Search

Find a vulnerability

Search criteria

    8 vulnerabilities found for simatic_s7-1500_tm_mfp_firmware by siemens

    CVE-2026-31431 (GCVE-0-2026-31431)

    Vulnerability from nvd – Published: 2026-04-22 08:15 – Updated: 2026-07-01 12:05
    VLAI CISA CIRCL KEVIntel
    Title
    crypto: algif_aead - Revert to operating out-of-place
    Summary
    In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-place in algif_aead since the source and destination come from different mappings. Get rid of all the complexity added for in-place operation and just copy the AD directly.
    SSVC
    Exploitation: active Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-669 - Incorrect Resource Transfer Between Spheres
    • CWE-1288 - Improper Validation of Consistency within Input
    Assigner
    References
    URL Tags
    https://git.kernel.org/stable/c/893d22e0135fa394d…
    https://git.kernel.org/stable/c/19d43105a97be0810…
    https://git.kernel.org/stable/c/961cfa271a918ad4a…
    https://git.kernel.org/stable/c/3115af9644c342b35…
    https://git.kernel.org/stable/c/8b88d99341f139e23…
    https://git.kernel.org/stable/c/fafe0fa2995a0f707…
    https://git.kernel.org/stable/c/ce42ee423e58dffa5…
    https://git.kernel.org/stable/c/a664bf3d603dc3bdc…
    https://github.com/theori-io/copy-fail-CVE-2026-31431 exploit
    https://xint.io/blog/copy-fail-linux-distribution… mitigation
    https://lore.kernel.org/linux-cve-announce/202604… mitigation
    https://access.redhat.com/security/cve/cve-2026-3… mitigation
    https://www.cisa.gov/known-exploited-vulnerabilit… government-resource
    http://www.openwall.com/lists/oss-security/2026/0…
    https://copy.fail
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/04/30/2
    http://www.openwall.com/lists/oss-security/2026/04/30/5
    http://www.openwall.com/lists/oss-security/2026/04/30/6
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    https://websec.net/blog/cve-2026-31431-linux-algi…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/05/01/2
    http://www.openwall.com/lists/oss-security/2026/05/01/3
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/05/02/4
    http://www.openwall.com/lists/oss-security/2026/05/02/5
    http://www.openwall.com/lists/oss-security/2026/05/02/6
    http://www.openwall.com/lists/oss-security/2026/05/02/7
    http://www.openwall.com/lists/oss-security/2026/05/02/8
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/05/03/3
    http://www.openwall.com/lists/oss-security/2026/05/03/4
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/05/03/5
    http://www.openwall.com/lists/oss-security/2026/05/03/6
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/05/04/1
    http://www.openwall.com/lists/oss-security/2026/05/04/2
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/05/04/8
    http://www.openwall.com/lists/oss-security/2026/05/04/9
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/05/06/5
    http://www.openwall.com/lists/oss-security/2026/05/07/2
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    https://www.kb.cert.org/vuls/id/260001
    http://www.openwall.com/lists/oss-security/2026/05/18/3
    https://cert-portal.siemens.com/productcert/html/…
    https://cert-portal.siemens.com/productcert/html/…
    https://access.redhat.com/security/cve/CVE-2026-31431 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2460538 issue-trackingx_refsource_REDHAT
    https://security.access.redhat.com/data/csaf/v2/v… x_sadp-csaf-vex
    https://access.redhat.com/errata/RHSA-2026:14926 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:33486 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:14097 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:14112 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:15087 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:14773 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:13729 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:13885 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:13727 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:13690 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:13862 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:13811 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:13887 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:13566 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:19074 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:13936 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:13734 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:13932 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:14339 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:13565 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:19225 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:13577 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:15976 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:14165 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:14230 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:16111 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:13681 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:16210 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:16209 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:16208 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:16063 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:16018 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:15978 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:13578 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:14137 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:14301 vendor-advisoryx_refsource_REDHAT
    Impacted products
    Vendor Product Version
    Linux Linux Affected: 72548b093ee38a6d4f2a19e6ef1948ae05c181f7 , < 893d22e0135fa394db81df88697fba6032747667 (git)
    Affected: 72548b093ee38a6d4f2a19e6ef1948ae05c181f7 , < 19d43105a97be0810edbda875f2cd03f30dc130c (git)
    Affected: 72548b093ee38a6d4f2a19e6ef1948ae05c181f7 , < 961cfa271a918ad4ae452420e7c303149002875b (git)
    Affected: 72548b093ee38a6d4f2a19e6ef1948ae05c181f7 , < 3115af9644c342b356f3f07a4dd1c8905cd9a6fc (git)
    Affected: 72548b093ee38a6d4f2a19e6ef1948ae05c181f7 , < 8b88d99341f139e23bdeb1027a2a3ae10d341d82 (git)
    Affected: 72548b093ee38a6d4f2a19e6ef1948ae05c181f7 , < fafe0fa2995a0f7073c1c358d7d3145bcc9aedd8 (git)
    Affected: 72548b093ee38a6d4f2a19e6ef1948ae05c181f7 , < ce42ee423e58dffa5ec03524054c9d8bfd4f6237 (git)
    Affected: 72548b093ee38a6d4f2a19e6ef1948ae05c181f7 , < a664bf3d603dc3bdcf9ae47cc21e0daec706d7a5 (git)
    Create a notification for this product.
    Linux Linux Affected: 4.14
    Unaffected: 0 , < 4.14 (semver)
    Unaffected: 5.10.254 , ≤ 5.10.* (semver)
    Unaffected: 5.15.204 , ≤ 5.15.* (semver)
    Unaffected: 6.1.170 , ≤ 6.1.* (semver)
    Unaffected: 6.6.137 , ≤ 6.6.* (semver)
    Unaffected: 6.12.85 , ≤ 6.12.* (semver)
    Unaffected: 6.18.22 , ≤ 6.18.* (semver)
    Unaffected: 6.19.12 , ≤ 6.19.* (semver)
    Unaffected: 7.0 , ≤ * (original_commit_for_fix)
    Create a notification for this product.
    Siemens SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Affected: V3.1.5 , < * (custom)
    Create a notification for this product.
    Siemens SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP Affected: V3.1.5 , < * (custom)
    Create a notification for this product.
    Siemens SIMATIC S7-1500 TM MFP - GNU/Linux subsystem Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens SIPLUS S7-1500 CPU 1518-4 PN/DP MFP Affected: V3.1.5 , < * (custom)
    Create a notification for this product.
    Red Hat NVIDIA for RHEL 10     cpe:/a:redhat:enterprise_linux_nvidia:10::el10
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4.12     cpe:/a:redhat:openshift:4.12::el8
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4.13     cpe:/a:redhat:openshift:4.13::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4.14     cpe:/a:redhat:openshift:4.14::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4.15     cpe:/a:redhat:openshift:4.15::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4.16     cpe:/a:redhat:openshift:4.16::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4.17     cpe:/a:redhat:openshift:4.17::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4.18     cpe:/a:redhat:openshift:4.18::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4.19     cpe:/a:redhat:openshift:4.19::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4.20     cpe:/a:redhat:openshift:4.20::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4.21     cpe:/a:redhat:openshift:4.21::el9
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream EUS (v. 10.0)     cpe:/o:redhat:enterprise_linux_eus:10.0
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream (v. 10)     cpe:/o:redhat:enterprise_linux:10.1
        cpe:/o:redhat:enterprise_linux:10.2
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream E4S (v.9.0)     cpe:/a:redhat:rhel_e4s:9.0::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream E4S (v.9.2)     cpe:/a:redhat:rhel_e4s:9.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream EUS (v.9.4)     cpe:/a:redhat:rhel_eus:9.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream EUS (v.9.6)     cpe:/a:redhat:rhel_eus:9.6::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream (v. 9)     cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux BaseOS EUS (v. 10.0)     cpe:/o:redhat:enterprise_linux_eus:10.0
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux BaseOS (v. 10)     cpe:/o:redhat:enterprise_linux:10.1
        cpe:/o:redhat:enterprise_linux:10.2
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux BaseOS (v. 8)     cpe:/o:redhat:enterprise_linux:8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux BaseOS AUS (v.8.4)     cpe:/o:redhat:rhel_aus:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)     cpe:/o:redhat:rhel_eus_long_life:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux BaseOS AUS (v.8.6)     cpe:/o:redhat:rhel_aus:8.6::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux BaseOS E4S (v.8.6)     cpe:/o:redhat:rhel_e4s:8.6::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux BaseOS TUS (v.8.6)     cpe:/o:redhat:rhel_tus:8.6::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux BaseOS E4S (v.8.8)     cpe:/o:redhat:rhel_e4s:8.8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux BaseOS TUS (v.8.8)     cpe:/o:redhat:rhel_tus:8.8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux BaseOS E4S (v.9.0)     cpe:/o:redhat:rhel_e4s:9.0::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux BaseOS E4S (v.9.2)     cpe:/o:redhat:rhel_e4s:9.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux BaseOS EUS (v.9.4)     cpe:/o:redhat:rhel_eus:9.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux BaseOS EUS (v.9.6)     cpe:/o:redhat:rhel_eus:9.6::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux BaseOS (v. 9)     cpe:/o:redhat:enterprise_linux:9::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)     cpe:/o:redhat:enterprise_linux_eus:10.0
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)     cpe:/o:redhat:enterprise_linux:10.1
        cpe:/o:redhat:enterprise_linux:10.2
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux CRB (v. 8)     cpe:/a:redhat:enterprise_linux:8::crb
    Create a notification for this product.
    Red Hat Red Hat CodeReady Linux Builder EUS (v.9.4)     cpe:/a:redhat:rhel_eus:9.4::crb
    Create a notification for this product.
