constructor. The comment’s data are written into the element’s fields via an unsafe cast, corrupting th...
CVE-2026-29079
Lexbor is a web browser engine library. Prior to 2.7.0, a type‑confusion vulnerability exists in Lexbor’s HTML fragment parser. When ns = UNDEF, a comment is created using the “unknown element” constructor. The comment’s data are written into the element’s fields via an unsafe cast, corrupting th...
CVE-2026-29079 Type Confusion in Lexbor Fragment Parser
Lexbor is a web browser engine library. Prior to 2.7.0, a type‑confusion vulnerability exists in Lexbor’s HTML fragment parser. When ns = UNDEF, a comment is created using the “unknown element” constructor. The comment’s data are written into the element’s fields via an unsafe cast, corrupting th...