CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в libtar

An attacker who submits a crafted tar file with a size of 0 in the header struct field may be able to trigger a call to malloc0 for the variable gnulongname, resulting in an out-of-bounds read...

8.1CVSS6.9AI score0.00225EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerabilities have been resolved: ppp: fixed illegal access in pppasyncencode syzbot reported an issue in pppasyncencode 1 In this case, pppoesendmsg is called with a zero size. Then pppasyncencode is called with an empty skb. BUG: KMSAN: uninit-value in...

7.1CVSS6.8AI score0.00006EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: thermal/int340xthermal: handles datavault when the value is ZEROSIZEPTR. In some cases, GDDV returns a packet with a buffer of zero length. This causes kmemdup to return ZEROSIZEPTR 0x10. As a result, datavaultread encounters a...

5.5CVSS6.4AI score0.00008EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•0 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: - In blkdeviomapbegin, the EOF check has been refined. - In blkdeviomapbegin, the offset is rounded down to the logical block size before being stored in iomap-offset. It is also checked that the value remains within the inode...

5.5CVSS6.3AI score0.00033EPSS

Tenable Nessus•added 2026/05/15 12:0 a.m.•5 views

Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2026-33814)

The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-33814 advisory. - When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing...

7.5CVSS5.9AI score0.00018EPSS

SUSE CVE•added 2026/05/09 2:41 a.m.•2 views

SUSE CVE-2026-43187

In the Linux kernel, the following vulnerability has been resolved: xfs: delete attr leaf freemap entries when empty Back in commit 2a2b5932db6758 "xfs: fix attr leaf header freemap.size underflow", Brian Foster observed that it's possible for a small freemap at the end of the end of the xattr...

8.8CVSS5.7AI score0.00059EPSS

NVD•added 2026/05/06 12:16 p.m.•0 views

CVE-2026-43187

8.8CVSS0.00059EPSS

Exploits0References8

CVE•added 2026/05/06 11:27 a.m.•3 views

CVE-2026-43187

Summary: CVE-2026-43187 affects the Linux kernel XFS freemap handling in xattr leaf entries. The root cause is a bug in the freemap update logic in _leaf_add that can leave behind zero‑length freemap entries with a nonzero base, and later entries could be updated incorrectly so freemap entries ov...

8.8CVSS5.8AI score0.00059EPSS

Exploits0References8Affected Software1

Cvelist•added 2026/05/06 11:27 a.m.•21 views

CVE-2026-43187 xfs: delete attr leaf freemap entries when empty

8.8CVSS0.00059EPSS

Exploits0References8

NVD•added 2026/05/06 10:16 a.m.•4 views

CVE-2026-43118

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix zero size inode with non-zero size after log replay When logging that an inode exists, as part of logging a new name or logging new dir entries for a directory, we always set the generation of the logged inode item to ...

5.5CVSS0.00013EPSS

Cvelist•added 2026/05/06 7:40 a.m.•24 views

CVE-2026-43118 btrfs: fix zero size inode with non-zero size after log replay

0.00013EPSS

ATTACKERKB•added 2026/05/06 7:40 a.m.•2 views

CVE-2026-43118

5.8AI score0.00013EPSS

Exploits0References4Affected Software1

CNNVD•added 2026/05/06 12:0 a.m.•3 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the incorrect update of isize when logging replay is performed. This issue may lead to inode with...

5.5CVSS5.8AI score0.00013EPSS

Positive Technologies•added 2026/05/06 12:0 a.m.•2 views

PT-2026-37527

5.8AI score0.00059EPSS

Exploits0References9

Tenable Nessus•added 2026/05/06 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2026-43187

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xfs: delete attr leaf freemap entries when empty Back in commit 2a2b5932db6758 xfs: fix attr leaf header freemap.size underflow, Brian Foster observed that it's...

8.8CVSS5.7AI score0.00059EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•4 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: dpaa2-switch: prevent ZEROSIZEPTR dereference when numifs is zero The driver allocates arrays for ports, FDBs, and filter blocks using kcalloc with ethsw-swattr.numifs as the element count. When the device reports zero interfaces...

5.5CVSS5.6AI score0.00025EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•3 views

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Added a 0 byte size check to mtkdrmgemobj. Added a check in mtkdrmgeminit if we attempt to allocate a GEM object of 0 bytes. Currently, no such check exists, and the kernel will panic if a user-space application...

5.5CVSS6.3AI score0.00015EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•0 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: scsidebug: Don't call kcalloc if size arg is zero If the size arg to kcalloc is zero, it returns ZEROSIZEPTR. Because of that, for a following NULL pointer check to work on the returned pointer, kcalloc must not be called...

5.5CVSS6.4AI score0.00018EPSS