    Red Hat Red Hat CodeReady Linux Builder EUS (v.9.6)     cpe:/a:redhat:rhel_eus:9.6::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)     cpe:/a:redhat:enterprise_linux:9::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux Real Time for NFV EUS (v. 10.0)     cpe:/o:redhat:enterprise_linux_eus:10.0
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux Real Time for NFV (v. 10)     cpe:/o:redhat:enterprise_linux:10.1
        cpe:/o:redhat:enterprise_linux:10.2
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux NFV (v. 8)     cpe:/a:redhat:enterprise_linux:8::nfv
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux NFV E4S (v.9.0)     cpe:/a:redhat:rhel_e4s:9.0::nfv
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)     cpe:/a:redhat:rhel_e4s:9.2::nfv
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux Real Time for NFV EUS (v.9.4)     cpe:/a:redhat:rhel_eus:9.4::nfv
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux Real Time for NFV EUS (v.9.6)     cpe:/a:redhat:rhel_eus:9.6::nfv
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux Real Time for NFV (v. 9)     cpe:/a:redhat:enterprise_linux:9::nfv
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux Real Time EUS (v. 10.0)     cpe:/o:redhat:enterprise_linux_eus:10.0
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux Real Time (v. 10)     cpe:/o:redhat:enterprise_linux:10.1
        cpe:/o:redhat:enterprise_linux:10.2
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux RT (v. 8)     cpe:/a:redhat:enterprise_linux:8::realtime
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux Real Time E4S (v.9.0)     cpe:/a:redhat:rhel_e4s:9.0::realtime
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux Real Time E4S (v.9.2)     cpe:/a:redhat:rhel_e4s:9.2::realtime
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux Real Time EUS (v.9.4)     cpe:/a:redhat:rhel_eus:9.4::realtime
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux Real Time EUS (v.9.6)     cpe:/a:redhat:rhel_eus:9.6::realtime
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux Real Time (v. 9)     cpe:/a:redhat:enterprise_linux:9::realtime
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-31431",
                    "options": [
                      {
                        "Exploitation": "active"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-29T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              },
              {
                "other": {
                  "content": {
                    "dateAdded": "2026-05-01",
                    "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-31431"
                  },
                  "type": "kev"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-669",
                    "description": "CWE-669 Incorrect Resource Transfer Between Spheres",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-02T03:55:23.146Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://github.com/theori-io/copy-fail-CVE-2026-31431"
              },
              {
                "tags": [
                  "mitigation"
                ],
                "url": "https://xint.io/blog/copy-fail-linux-distributions#the-fix-6"
              },
              {
                "tags": [
                  "mitigation"
                ],
                "url": "https://lore.kernel.org/linux-cve-announce/2026042214-CVE-2026-31431-3d65@gregkh/"
              },
              {
                "tags": [
                  "mitigation"
                ],
                "url": "https://access.redhat.com/security/cve/cve-2026-31431#cve-details-mitigation"
              },
              {
                "tags": [
                  "government-resource"
                ],
                "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-31431"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-05-01T00:00:00.000Z",
                "value": "CVE-2026-31431 added to CISA KEV"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2026-05-18T17:44:54.264Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/04/29/23"
              },
              {
                "url": "https://copy.fail"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/04/29/25"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/04/29/26"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/04/30/2"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/04/30/5"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/04/30/6"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/04/30/10"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/04/30/11"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/04/30/12"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/04/30/14"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/04/30/15"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/04/30/16"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/04/30/17"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/04/30/18"
              },
              {
                "url": "https://websec.net/blog/cve-2026-31431-linux-algifaead-page-cache-write-to-root-69f38a4ccddd2db1f520f170"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/04/30/20"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/01/2"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/01/3"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/01/10"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/01/12"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/01/15"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/01/16"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/01/17"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/01/18"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/01/22"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/01/23"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/01/24"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/02/4"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/02/5"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/02/6"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/02/7"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/02/8"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/02/14"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/02/15"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/02/16"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/02/17"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/02/18"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/02/19"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/02/20"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/02/21"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/02/23"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/02/24"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/02/25"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/03/3"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/03/4"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/03/10"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/03/5"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/03/6"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/03/12"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/03/13"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/04/1"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/04/2"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/04/10"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/04/11"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/04/12"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/04/13"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/04/14"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/04/8"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/04/9"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/04/24"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/04/27"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/04/28"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/04/29"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/04/31"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/06/5"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/07/2"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/07/12"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/08/13"
              },
              {
                "url": "https://www.kb.cert.org/vuls/id/260001"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/18/3"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "defaultStatus": "unknown",
                "product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "V3.1.5",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "defaultStatus": "unknown",
                "product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "V3.1.5",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "defaultStatus": "unknown",
                "product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "V3.1.5",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "defaultStatus": "unknown",
                "product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "V3.1.5",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "defaultStatus": "unknown",
                "product": "SIMATIC S7-1500 TM MFP - GNU/Linux subsystem",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "defaultStatus": "unknown",
                "product": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "V3.1.5",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-12T12:09:03.910Z",
              "orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
              "shortName": "siemens-SADP"
            },
            "references": [
              {
                "url": "https://cert-portal.siemens.com/productcert/html/ssa-265688.html"
              },
              {
                "url": "https://cert-portal.siemens.com/productcert/html/ssa-082556.html"
              }
            ],
            "x_adpType": "supplier"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux_nvidia:10::el10"
                ],
                "defaultStatus": "affected",
                "product": "NVIDIA for RHEL 10",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift:4.12::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Container Platform 4.12",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift:4.13::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Container Platform 4.13",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift:4.14::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Container Platform 4.14",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift:4.15::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Container Platform 4.15",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift:4.16::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Container Platform 4.16",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift:4.17::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Container Platform 4.17",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift:4.18::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Container Platform 4.18",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift:4.19::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Container Platform 4.19",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift:4.20::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Container Platform 4.20",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift:4.21::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Container Platform 4.21",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux_eus:10.0"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10.1",
                  "cpe:/o:redhat:enterprise_linux:10.2"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream (v. 10)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_e4s:9.0::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream E4S (v.9.0)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_e4s:9.2::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream E4S (v.9.2)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_eus:9.4::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream EUS (v.9.4)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_eus:9.6::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream EUS (v.9.6)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux:9::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream (v. 9)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux_eus:10.0"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10.1",
                  "cpe:/o:redhat:enterprise_linux:10.2"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux BaseOS (v. 10)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8::baseos"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux BaseOS (v. 8)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:rhel_aus:8.4::baseos"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:rhel_aus:8.6::baseos"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:rhel_e4s:8.6::baseos"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:rhel_tus:8.6::baseos"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:rhel_e4s:8.8::baseos"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:rhel_tus:8.8::baseos"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:rhel_e4s:9.0::baseos"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:rhel_e4s:9.2::baseos"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:rhel_eus:9.4::baseos"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:rhel_eus:9.6::baseos"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9::baseos"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux BaseOS (v. 9)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux_eus:10.0"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10.1",
                  "cpe:/o:redhat:enterprise_linux:10.2"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux:8::crb"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux CRB (v. 8)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_eus:9.4::crb"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat CodeReady Linux Builder EUS (v.9.4)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_eus:9.6::crb"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat CodeReady Linux Builder EUS (v.9.6)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux:9::crb"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux_eus:10.0"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux Real Time for NFV EUS (v. 10.0)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10.1",
                  "cpe:/o:redhat:enterprise_linux:10.2"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux Real Time for NFV (v. 10)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux:8::nfv"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux NFV (v. 8)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_e4s:9.0::nfv"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux NFV E4S (v.9.0)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_e4s:9.2::nfv"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_eus:9.4::nfv"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux Real Time for NFV EUS (v.9.4)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_eus:9.6::nfv"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux Real Time for NFV EUS (v.9.6)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux:9::nfv"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux Real Time for NFV (v. 9)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux_eus:10.0"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux Real Time EUS (v. 10.0)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10.1",
                  "cpe:/o:redhat:enterprise_linux:10.2"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux Real Time (v. 10)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux:8::realtime"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux RT (v. 8)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_e4s:9.0::realtime"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux Real Time E4S (v.9.0)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_e4s:9.2::realtime"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux Real Time E4S (v.9.2)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_eus:9.4::realtime"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux Real Time EUS (v.9.4)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_eus:9.6::realtime"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux Real Time EUS (v.9.6)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux:9::realtime"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux Real Time (v. 9)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:6"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 6",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:7"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 7",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-04-22T00:00:00.000Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in the Linux kernel\u0027s algif_aead cryptographic algorithm interface. An incorrect in-place operation causes source and destination data mappings to differ during cryptographic processing. A low-privileged local attacker can exploit this flaw to corrupt the contents of sensitive system files and escalate to root privileges."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-1288",
                    "description": "Improper Validation of Consistency within Input",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-01T12:05:08.344Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-31431"
              },
              {
                "name": "RHBZ#2460538",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460538"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-31431.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:14926"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:33486"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:14097"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:14112"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:15087"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:14773"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:13729"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:13885"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:13727"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:13690"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:13862"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:13811"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:13887"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:13566"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19074"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:13936"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:13734"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:13932"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:14339"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:13565"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19225"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:13577"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:15976"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:14165"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:14230"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:16111"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:13681"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:16210"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:16209"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:16208"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:16063"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:16018"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:15978"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:13578"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:14137"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:14301"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:14926: NVIDIA for RHEL 10"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:33486: NVIDIA for RHEL 10"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:14097: Red Hat OpenShift Container Platform 4.12"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:14112: Red Hat OpenShift Container Platform 4.13"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:15087: Red Hat OpenShift Container Platform 4.14"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:14773: Red Hat OpenShift Container Platform 4.15"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:13729: Red Hat OpenShift Container Platform 4.16"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:13885: Red Hat OpenShift Container Platform 4.17"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:13727: Red Hat OpenShift Container Platform 4.18"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:13690: Red Hat OpenShift Container Platform 4.19"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:13862: Red Hat OpenShift Container Platform 4.20"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:13811: Red Hat OpenShift Container Platform 4.21"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:13887: Red Hat Enterprise Linux AppStream EUS (v. 10.0), Red Hat Enterprise Linux BaseOS EUS (v. 10.0), Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0), Red Hat Enterprise Linux Real Time EUS (v. 10.0), Red Hat Enterprise Linux Real Time for NFV EUS (v. 10.0)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:13566: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux BaseOS (v. 10), Red Hat Enterprise Linux CodeReady Linux Builder (v. 10), Red Hat Enterprise Linux Real Time (v. 10), Red Hat Enterprise Linux Real Time for NFV (v. 10)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19074: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux BaseOS (v. 10), Red Hat Enterprise Linux CodeReady Linux Builder (v. 10), Red Hat Enterprise Linux Real Time (v. 10), Red Hat Enterprise Linux Real Time for NFV (v. 10)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:13936: Red Hat Enterprise Linux AppStream E4S (v.9.0), Red Hat Enterprise Linux BaseOS E4S (v.9.0)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:13734: Red Hat Enterprise Linux AppStream E4S (v.9.2), Red Hat Enterprise Linux BaseOS E4S (v.9.2)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:13932: Red Hat CodeReady Linux Builder EUS (v.9.4), Red Hat Enterprise Linux AppStream EUS (v.9.4), Red Hat Enterprise Linux BaseOS EUS (v.9.4), Red Hat Enterprise Linux Real Time EUS (v.9.4), Red Hat Enterprise Linux Real Time for NFV EUS (v.9.4)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:14339: Red Hat CodeReady Linux Builder EUS (v.9.6), Red Hat Enterprise Linux AppStream EUS (v.9.6), Red Hat Enterprise Linux BaseOS EUS (v.9.6), Red Hat Enterprise Linux Real Time EUS (v.9.6), Red Hat Enterprise Linux Real Time for NFV EUS (v.9.6)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:13565: Red Hat Enterprise Linux AppStream (v. 9), Red Hat Enterprise Linux BaseOS (v. 9), Red Hat Enterprise Linux CodeReady Linux Builder (v. 9), Red Hat Enterprise Linux Real Time (v. 9), Red Hat Enterprise Linux Real Time for NFV (v. 9)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19225: Red Hat Enterprise Linux AppStream (v. 9), Red Hat Enterprise Linux BaseOS (v. 9), Red Hat Enterprise Linux CodeReady Linux Builder (v. 9), Red Hat Enterprise Linux Real Time (v. 9), Red Hat Enterprise Linux Real Time for NFV (v. 9)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:13577: Red Hat Enterprise Linux BaseOS (v. 8), Red Hat Enterprise Linux CRB (v. 8)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:15976: Red Hat Enterprise Linux BaseOS (v. 8)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:14165: Red Hat Enterprise Linux BaseOS AUS (v.8.4), Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:14230: Red Hat Enterprise Linux BaseOS AUS (v.8.6), Red Hat Enterprise Linux BaseOS E4S (v.8.6), Red Hat Enterprise Linux BaseOS TUS (v.8.6)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:16111: Red Hat Enterprise Linux BaseOS E4S (v.8.6)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:13681: Red Hat Enterprise Linux BaseOS E4S (v.8.8), Red Hat Enterprise Linux BaseOS TUS (v.8.8)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:16210: Red Hat Enterprise Linux BaseOS E4S (v.8.8)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:16209: Red Hat Enterprise Linux BaseOS E4S (v.9.0)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:16208: Red Hat Enterprise Linux BaseOS E4S (v.9.2)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:16063: Red Hat Enterprise Linux BaseOS EUS (v.9.4)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:16018: Red Hat Enterprise Linux BaseOS EUS (v.9.6)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:15978: Red Hat Enterprise Linux BaseOS (v. 9)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:13578: Red Hat Enterprise Linux NFV (v. 8), Red Hat Enterprise Linux RT (v. 8)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:14137: Red Hat Enterprise Linux NFV E4S (v.9.0), Red Hat Enterprise Linux Real Time E4S (v.9.0)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:14301: Red Hat Enterprise Linux Real Time E4S (v.9.2), Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-04-22T00:00:00.000Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-04-22T00:00:00.000Z",
                "value": "Made public."
