Linux Distros Unpatched Vulnerability : CVE-2026-46115

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - block: add pgmap check to biovecphysmergeable biovecphysmergeable is used by the request merge, DMA mapping, and integrity merge paths to decide if two physical...

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-46689)

soc: qcom: cmd-db: Map shared memory as WC, not WB Linux does not write into cmd-db region. This region of memory is write protected by XPU. XPU may sometime falsely detect clean cache eviction as write into the write protected region leading to secure interrupt which causes an endless loop...

CVE-2024-57875 block: RCU protect disk->conv_zones_bitmap

In the Linux kernel, the following vulnerability has been resolved: block: RCU protect disk-convzonesbitmap Ensure that a disk revalidation changing the conventional zones bitmap of a disk does not cause invalid memory references when using the diskzoneisconv helper by RCU protecting the...

DEBIAN-CVE-2022-48731

In the Linux kernel, the following vulnerability has been resolved: mm/kmemleak: avoid scanning potential huge holes When using devmrequestfreememregion and devmmemremappages to add ZONEDEVICE memory, if requested free mem region's end pfn were hugee.g., 0x400000000, the nodeendpfn will be also...

V8: integer overflow leading to buffer overflow in Zone::New

An integer-overflow flaw was found in V8's Zone class when allocating new memory Zone::New and Zone::NewExpand. An attacker with the ability to manipulate a large zone could crash the application or, potentially, execute arbitrary code with the application privileges...

UBUNTU-CVE-2017-5949

JavaScriptCore in WebKit, as distributed in Safari Technology Preview Release 22, allows remote attackers to cause a denial of service heap-based out-of-bounds write and application crash or possibly have unspecified other impact via crafted JavaScript code that triggers access to red-zone memory...

CVE-2017-5949

JavaScriptCore in WebKit, as distributed in Safari Technology Preview Release 22, allows remote attackers to cause a denial of service heap-based out-of-bounds write and application crash or possibly have unspecified other impact via crafted JavaScript code that triggers access to red-zone memory...

CVE-2017-5949

Removed by vendor...

Microsoft Windows NT 4.02000 - LPC Zone Memory Depletion Denial of Service

Microsoft Windows NT 4.02000 - LPC Zone Memory Depletion Denial of Service source: https://www.securityfocus.com/bid/1745/info LPC Local Procedure Call is a message-passing service that allows threads and processes to communicate with each other on a local machine as opposed to RPC Remote Procedu...

Microsoft Windows NT 4.0/2000 - LPC Zone Memory Depletion Denial of Service

source: https://www.securityfocus.com/bid/1745/info LPC Local Procedure Call is a message-passing service that allows threads and processes to communicate with each other on a local machine as opposed to RPC Remote Procedure Call that takes place between different hosts. LPC allocates memory from...