              }
            ],
            "title": "kernel: crypto: algif_aead - Revert to operating out-of-place",
            "workarounds": [
              {
                "lang": "en",
                "value": "See the security bulletin for a detailed mitigation procedure."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Linux",
              "programFiles": [
                "crypto/af_alg.c",
                "crypto/algif_aead.c",
                "crypto/algif_skcipher.c",
                "include/crypto/if_alg.h"
              ],
              "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
              "vendor": "Linux",
              "versions": [
                {
                  "lessThan": "893d22e0135fa394db81df88697fba6032747667",
                  "status": "affected",
                  "version": "72548b093ee38a6d4f2a19e6ef1948ae05c181f7",
                  "versionType": "git"
                },
                {
                  "lessThan": "19d43105a97be0810edbda875f2cd03f30dc130c",
                  "status": "affected",
                  "version": "72548b093ee38a6d4f2a19e6ef1948ae05c181f7",
                  "versionType": "git"
                },
                {
                  "lessThan": "961cfa271a918ad4ae452420e7c303149002875b",
                  "status": "affected",
                  "version": "72548b093ee38a6d4f2a19e6ef1948ae05c181f7",
                  "versionType": "git"
                },
                {
                  "lessThan": "3115af9644c342b356f3f07a4dd1c8905cd9a6fc",
                  "status": "affected",
                  "version": "72548b093ee38a6d4f2a19e6ef1948ae05c181f7",
                  "versionType": "git"
                },
                {
                  "lessThan": "8b88d99341f139e23bdeb1027a2a3ae10d341d82",
                  "status": "affected",
                  "version": "72548b093ee38a6d4f2a19e6ef1948ae05c181f7",
                  "versionType": "git"
                },
                {
                  "lessThan": "fafe0fa2995a0f7073c1c358d7d3145bcc9aedd8",
                  "status": "affected",
                  "version": "72548b093ee38a6d4f2a19e6ef1948ae05c181f7",
                  "versionType": "git"
                },
                {
                  "lessThan": "ce42ee423e58dffa5ec03524054c9d8bfd4f6237",
                  "status": "affected",
                  "version": "72548b093ee38a6d4f2a19e6ef1948ae05c181f7",
                  "versionType": "git"
                },
                {
                  "lessThan": "a664bf3d603dc3bdcf9ae47cc21e0daec706d7a5",
                  "status": "affected",
                  "version": "72548b093ee38a6d4f2a19e6ef1948ae05c181f7",
                  "versionType": "git"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "Linux",
              "programFiles": [
                "crypto/af_alg.c",
                "crypto/algif_aead.c",
                "crypto/algif_skcipher.c",
                "include/crypto/if_alg.h"
              ],
              "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
              "vendor": "Linux",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.14"
                },
                {
                  "lessThan": "4.14",
                  "status": "unaffected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.10.*",
                  "status": "unaffected",
                  "version": "5.10.254",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.15.*",
                  "status": "unaffected",
                  "version": "5.15.204",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.1.*",
                  "status": "unaffected",
                  "version": "6.1.170",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.6.*",
                  "status": "unaffected",
                  "version": "6.6.137",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.12.*",
                  "status": "unaffected",
                  "version": "6.12.85",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.18.*",
                  "status": "unaffected",
                  "version": "6.18.22",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.19.*",
                  "status": "unaffected",
                  "version": "6.19.12",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "*",
                  "status": "unaffected",
                  "version": "7.0",
                  "versionType": "original_commit_for_fix"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "5.10.254",
                      "versionStartIncluding": "4.14",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "5.15.204",
                      "versionStartIncluding": "4.14",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.1.170",
                      "versionStartIncluding": "4.14",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.6.137",
                      "versionStartIncluding": "4.14",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.12.85",
                      "versionStartIncluding": "4.14",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.18.22",
                      "versionStartIncluding": "4.14",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.19.12",
                      "versionStartIncluding": "4.14",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "7.0",
                      "versionStartIncluding": "4.14",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: algif_aead - Revert to operating out-of-place\n\nThis mostly reverts commit 72548b093ee3 except for the copying of\nthe associated data.\n\nThere is no benefit in operating in-place in algif_aead since the\nsource and destination come from different mappings.  Get rid of\nall the complexity added for in-place operation and just copy the\nAD directly."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-11T22:08:34.612Z",
            "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
            "shortName": "Linux"
          },
          "references": [
            {
              "url": "https://git.kernel.org/stable/c/893d22e0135fa394db81df88697fba6032747667"
            },
            {
              "url": "https://git.kernel.org/stable/c/19d43105a97be0810edbda875f2cd03f30dc130c"
            },
            {
              "url": "https://git.kernel.org/stable/c/961cfa271a918ad4ae452420e7c303149002875b"
            },
            {
              "url": "https://git.kernel.org/stable/c/3115af9644c342b356f3f07a4dd1c8905cd9a6fc"
            },
            {
              "url": "https://git.kernel.org/stable/c/8b88d99341f139e23bdeb1027a2a3ae10d341d82"
            },
            {
              "url": "https://git.kernel.org/stable/c/fafe0fa2995a0f7073c1c358d7d3145bcc9aedd8"
            },
            {
              "url": "https://git.kernel.org/stable/c/ce42ee423e58dffa5ec03524054c9d8bfd4f6237"
            },
            {
              "url": "https://git.kernel.org/stable/c/a664bf3d603dc3bdcf9ae47cc21e0daec706d7a5"
            }
          ],
          "title": "crypto: algif_aead - Revert to operating out-of-place",
          "x_generator": {
            "engine": "bippy-1.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "assignerShortName": "Linux",
        "cveId": "CVE-2026-31431",
        "datePublished": "2026-04-22T08:15:10.123Z",
        "dateReserved": "2026-03-09T15:48:24.089Z",
        "dateUpdated": "2026-07-01T12:05:08.344Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-50302 (GCVE-0-2024-50302)

    Vulnerability from nvd – Published: 2024-11-19 01:30 – Updated: 2026-05-23 15:55
    VLAI CISA KEVIntel
    Title
    HID: core: zero-initialize the report buffer
    Summary
    In the Linux kernel, the following vulnerability has been resolved: HID: core: zero-initialize the report buffer Since the report buffer is used by all kinds of drivers in various ways, let's zero-initialize it during allocation to make sure that it can't be ever used to leak kernel memory via specially-crafted report.
    SSVC
    Exploitation: active Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-908 - Use of Uninitialized Resource
    Assigner
    Impacted products
    Vendor Product Version
    Linux Linux Affected: 27ce405039bfe6d3f4143415c638f56a3df77dca , < e7ea60184e1e88a3c9e437b3265cbb6439aa7e26 (git)
    Affected: 27ce405039bfe6d3f4143415c638f56a3df77dca , < 3f9e88f2672c4635960570ee9741778d4135ecf5 (git)
    Affected: 27ce405039bfe6d3f4143415c638f56a3df77dca , < d7dc68d82ab3fcfc3f65322465da3d7031d4ab46 (git)
    Affected: 27ce405039bfe6d3f4143415c638f56a3df77dca , < 05ade5d4337867929e7ef664e7ac8e0c734f1aaf (git)
    Affected: 27ce405039bfe6d3f4143415c638f56a3df77dca , < 1884ab3d22536a5c14b17c78c2ce76d1734e8b0b (git)
    Affected: 27ce405039bfe6d3f4143415c638f56a3df77dca , < 9d9f5c75c0c7f31766ec27d90f7a6ac673193191 (git)
    Affected: 27ce405039bfe6d3f4143415c638f56a3df77dca , < 492015e6249fbcd42138b49de3c588d826dd9648 (git)
    Affected: 27ce405039bfe6d3f4143415c638f56a3df77dca , < 177f25d1292c7e16e1199b39c85480f7f8815552 (git)
    Affected: b2b6cadad699d44a8a5b2a60f3d960e00d6fb3b7 (git)
    Affected: fe6c9b48ebc920ff21c10c50ab2729440c734254 (git)
    Affected: 3.10.16 , < 3.11 (semver)
    Affected: 3.11.5 , < 3.12 (semver)
    Create a notification for this product.
    Linux Linux Affected: 3.12
    Unaffected: 0 , < 3.12 (semver)
    Unaffected: 4.19.324 , ≤ 4.19.* (semver)
    Unaffected: 5.4.286 , ≤ 5.4.* (semver)
    Unaffected: 5.10.230 , ≤ 5.10.* (semver)
    Unaffected: 5.15.172 , ≤ 5.15.* (semver)
    Unaffected: 6.1.117 , ≤ 6.1.* (semver)
    Unaffected: 6.6.61 , ≤ 6.6.* (semver)
    Unaffected: 6.11.8 , ≤ 6.11.* (semver)
    Unaffected: 6.12 , ≤ * (original_commit_for_fix)
    Create a notification for this product.
    Siemens RUGGEDCOM RST2428P Unaffected: 0 , < * (custom)
    Create a notification for this product.
    Siemens SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family Unaffected: 0 , < * (custom)
    Create a notification for this product.
    Siemens SCALANCE XCM-/XRM-/XCH-/XRH-300 family Unaffected: 0 , < * (custom)
    Create a notification for this product.
    Siemens SIMATIC S7-1500 TM MFP - GNU/Linux subsystem Affected: 0 , < * (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "NONE",
                  "baseScore": 5.5,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-50302",
                    "options": [
                      {
                        "Exploitation": "active"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-05T04:55:26.718337Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              },
              {
                "other": {
                  "content": {
                    "dateAdded": "2025-03-04",
                    "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-50302"
                  },
                  "type": "kev"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-908",
                    "description": "CWE-908 Use of Uninitialized Resource",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-21T22:55:35.755Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "government-resource"
                ],
                "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-50302"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2025-03-04T00:00:00.000Z",
                "value": "CVE-2024-50302 added to CISA KEV"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-03T22:28:19.656Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"
              },
              {
                "url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "defaultStatus": "unknown",
                "product": "RUGGEDCOM RST2428P",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "defaultStatus": "unknown",
                "product": "SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "defaultStatus": "unknown",
                "product": "SCALANCE XCM-/XRM-/XCH-/XRH-300 family",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "defaultStatus": "unknown",
                "product": "SIMATIC S7-1500 TM MFP - GNU/Linux subsystem",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-12T12:01:00.886Z",
              "orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
              "shortName": "siemens-SADP"
            },
            "references": [
              {
                "url": "https://cert-portal.siemens.com/productcert/html/ssa-265688.html"
              },
              {
                "url": "https://cert-portal.siemens.com/productcert/html/ssa-355557.html"
              }
            ],
            "x_adpType": "supplier"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Linux",
              "programFiles": [
                "drivers/hid/hid-core.c"
              ],
              "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
              "vendor": "Linux",
              "versions": [
                {
                  "lessThan": "e7ea60184e1e88a3c9e437b3265cbb6439aa7e26",
                  "status": "affected",
                  "version": "27ce405039bfe6d3f4143415c638f56a3df77dca",
                  "versionType": "git"
                },
                {
                  "lessThan": "3f9e88f2672c4635960570ee9741778d4135ecf5",
                  "status": "affected",
                  "version": "27ce405039bfe6d3f4143415c638f56a3df77dca",
                  "versionType": "git"
                },
                {
                  "lessThan": "d7dc68d82ab3fcfc3f65322465da3d7031d4ab46",
                  "status": "affected",
                  "version": "27ce405039bfe6d3f4143415c638f56a3df77dca",
                  "versionType": "git"
                },
                {
                  "lessThan": "05ade5d4337867929e7ef664e7ac8e0c734f1aaf",
                  "status": "affected",
                  "version": "27ce405039bfe6d3f4143415c638f56a3df77dca",
                  "versionType": "git"
                },
                {
                  "lessThan": "1884ab3d22536a5c14b17c78c2ce76d1734e8b0b",
                  "status": "affected",
                  "version": "27ce405039bfe6d3f4143415c638f56a3df77dca",
                  "versionType": "git"
                },
                {
                  "lessThan": "9d9f5c75c0c7f31766ec27d90f7a6ac673193191",
                  "status": "affected",
                  "version": "27ce405039bfe6d3f4143415c638f56a3df77dca",
                  "versionType": "git"
                },
                {
                  "lessThan": "492015e6249fbcd42138b49de3c588d826dd9648",
                  "status": "affected",
                  "version": "27ce405039bfe6d3f4143415c638f56a3df77dca",
                  "versionType": "git"
                },
                {
                  "lessThan": "177f25d1292c7e16e1199b39c85480f7f8815552",
                  "status": "affected",
                  "version": "27ce405039bfe6d3f4143415c638f56a3df77dca",
                  "versionType": "git"
                },
                {
                  "status": "affected",
                  "version": "b2b6cadad699d44a8a5b2a60f3d960e00d6fb3b7",
                  "versionType": "git"
                },
                {
                  "status": "affected",
                  "version": "fe6c9b48ebc920ff21c10c50ab2729440c734254",
                  "versionType": "git"
                },
                {
                  "lessThan": "3.11",
                  "status": "affected",
                  "version": "3.10.16",
                  "versionType": "semver"
                },
                {
                  "lessThan": "3.12",
                  "status": "affected",
                  "version": "3.11.5",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "Linux",
              "programFiles": [
                "drivers/hid/hid-core.c"
              ],
              "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
              "vendor": "Linux",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.12"
                },
                {
                  "lessThan": "3.12",
                  "status": "unaffected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "4.19.*",
                  "status": "unaffected",
                  "version": "4.19.324",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.4.*",
                  "status": "unaffected",
                  "version": "5.4.286",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.10.*",
                  "status": "unaffected",
                  "version": "5.10.230",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.15.*",
                  "status": "unaffected",
                  "version": "5.15.172",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.1.*",
                  "status": "unaffected",
                  "version": "6.1.117",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.6.*",
                  "status": "unaffected",
                  "version": "6.6.61",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.11.*",
                  "status": "unaffected",
                  "version": "6.11.8",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "*",
                  "status": "unaffected",
                  "version": "6.12",
                  "versionType": "original_commit_for_fix"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.19.324",
                      "versionStartIncluding": "3.12",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "5.4.286",
                      "versionStartIncluding": "3.12",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "5.10.230",
                      "versionStartIncluding": "3.12",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "5.15.172",
                      "versionStartIncluding": "3.12",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.1.117",
                      "versionStartIncluding": "3.12",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.6.61",
                      "versionStartIncluding": "3.12",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.11.8",
                      "versionStartIncluding": "3.12",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.12",
                      "versionStartIncluding": "3.12",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                      "versionStartIncluding": "3.10.16",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                      "versionStartIncluding": "3.11.5",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: core: zero-initialize the report buffer\n\nSince the report buffer is used by all kinds of drivers in various ways, let\u0027s\nzero-initialize it during allocation to make sure that it can\u0027t be ever used\nto leak kernel memory via specially-crafted report."
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-23T15:55:02.106Z",
            "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
            "shortName": "Linux"
          },
          "references": [
            {
              "url": "https://git.kernel.org/stable/c/e7ea60184e1e88a3c9e437b3265cbb6439aa7e26"
            },
            {
              "url": "https://git.kernel.org/stable/c/3f9e88f2672c4635960570ee9741778d4135ecf5"
            },
            {
              "url": "https://git.kernel.org/stable/c/d7dc68d82ab3fcfc3f65322465da3d7031d4ab46"
            },
            {
              "url": "https://git.kernel.org/stable/c/05ade5d4337867929e7ef664e7ac8e0c734f1aaf"
            },
            {
              "url": "https://git.kernel.org/stable/c/1884ab3d22536a5c14b17c78c2ce76d1734e8b0b"
            },
            {
              "url": "https://git.kernel.org/stable/c/9d9f5c75c0c7f31766ec27d90f7a6ac673193191"
            },
            {
              "url": "https://git.kernel.org/stable/c/492015e6249fbcd42138b49de3c588d826dd9648"
            },
            {
              "url": "https://git.kernel.org/stable/c/177f25d1292c7e16e1199b39c85480f7f8815552"
            }
          ],
          "title": "HID: core: zero-initialize the report buffer",
          "x_generator": {
            "engine": "bippy-1.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "assignerShortName": "Linux",
        "cveId": "CVE-2024-50302",
        "datePublished": "2024-11-19T01:30:51.300Z",
        "dateReserved": "2024-10-21T19:36:19.987Z",
        "dateUpdated": "2026-05-23T15:55:02.106Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-49894 (GCVE-0-2024-49894)

    Vulnerability from nvd – Published: 2024-10-21 18:01 – Updated: 2026-05-12 11:58
    VLAI
    Title
    drm/amd/display: Fix index out of bounds in degamma hardware format translation
    Summary
    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix index out of bounds in degamma hardware format translation Fixes index out of bounds issue in `cm_helper_translate_curve_to_degamma_hw_format` function. The issue could occur when the index 'i' exceeds the number of transfer function points (TRANSFER_FUNC_POINTS). The fix adds a check to ensure 'i' is within bounds before accessing the transfer function points. If 'i' is out of bounds the function returns false to indicate an error. Reported by smatch: drivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:594 cm_helper_translate_curve_to_degamma_hw_format() error: buffer overflow 'output_tf->tf_pts.red' 1025 <= s32max drivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:595 cm_helper_translate_curve_to_degamma_hw_format() error: buffer overflow 'output_tf->tf_pts.green' 1025 <= s32max drivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:596 cm_helper_translate_curve_to_degamma_hw_format() error: buffer overflow 'output_tf->tf_pts.blue' 1025 <= s32max
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    Assigner
    Impacted products
    Vendor Product Version
    Linux Linux Affected: 4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c , < b3dfa878257a7e98830b3009ca5831a01d8f85fc (git)
    Affected: 4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c , < f5f6d90087131812c1e4b9d3103f400f1624396d (git)
    Affected: 4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c , < c130a3c09e3746c1a09ce26c20d21d449d039b1d (git)
    Affected: 4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c , < c6979719012a90e5b8e3bc31725fbfdd0b9b2b79 (git)
    Affected: 4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c , < 2495c8e272d84685403506833a664fad932e453a (git)
    Affected: 4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c , < 122e3a7a8c7bcbe3aacddd6103f67f9f36bed473 (git)
    Affected: 4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c , < 2f5da549535be8ccd2ab7c9abac8562ad370b181 (git)
    Affected: 4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c , < 07078fa5d589a7fbce8f81ea8acf7aa0021ab38e (git)
    Affected: 4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c , < b7e99058eb2e86aabd7a10761e76cae33d22b49f (git)
    Create a notification for this product.
    Linux Linux Affected: 4.15
    Unaffected: 0 , < 4.15 (semver)
    Unaffected: 4.19.323 , ≤ 4.19.* (semver)
    Unaffected: 5.4.285 , ≤ 5.4.* (semver)
    Unaffected: 5.10.227 , ≤ 5.10.* (semver)
    Unaffected: 5.15.168 , ≤ 5.15.* (semver)
    Unaffected: 6.1.113 , ≤ 6.1.* (semver)
    Unaffected: 6.6.55 , ≤ 6.6.* (semver)
    Unaffected: 6.10.14 , ≤ 6.10.* (semver)
    Unaffected: 6.11.3 , ≤ 6.11.* (semver)
    Unaffected: 6.12 , ≤ * (original_commit_for_fix)
    Create a notification for this product.
    Siemens RUGGEDCOM RST2428P Unaffected: 0 , < * (custom)
    Create a notification for this product.
    Siemens SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family Unaffected: 0 , < * (custom)
    Create a notification for this product.
    Siemens SCALANCE XCM-/XRM-/XCH-/XRH-300 family Unaffected: 0 , < * (custom)
    Create a notification for this product.
    Siemens SIMATIC S7-1500 TM MFP - GNU/Linux subsystem Affected: 0 , < * (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-49894",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-22T13:43:53.969023Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-22T13:48:48.651Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-03T22:22:58.352Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"
              },
              {
                "url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "defaultStatus": "unknown",
                "product": "RUGGEDCOM RST2428P",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "defaultStatus": "unknown",
                "product": "SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "defaultStatus": "unknown",
                "product": "SCALANCE XCM-/XRM-/XCH-/XRH-300 family",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "defaultStatus": "unknown",
                "product": "SIMATIC S7-1500 TM MFP - GNU/Linux subsystem",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-12T11:58:57.343Z",
              "orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
              "shortName": "siemens-SADP"
            },
            "references": [
              {
                "url": "https://cert-portal.siemens.com/productcert/html/ssa-265688.html"
              },
              {
                "url": "https://cert-portal.siemens.com/productcert/html/ssa-355557.html"
              }
            ],
            "x_adpType": "supplier"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Linux",
              "programFiles": [
                "drivers/gpu/drm/amd/display/dc/dcn10/dcn10_cm_common.c"
              ],
              "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
              "vendor": "Linux",
              "versions": [
                {
                  "lessThan": "b3dfa878257a7e98830b3009ca5831a01d8f85fc",
                  "status": "affected",
                  "version": "4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c",
                  "versionType": "git"
                },
                {
                  "lessThan": "f5f6d90087131812c1e4b9d3103f400f1624396d",
                  "status": "affected",
                  "version": "4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c",
                  "versionType": "git"
                },
                {
                  "lessThan": "c130a3c09e3746c1a09ce26c20d21d449d039b1d",
                  "status": "affected",
                  "version": "4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c",
                  "versionType": "git"
                },
                {
                  "lessThan": "c6979719012a90e5b8e3bc31725fbfdd0b9b2b79",
                  "status": "affected",
                  "version": "4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c",
                  "versionType": "git"
                },
                {
                  "lessThan": "2495c8e272d84685403506833a664fad932e453a",
                  "status": "affected",
                  "version": "4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c",
                  "versionType": "git"
                },
                {
                  "lessThan": "122e3a7a8c7bcbe3aacddd6103f67f9f36bed473",
                  "status": "affected",
                  "version": "4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c",
                  "versionType": "git"
                },
                {
                  "lessThan": "2f5da549535be8ccd2ab7c9abac8562ad370b181",
                  "status": "affected",
                  "version": "4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c",
                  "versionType": "git"
                },
                {
                  "lessThan": "07078fa5d589a7fbce8f81ea8acf7aa0021ab38e",
                  "status": "affected",
                  "version": "4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c",
                  "versionType": "git"
                },
                {
                  "lessThan": "b7e99058eb2e86aabd7a10761e76cae33d22b49f",
                  "status": "affected",
                  "version": "4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c",
                  "versionType": "git"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "Linux",
              "programFiles": [
                "drivers/gpu/drm/amd/display/dc/dcn10/dcn10_cm_common.c"
              ],
              "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
              "vendor": "Linux",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.15"
                },
                {
                  "lessThan": "4.15",
                  "status": "unaffected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "4.19.*",
                  "status": "unaffected",
                  "version": "4.19.323",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.4.*",
                  "status": "unaffected",
                  "version": "5.4.285",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.10.*",
                  "status": "unaffected",
                  "version": "5.10.227",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.15.*",
                  "status": "unaffected",
                  "version": "5.15.168",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.1.*",
                  "status": "unaffected",
                  "version": "6.1.113",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.6.*",
                  "status": "unaffected",
                  "version": "6.6.55",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.10.*",
                  "status": "unaffected",
                  "version": "6.10.14",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.11.*",
                  "status": "unaffected",
                  "version": "6.11.3",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "*",
                  "status": "unaffected",
                  "version": "6.12",
                  "versionType": "original_commit_for_fix"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.19.323",
                      "versionStartIncluding": "4.15",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "5.4.285",
                      "versionStartIncluding": "4.15",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "5.10.227",
                      "versionStartIncluding": "4.15",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "5.15.168",
                      "versionStartIncluding": "4.15",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.1.113",
                      "versionStartIncluding": "4.15",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.6.55",
                      "versionStartIncluding": "4.15",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.10.14",
                      "versionStartIncluding": "4.15",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.11.3",
                      "versionStartIncluding": "4.15",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.12",
                      "versionStartIncluding": "4.15",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix index out of bounds in degamma hardware format translation\n\nFixes index out of bounds issue in\n`cm_helper_translate_curve_to_degamma_hw_format` function. The issue\ncould occur when the index \u0027i\u0027 exceeds the number of transfer function\npoints (TRANSFER_FUNC_POINTS).\n\nThe fix adds a check to ensure \u0027i\u0027 is within bounds before accessing the\ntransfer function points. If \u0027i\u0027 is out of bounds the function returns\nfalse to indicate an error.\n\nReported by smatch:\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:594 cm_helper_translate_curve_to_degamma_hw_format() error: buffer overflow \u0027output_tf-\u003etf_pts.red\u0027 1025 \u003c= s32max\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:595 cm_helper_translate_curve_to_degamma_hw_format() error: buffer overflow \u0027output_tf-\u003etf_pts.green\u0027 1025 \u003c= s32max\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:596 cm_helper_translate_curve_to_degamma_hw_format() error: buffer overflow \u0027output_tf-\u003etf_pts.blue\u0027 1025 \u003c= s32max"
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-11T20:41:19.632Z",
            "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
            "shortName": "Linux"
          },
          "references": [
            {
              "url": "https://git.kernel.org/stable/c/b3dfa878257a7e98830b3009ca5831a01d8f85fc"
            },
            {
              "url": "https://git.kernel.org/stable/c/f5f6d90087131812c1e4b9d3103f400f1624396d"
            },
            {
              "url": "https://git.kernel.org/stable/c/c130a3c09e3746c1a09ce26c20d21d449d039b1d"
            },
            {
              "url": "https://git.kernel.org/stable/c/c6979719012a90e5b8e3bc31725fbfdd0b9b2b79"
            },
            {
              "url": "https://git.kernel.org/stable/c/2495c8e272d84685403506833a664fad932e453a"
            },
            {
              "url": "https://git.kernel.org/stable/c/122e3a7a8c7bcbe3aacddd6103f67f9f36bed473"
            },
            {
              "url": "https://git.kernel.org/stable/c/2f5da549535be8ccd2ab7c9abac8562ad370b181"
            },
            {
              "url": "https://git.kernel.org/stable/c/07078fa5d589a7fbce8f81ea8acf7aa0021ab38e"
            },
            {
              "url": "https://git.kernel.org/stable/c/b7e99058eb2e86aabd7a10761e76cae33d22b49f"
            }
          ],
          "title": "drm/amd/display: Fix index out of bounds in degamma hardware format translation",
          "x_generator": {
            "engine": "bippy-1.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "assignerShortName": "Linux",
        "cveId": "CVE-2024-49894",
        "datePublished": "2024-10-21T18:01:28.360Z",
        "dateReserved": "2024-10-21T12:17:06.025Z",
        "dateUpdated": "2026-05-12T11:58:57.343Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-4911 (GCVE-0-2023-4911)

    Vulnerability from nvd – Published: 2023-10-03 17:25 – Updated: 2026-05-12 10:18
    VLAI CISA KEVIntel
    Title
    Glibc: buffer overflow in ld.so leading to privilege escalation
    Summary
    A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.
    SSVC
    Exploitation: active Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-122 - Heap-based Buffer Overflow
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2023:5453 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2023:5454 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2023:5455 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2023:5476 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0033 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2023-4911 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2238352 issue-trackingx_refsource_REDHAT
    https://www.qualys.com/2023/10/03/cve-2023-4911/l…
    https://www.qualys.com/cve-2023-4911/
    https://www.exploit-db.com/exploits/52479
    http://packetstormsecurity.com/files/174986/glibc… x_transferred
    http://packetstormsecurity.com/files/176288/Glibc… x_transferred
    http://seclists.org/fulldisclosure/2023/Oct/11 x_transferred
    http://www.openwall.com/lists/oss-security/2023/10/03/2 x_transferred
    http://www.openwall.com/lists/oss-security/2023/10/03/3 x_transferred
    http://www.openwall.com/lists/oss-security/2023/10/05/1 x_transferred
    http://www.openwall.com/lists/oss-security/2023/1… x_transferred
    http://www.openwall.com/lists/oss-security/2023/10/14/3 x_transferred
    http://www.openwall.com/lists/oss-security/2023/10/14/5 x_transferred
    http://www.openwall.com/lists/oss-security/2023/10/14/6 x_transferred
    https://lists.fedoraproject.org/archives/list/pac… x_transferred
    https://lists.fedoraproject.org/archives/list/pac… x_transferred
    https://lists.fedoraproject.org/archives/list/pac… x_transferred
    https://security.gentoo.org/glsa/202310-03 x_transferred
    https://security.netapp.com/advisory/ntap-2023101… x_transferred
    https://www.debian.org/security/2023/dsa-5514 x_transferred
    https://www.cisa.gov/known-exploited-vulnerabilit… government-resource
    https://cert-portal.siemens.com/productcert/html/…
    https://cert-portal.siemens.com/productcert/html/…
    https://cert-portal.siemens.com/productcert/html/…
    Impacted products
    Vendor Product Version
    Affected: 2.34 , < 2.39 (custom)
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:2.28-225.el8_8.6 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
        cpe:/o:redhat:enterprise_linux:8::baseos
        cpe:/a:redhat:enterprise_linux:8::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Unaffected: 0:2.28-189.6.el8_6 , < * (rpm)
        cpe:/o:redhat:rhel_eus:8.6::baseos
        cpe:/a:redhat:rhel_eus:8.6::appstream
        cpe:/o:redhat:rhev_hypervisor:4.4::el8
        cpe:/a:redhat:rhel_eus:8.6::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:2.34-60.el9_2.7 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::appstream
        cpe:/a:redhat:enterprise_linux:9::crb
        cpe:/o:redhat:enterprise_linux:9::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:2.34-28.el9_0.4 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.0::appstream
        cpe:/o:redhat:rhel_eus:9.0::baseos
        cpe:/a:redhat:rhel_eus:9.0::crb
    Create a notification for this product.
    Red Hat Red Hat Virtualization 4 for Red Hat Enterprise Linux 8 Unaffected: 0:2.28-189.6.el8_6 , < * (rpm)
        cpe:/o:redhat:rhel_eus:8.6::baseos
        cpe:/a:redhat:rhel_eus:8.6::appstream
        cpe:/o:redhat:rhev_hypervisor:4.4::el8
        cpe:/a:redhat:rhel_eus:8.6::crb
    Create a notification for this product.
    Red Hat Red Hat Virtualization 4 for Red Hat Enterprise Linux 8 Unaffected: 0:4.5.3-10.el8ev , < * (rpm)
        cpe:/o:redhat:rhev_hypervisor:4.4::el8
    Create a notification for this product.
    Red Hat Red Hat Virtualization 4 for Red Hat Enterprise Linux 8 Unaffected: 0:4.5.3-202312060823_8.6 , < * (rpm)
        cpe:/o:redhat:rhev_hypervisor:4.4::el8
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
    Create a notification for this product.
    Siemens SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Affected: V3.1.5 , < * (custom)
    Create a notification for this product.
    Siemens SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP Affected: V3.1.5 , < * (custom)
    Create a notification for this product.
    Siemens SIPLUS S7-1500 CPU 1518-4 PN/DP MFP Affected: V3.1.5 , < * (custom)
    Create a notification for this product.
    Date Public
    2023-10-03 17:00
    Credits
    Red Hat would like to thank Qualys Research Labs for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2026-02-13T17:01:57.799Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "https://www.exploit-db.com/exploits/52479"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/174986/glibc-ld.so-Local-Privilege-Escalation.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/176288/Glibc-Tunables-Privilege-Escalation.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2023/Oct/11"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/10/03/2"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/10/03/3"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/10/05/1"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/10/13/11"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/10/14/3"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/10/14/5"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/10/14/6"
              },
              {
                "name": "RHSA-2023:5453",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2023:5453"
              },
              {
                "name": "RHSA-2023:5454",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2023:5454"
              },
              {
                "name": "RHSA-2023:5455",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2023:5455"
              },
              {
                "name": "RHSA-2023:5476",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2023:5476"
              },
              {
                "name": "RHSA-2024:0033",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0033"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2023-4911"
              },
              {
                "name": "RHBZ#2238352",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2238352"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DBUQRRPB47TC3NJOUIBVWUGFHBJAFDL/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DFG4P76UHHZEWQ26FWBXG76N2QLKKPZA/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NDAQWHTSVOCOZ5K6KPIWKRT3JX4RTZUR/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202310-03"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20231013-0006/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2023/dsa-5514"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.qualys.com/cve-2023-4911/"
              }
            ],
            "title": "CVE Program Container",
            "x_generator": {
              "engine": "ADPogram 0.0.1"
            }
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-4911",
                    "options": [
                      {
                        "Exploitation": "active"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-15T19:45:35.724824Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              },
              {
                "other": {
                  "content": {
                    "dateAdded": "2023-11-21",
                    "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-4911"
                  },
                  "type": "kev"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-21T23:05:35.687Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "government-resource"
                ],
                "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-4911"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2023-11-21T00:00:00.000Z",
                "value": "CVE-2023-4911 added to CISA KEV"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "defaultStatus": "unknown",
                "product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "V3.1.5",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "defaultStatus": "unknown",
                "product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "V3.1.5",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "defaultStatus": "unknown",
                "product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "V3.1.5",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "defaultStatus": "unknown",
                "product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "V3.1.5",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "defaultStatus": "unknown",
                "product": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "V3.1.5",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-12T10:18:01.935Z",
              "orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
              "shortName": "siemens-SADP"
            },
            "references": [
              {
                "url": "https://cert-portal.siemens.com/productcert/html/ssa-831302.html"
              },
              {
                "url": "https://cert-portal.siemens.com/productcert/html/ssa-794697.html"
              },
              {
                "url": "https://cert-portal.siemens.com/productcert/html/ssa-082556.html"
              }
            ],
            "x_adpType": "supplier"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://sourceware.org/git/glibc.git",
              "defaultStatus": "unaffected",
              "packageName": "glibc",
              "versions": [
                {
                  "lessThan": "2.39",
                  "status": "affected",
                  "version": "2.34",
                  "versionType": "custom"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream",
                "cpe:/o:redhat:enterprise_linux:8::baseos",
                "cpe:/a:redhat:enterprise_linux:8::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "glibc",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:2.28-225.el8_8.6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream",
                "cpe:/o:redhat:enterprise_linux:8::baseos",
                "cpe:/a:redhat:enterprise_linux:8::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "glibc",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:2.28-225.el8_8.6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:8.6::baseos",
                "cpe:/a:redhat:rhel_eus:8.6::appstream",
                "cpe:/o:redhat:rhev_hypervisor:4.4::el8",
                "cpe:/a:redhat:rhel_eus:8.6::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "glibc",
              "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:2.28-189.6.el8_6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream",
                "cpe:/a:redhat:enterprise_linux:9::crb",
                "cpe:/o:redhat:enterprise_linux:9::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "glibc",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:2.34-60.el9_2.7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream",
                "cpe:/a:redhat:enterprise_linux:9::crb",
                "cpe:/o:redhat:enterprise_linux:9::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "glibc",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:2.34-60.el9_2.7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.0::appstream",
                "cpe:/o:redhat:rhel_eus:9.0::baseos",
                "cpe:/a:redhat:rhel_eus:9.0::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "glibc",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:2.34-28.el9_0.4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:8.6::baseos",
                "cpe:/a:redhat:rhel_eus:8.6::appstream",
                "cpe:/o:redhat:rhev_hypervisor:4.4::el8",
                "cpe:/a:redhat:rhel_eus:8.6::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "glibc",
              "product": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:2.28-189.6.el8_6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhev_hypervisor:4.4::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "redhat-release-virtualization-host",
              "product": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.5.3-10.el8ev",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhev_hypervisor:4.4::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "redhat-virtualization-host",
              "product": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.5.3-202312060823_8.6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:6"
              ],
              "defaultStatus": "unaffected",
              "packageName": "glibc",
              "product": "Red Hat Enterprise Linux 6",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7"
              ],
              "defaultStatus": "unaffected",
              "packageName": "compat-glibc",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7"
              ],
              "defaultStatus": "unaffected",
              "packageName": "glibc",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Red Hat would like to thank Qualys Research Labs for reporting this issue."
            }
          ],
          "datePublic": "2023-10-03T17:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A buffer overflow was discovered in the GNU C Library\u0027s dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-122",
                  "description": "Heap-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-05T17:25:54.427Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2023:5453",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2023:5453"
            },
            {
              "name": "RHSA-2023:5454",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2023:5454"
            },
            {
              "name": "RHSA-2023:5455",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2023:5455"
            },
            {
              "name": "RHSA-2023:5476",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2023:5476"
            },
            {
              "name": "RHSA-2024:0033",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0033"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2023-4911"
            },
            {
              "name": "RHBZ#2238352",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2238352"
            },
            {
              "url": "https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt"
            },
            {
              "url": "https://www.qualys.com/cve-2023-4911/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-09-04T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2023-10-03T17:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Glibc: buffer overflow in ld.so leading to privilege escalation",
          "workarounds": [
            {
              "lang": "en",
              "value": "For customers who cannot update immediately and do not have Secure Boot feature enabled, the issue can be mitigated using the provided SystemTap script with the following steps.  When enabled, any setuid program invoked with GLIBC_TUNABLES in the environment will be terminated immediately.  To invoke the setuid program, users will then have to unset or clear the GLIBC_TUNABLES envvar, e.g. `GLIBC_TUNABLES= sudo` . \n\nNote that these mitigation steps will need to be repeated if the system is rebooted.\n\n1)    Install required systemtap packages and dependencies as per - https://access.redhat.com/solutions/5441\n\n\n2)    Create the following systemtap script, and name it stap_block_suid_tunables.stp:\n    ~~~\nfunction has_tunable_string:long()\n{\n  name = \"GLIBC_TUNABLES\"\n\n  mm = @task(task_current())-\u003emm;\n  if (mm)\n    {\n      env_start = @mm(mm)-\u003eenv_start;\n      env_end = @mm(mm)-\u003eenv_end;\n\n      if (env_start != 0 \u0026\u0026 env_end != 0)\n        while (env_end \u003e env_start)\n          {\n            cur = user_string(env_start, \"\");\n            env_name = tokenize(cur, \"=\");\n      \n            if (env_name == name \u0026\u0026 tokenize(\"\", \"\") != \"\")\n              return 1;\n            env_start += strlen (cur) + 1\n          }\n    }\n\n  return 0;\n}\n\nprobe process(\"/lib*/ld*.so*\").function(\"__tunables_init\")\n{\n  atsecure = 0;\n  /* Skip processing if we can\u0027t read __libc_enable_secure, e.g. core dump\n     handler (systemd-cgroups-agent and systemd-coredump).  */\n  try { atsecure = @var(\"__libc_enable_secure\"); }\n  catch { printk (4, sprintf (\"CVE-2023-4911: Skipped check: %s (%d)\", execname(), pid())); }\n  if (atsecure \u0026\u0026 has_tunable_string ())\n    raise (9);\n}\n~~~\n\n3) Load the systemtap module into the running kernel:\n    ~~~\n    stap -g -F -m stap_block_suid_tunables stap_block_suid_tunables.stp\n    ~~~\n\n4) Ensure the module is loaded:\n    ~~~\n     lsmod | grep -i stap_block_suid_tunables\nstap_block_suid_tunables     249856  0\n~~~\n\n5) Once the glibc package is updated to the version containing the fix, the systemtap generated kernel module can be removed by running:\n    ~~~\n    rmmod stap_block_suid_tunables\n    ~~~\n\nIf Secure Boot is enabled on a system, the SystemTap module must be signed. An external compiling server can be used to sign the generated kernel module with a key enrolled into the kernel\u0027s keyring or starting with SystemTap 4.7 you can sign a module without a compile server. See further information here - https://www.redhat.com/sysadmin/secure-boot-systemtap"
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-122: Heap-based Buffer Overflow"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2023-4911",
        "datePublished": "2023-10-03T17:25:08.434Z",
        "dateReserved": "2023-09-12T13:10:32.495Z",
        "dateUpdated": "2026-05-12T10:18:01.935Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-31431 (GCVE-0-2026-31431)

    Vulnerability from cvelistv5 – Published: 2026-04-22 08:15 – Updated: 2026-07-01 12:05
    VLAI CISA CIRCL KEVIntel
    Title
    crypto: algif_aead - Revert to operating out-of-place
    Summary
    In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-place in algif_aead since the source and destination come from different mappings. Get rid of all the complexity added for in-place operation and just copy the AD directly.
    SSVC
    Exploitation: active Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-669 - Incorrect Resource Transfer Between Spheres
    • CWE-1288 - Improper Validation of Consistency within Input
    Assigner
    References
    URL Tags
    https://git.kernel.org/stable/c/893d22e0135fa394d…
    https://git.kernel.org/stable/c/19d43105a97be0810…
    https://git.kernel.org/stable/c/961cfa271a918ad4a…
    https://git.kernel.org/stable/c/3115af9644c342b35…
    https://git.kernel.org/stable/c/8b88d99341f139e23…
    https://git.kernel.org/stable/c/fafe0fa2995a0f707…
    https://git.kernel.org/stable/c/ce42ee423e58dffa5…
    https://git.kernel.org/stable/c/a664bf3d603dc3bdc…
    https://github.com/theori-io/copy-fail-CVE-2026-31431 exploit
    https://xint.io/blog/copy-fail-linux-distribution… mitigation
    https://lore.kernel.org/linux-cve-announce/202604… mitigation
    https://access.redhat.com/security/cve/cve-2026-3… mitigation
    https://www.cisa.gov/known-exploited-vulnerabilit… government-resource
    http://www.openwall.com/lists/oss-security/2026/0…
    https://copy.fail
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/04/30/2
    http://www.openwall.com/lists/oss-security/2026/04/30/5
    http://www.openwall.com/lists/oss-security/2026/04/30/6
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    https://websec.net/blog/cve-2026-31431-linux-algi…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/05/01/2
    http://www.openwall.com/lists/oss-security/2026/05/01/3
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/05/02/4
    http://www.openwall.com/lists/oss-security/2026/05/02/5
    http://www.openwall.com/lists/oss-security/2026/05/02/6
    http://www.openwall.com/lists/oss-security/2026/05/02/7
    http://www.openwall.com/lists/oss-security/2026/05/02/8
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/05/03/3
    http://www.openwall.com/lists/oss-security/2026/05/03/4
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/05/03/5
    http://www.openwall.com/lists/oss-security/2026/05/03/6
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/05/04/1
    http://www.openwall.com/lists/oss-security/2026/05/04/2
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/05/04/8
    http://www.openwall.com/lists/oss-security/2026/05/04/9
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/05/06/5
    http://www.openwall.com/lists/oss-security/2026/05/07/2
    http://www.openwall.com/lists/oss-security/2026/0…
    http://www.openwall.com/lists/oss-security/2026/0…
    https://www.kb.cert.org/vuls/id/260001
    http://www.openwall.com/lists/oss-security/2026/05/18/3
    https://cert-portal.siemens.com/productcert/html/…
    https://cert-portal.siemens.com/productcert/html/…
    https://access.redhat.com/security/cve/CVE-2026-31431 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2460538 issue-trackingx_refsource_REDHAT
    https://security.access.redhat.com/data/csaf/v2/v… x_sadp-csaf-vex
    https://access.redhat.com/errata/RHSA-2026:14926 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:33486 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:14097 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:14112 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:15087 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:14773 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:13729 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:13885 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:13727 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:13690 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:13862 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:13811 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:13887 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:13566 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:19074 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:13936 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:13734 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:13932 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:14339 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:13565 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:19225 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:13577 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:15976 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:14165 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:14230 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:16111 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:13681 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:16210 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:16209 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:16208 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:16063 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:16018 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:15978 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:13578 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:14137 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:14301 vendor-advisoryx_refsource_REDHAT
    Impacted products
    Vendor Product Version
    Linux Linux Affected: 72548b093ee38a6d4f2a19e6ef1948ae05c181f7 , < 893d22e0135fa394db81df88697fba6032747667 (git)
    Affected: 72548b093ee38a6d4f2a19e6ef1948ae05c181f7 , < 19d43105a97be0810edbda875f2cd03f30dc130c (git)
    Affected: 72548b093ee38a6d4f2a19e6ef1948ae05c181f7 , < 961cfa271a918ad4ae452420e7c303149002875b (git)
    Affected: 72548b093ee38a6d4f2a19e6ef1948ae05c181f7 , < 3115af9644c342b356f3f07a4dd1c8905cd9a6fc (git)
    Affected: 72548b093ee38a6d4f2a19e6ef1948ae05c181f7 , < 8b88d99341f139e23bdeb1027a2a3ae10d341d82 (git)
    Affected: 72548b093ee38a6d4f2a19e6ef1948ae05c181f7 , < fafe0fa2995a0f7073c1c358d7d3145bcc9aedd8 (git)
    Affected: 72548b093ee38a6d4f2a19e6ef1948ae05c181f7 , < ce42ee423e58dffa5ec03524054c9d8bfd4f6237 (git)
    Affected: 72548b093ee38a6d4f2a19e6ef1948ae05c181f7 , < a664bf3d603dc3bdcf9ae47cc21e0daec706d7a5 (git)
    Create a notification for this product.
    Linux Linux Affected: 4.14
    Unaffected: 0 , < 4.14 (semver)
    Unaffected: 5.10.254 , ≤ 5.10.* (semver)
    Unaffected: 5.15.204 , ≤ 5.15.* (semver)
    Unaffected: 6.1.170 , ≤ 6.1.* (semver)
    Unaffected: 6.6.137 , ≤ 6.6.* (semver)
    Unaffected: 6.12.85 , ≤ 6.12.* (semver)
    Unaffected: 6.18.22 , ≤ 6.18.* (semver)
    Unaffected: 6.19.12 , ≤ 6.19.* (semver)
    Unaffected: 7.0 , ≤ * (original_commit_for_fix)
    Create a notification for this product.
    Siemens SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Affected: V3.1.5 , < * (custom)
    Create a notification for this product.
    Siemens SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP Affected: V3.1.5 , < * (custom)
    Create a notification for this product.
    Siemens SIMATIC S7-1500 TM MFP - GNU/Linux subsystem Affected: 0 , < * (custom)
    Create a notification for this product.
    Siemens SIPLUS S7-1500 CPU 1518-4 PN/DP MFP Affected: V3.1.5 , < * (custom)
    Create a notification for this product.
    Red Hat NVIDIA for RHEL 10     cpe:/a:redhat:enterprise_linux_nvidia:10::el10
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4.12     cpe:/a:redhat:openshift:4.12::el8
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4.13     cpe:/a:redhat:openshift:4.13::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4.14     cpe:/a:redhat:openshift:4.14::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4.15     cpe:/a:redhat:openshift:4.15::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4.16     cpe:/a:redhat:openshift:4.16::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4.17     cpe:/a:redhat:openshift:4.17::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4.18     cpe:/a:redhat:openshift:4.18::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4.19     cpe:/a:redhat:openshift:4.19::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4.20     cpe:/a:redhat:openshift:4.20::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4.21     cpe:/a:redhat:openshift:4.21::el9
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream EUS (v. 10.0)     cpe:/o:redhat:enterprise_linux_eus:10.0
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream (v. 10)     cpe:/o:redhat:enterprise_linux:10.1
        cpe:/o:redhat:enterprise_linux:10.2
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream E4S (v.9.0)     cpe:/a:redhat:rhel_e4s:9.0::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream E4S (v.9.2)     cpe:/a:redhat:rhel_e4s:9.2::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream EUS (v.9.4)     cpe:/a:redhat:rhel_eus:9.4::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream EUS (v.9.6)     cpe:/a:redhat:rhel_eus:9.6::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux AppStream (v. 9)     cpe:/a:redhat:enterprise_linux:9::appstream
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux BaseOS EUS (v. 10.0)     cpe:/o:redhat:enterprise_linux_eus:10.0
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux BaseOS (v. 10)     cpe:/o:redhat:enterprise_linux:10.1
        cpe:/o:redhat:enterprise_linux:10.2
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux BaseOS (v. 8)     cpe:/o:redhat:enterprise_linux:8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux BaseOS AUS (v.8.4)     cpe:/o:redhat:rhel_aus:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)     cpe:/o:redhat:rhel_eus_long_life:8.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux BaseOS AUS (v.8.6)     cpe:/o:redhat:rhel_aus:8.6::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux BaseOS E4S (v.8.6)     cpe:/o:redhat:rhel_e4s:8.6::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux BaseOS TUS (v.8.6)     cpe:/o:redhat:rhel_tus:8.6::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux BaseOS E4S (v.8.8)     cpe:/o:redhat:rhel_e4s:8.8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux BaseOS TUS (v.8.8)     cpe:/o:redhat:rhel_tus:8.8::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux BaseOS E4S (v.9.0)     cpe:/o:redhat:rhel_e4s:9.0::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux BaseOS E4S (v.9.2)     cpe:/o:redhat:rhel_e4s:9.2::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux BaseOS EUS (v.9.4)     cpe:/o:redhat:rhel_eus:9.4::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux BaseOS EUS (v.9.6)     cpe:/o:redhat:rhel_eus:9.6::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux BaseOS (v. 9)     cpe:/o:redhat:enterprise_linux:9::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)     cpe:/o:redhat:enterprise_linux_eus:10.0
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)     cpe:/o:redhat:enterprise_linux:10.1
        cpe:/o:redhat:enterprise_linux:10.2
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux CRB (v. 8)     cpe:/a:redhat:enterprise_linux:8::crb
    Create a notification for this product.
    Red Hat Red Hat CodeReady Linux Builder EUS (v.9.4)     cpe:/a:redhat:rhel_eus:9.4::crb
    Create a notification for this product.
    Red Hat Red Hat CodeReady Linux Builder EUS (v.9.6)     cpe:/a:redhat:rhel_eus:9.6::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)     cpe:/a:redhat:enterprise_linux:9::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux Real Time for NFV EUS (v. 10.0)     cpe:/o:redhat:enterprise_linux_eus:10.0
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux Real Time for NFV (v. 10)     cpe:/o:redhat:enterprise_linux:10.1
        cpe:/o:redhat:enterprise_linux:10.2
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux NFV (v. 8)     cpe:/a:redhat:enterprise_linux:8::nfv
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux NFV E4S (v.9.0)     cpe:/a:redhat:rhel_e4s:9.0::nfv
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)     cpe:/a:redhat:rhel_e4s:9.2::nfv
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux Real Time for NFV EUS (v.9.4)     cpe:/a:redhat:rhel_eus:9.4::nfv
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux Real Time for NFV EUS (v.9.6)     cpe:/a:redhat:rhel_eus:9.6::nfv
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux Real Time for NFV (v. 9)     cpe:/a:redhat:enterprise_linux:9::nfv
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux Real Time EUS (v. 10.0)     cpe:/o:redhat:enterprise_linux_eus:10.0
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux Real Time (v. 10)     cpe:/o:redhat:enterprise_linux:10.1
        cpe:/o:redhat:enterprise_linux:10.2
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux RT (v. 8)     cpe:/a:redhat:enterprise_linux:8::realtime
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux Real Time E4S (v.9.0)     cpe:/a:redhat:rhel_e4s:9.0::realtime
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux Real Time E4S (v.9.2)     cpe:/a:redhat:rhel_e4s:9.2::realtime
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux Real Time EUS (v.9.4)     cpe:/a:redhat:rhel_eus:9.4::realtime
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux Real Time EUS (v.9.6)     cpe:/a:redhat:rhel_eus:9.6::realtime
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux Real Time (v. 9)     cpe:/a:redhat:enterprise_linux:9::realtime
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-31431",
                    "options": [
                      {
                        "Exploitation": "active"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-29T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              },
              {
                "other": {
                  "content": {
                    "dateAdded": "2026-05-01",
                    "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-31431"
                  },
                  "type": "kev"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-669",
                    "description": "CWE-669 Incorrect Resource Transfer Between Spheres",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-02T03:55:23.146Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://github.com/theori-io/copy-fail-CVE-2026-31431"
              },
              {
                "tags": [
                  "mitigation"
                ],
                "url": "https://xint.io/blog/copy-fail-linux-distributions#the-fix-6"
              },
              {
                "tags": [
                  "mitigation"
                ],
                "url": "https://lore.kernel.org/linux-cve-announce/2026042214-CVE-2026-31431-3d65@gregkh/"
              },
              {
                "tags": [
                  "mitigation"
                ],
                "url": "https://access.redhat.com/security/cve/cve-2026-31431#cve-details-mitigation"
              },
              {
                "tags": [
                  "government-resource"
                ],
                "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-31431"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-05-01T00:00:00.000Z",
                "value": "CVE-2026-31431 added to CISA KEV"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2026-05-18T17:44:54.264Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/04/29/23"
              },
              {
                "url": "https://copy.fail"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/04/29/25"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/04/29/26"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/04/30/2"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/04/30/5"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/04/30/6"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/04/30/10"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/04/30/11"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/04/30/12"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/04/30/14"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/04/30/15"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/04/30/16"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/04/30/17"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/04/30/18"
              },
              {
                "url": "https://websec.net/blog/cve-2026-31431-linux-algifaead-page-cache-write-to-root-69f38a4ccddd2db1f520f170"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/04/30/20"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/01/2"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/01/3"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/01/10"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/01/12"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/01/15"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/01/16"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/01/17"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/01/18"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/01/22"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/01/23"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/01/24"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/02/4"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/02/5"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/02/6"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/02/7"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/02/8"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/02/14"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/02/15"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/02/16"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/02/17"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/02/18"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/02/19"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/02/20"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/02/21"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/02/23"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/02/24"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/02/25"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/03/3"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/03/4"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/03/10"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/03/5"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/03/6"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/03/12"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/03/13"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/04/1"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/04/2"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/04/10"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/04/11"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/04/12"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/04/13"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/04/14"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/04/8"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/04/9"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/04/24"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/04/27"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/04/28"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/04/29"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/04/31"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/06/5"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/07/2"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/07/12"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/08/13"
              },
              {
                "url": "https://www.kb.cert.org/vuls/id/260001"
              },
              {
                "url": "http://www.openwall.com/lists/oss-security/2026/05/18/3"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "defaultStatus": "unknown",
                "product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "V3.1.5",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "defaultStatus": "unknown",
                "product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "V3.1.5",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "defaultStatus": "unknown",
                "product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "V3.1.5",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "defaultStatus": "unknown",
                "product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "V3.1.5",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "defaultStatus": "unknown",
                "product": "SIMATIC S7-1500 TM MFP - GNU/Linux subsystem",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "defaultStatus": "unknown",
                "product": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "V3.1.5",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-12T12:09:03.910Z",
              "orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
              "shortName": "siemens-SADP"
            },
            "references": [
              {
                "url": "https://cert-portal.siemens.com/productcert/html/ssa-265688.html"
              },
              {
                "url": "https://cert-portal.siemens.com/productcert/html/ssa-082556.html"
              }
            ],
            "x_adpType": "supplier"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux_nvidia:10::el10"
                ],
                "defaultStatus": "affected",
                "product": "NVIDIA for RHEL 10",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift:4.12::el8"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Container Platform 4.12",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift:4.13::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Container Platform 4.13",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift:4.14::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Container Platform 4.14",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift:4.15::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Container Platform 4.15",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift:4.16::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Container Platform 4.16",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift:4.17::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Container Platform 4.17",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift:4.18::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Container Platform 4.18",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift:4.19::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Container Platform 4.19",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift:4.20::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Container Platform 4.20",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:openshift:4.21::el9"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat OpenShift Container Platform 4.21",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux_eus:10.0"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10.1",
                  "cpe:/o:redhat:enterprise_linux:10.2"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream (v. 10)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_e4s:9.0::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream E4S (v.9.0)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_e4s:9.2::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream E4S (v.9.2)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_eus:9.4::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream EUS (v.9.4)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_eus:9.6::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream EUS (v.9.6)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux:9::appstream"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AppStream (v. 9)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux_eus:10.0"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10.1",
                  "cpe:/o:redhat:enterprise_linux:10.2"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux BaseOS (v. 10)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8::baseos"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux BaseOS (v. 8)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:rhel_aus:8.4::baseos"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:rhel_aus:8.6::baseos"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:rhel_e4s:8.6::baseos"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:rhel_tus:8.6::baseos"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:rhel_e4s:8.8::baseos"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:rhel_tus:8.8::baseos"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:rhel_e4s:9.0::baseos"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:rhel_e4s:9.2::baseos"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:rhel_eus:9.4::baseos"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:rhel_eus:9.6::baseos"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9::baseos"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux BaseOS (v. 9)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux_eus:10.0"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10.1",
                  "cpe:/o:redhat:enterprise_linux:10.2"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux:8::crb"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux CRB (v. 8)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_eus:9.4::crb"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat CodeReady Linux Builder EUS (v.9.4)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_eus:9.6::crb"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat CodeReady Linux Builder EUS (v.9.6)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux:9::crb"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux_eus:10.0"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux Real Time for NFV EUS (v. 10.0)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10.1",
                  "cpe:/o:redhat:enterprise_linux:10.2"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux Real Time for NFV (v. 10)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux:8::nfv"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux NFV (v. 8)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_e4s:9.0::nfv"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux NFV E4S (v.9.0)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_e4s:9.2::nfv"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_eus:9.4::nfv"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux Real Time for NFV EUS (v.9.4)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_eus:9.6::nfv"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux Real Time for NFV EUS (v.9.6)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux:9::nfv"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux Real Time for NFV (v. 9)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux_eus:10.0"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux Real Time EUS (v. 10.0)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10.1",
                  "cpe:/o:redhat:enterprise_linux:10.2"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux Real Time (v. 10)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux:8::realtime"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux RT (v. 8)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_e4s:9.0::realtime"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux Real Time E4S (v.9.0)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_e4s:9.2::realtime"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux Real Time E4S (v.9.2)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_eus:9.4::realtime"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux Real Time EUS (v.9.4)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:rhel_eus:9.6::realtime"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux Real Time EUS (v.9.6)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux:9::realtime"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux Real Time (v. 9)",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:6"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 6",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:7"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 7",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-04-22T00:00:00.000Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in the Linux kernel\u0027s algif_aead cryptographic algorithm interface. An incorrect in-place operation causes source and destination data mappings to differ during cryptographic processing. A low-privileged local attacker can exploit this flaw to corrupt the contents of sensitive system files and escalate to root privileges."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-1288",
                    "description": "Improper Validation of Consistency within Input",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-01T12:05:08.344Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-31431"
              },
              {
                "name": "RHBZ#2460538",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460538"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-31431.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:14926"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:33486"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:14097"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:14112"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:15087"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:14773"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:13729"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:13885"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:13727"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:13690"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:13862"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:13811"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:13887"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:13566"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19074"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:13936"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:13734"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:13932"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:14339"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:13565"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:19225"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:13577"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:15976"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:14165"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:14230"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:16111"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:13681"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:16210"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:16209"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:16208"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:16063"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:16018"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:15978"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:13578"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:14137"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:14301"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:14926: NVIDIA for RHEL 10"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:33486: NVIDIA for RHEL 10"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:14097: Red Hat OpenShift Container Platform 4.12"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:14112: Red Hat OpenShift Container Platform 4.13"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:15087: Red Hat OpenShift Container Platform 4.14"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:14773: Red Hat OpenShift Container Platform 4.15"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:13729: Red Hat OpenShift Container Platform 4.16"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:13885: Red Hat OpenShift Container Platform 4.17"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:13727: Red Hat OpenShift Container Platform 4.18"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:13690: Red Hat OpenShift Container Platform 4.19"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:13862: Red Hat OpenShift Container Platform 4.20"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:13811: Red Hat OpenShift Container Platform 4.21"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:13887: Red Hat Enterprise Linux AppStream EUS (v. 10.0), Red Hat Enterprise Linux BaseOS EUS (v. 10.0), Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0), Red Hat Enterprise Linux Real Time EUS (v. 10.0), Red Hat Enterprise Linux Real Time for NFV EUS (v. 10.0)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:13566: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux BaseOS (v. 10), Red Hat Enterprise Linux CodeReady Linux Builder (v. 10), Red Hat Enterprise Linux Real Time (v. 10), Red Hat Enterprise Linux Real Time for NFV (v. 10)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19074: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux BaseOS (v. 10), Red Hat Enterprise Linux CodeReady Linux Builder (v. 10), Red Hat Enterprise Linux Real Time (v. 10), Red Hat Enterprise Linux Real Time for NFV (v. 10)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:13936: Red Hat Enterprise Linux AppStream E4S (v.9.0), Red Hat Enterprise Linux BaseOS E4S (v.9.0)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:13734: Red Hat Enterprise Linux AppStream E4S (v.9.2), Red Hat Enterprise Linux BaseOS E4S (v.9.2)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:13932: Red Hat CodeReady Linux Builder EUS (v.9.4), Red Hat Enterprise Linux AppStream EUS (v.9.4), Red Hat Enterprise Linux BaseOS EUS (v.9.4), Red Hat Enterprise Linux Real Time EUS (v.9.4), Red Hat Enterprise Linux Real Time for NFV EUS (v.9.4)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:14339: Red Hat CodeReady Linux Builder EUS (v.9.6), Red Hat Enterprise Linux AppStream EUS (v.9.6), Red Hat Enterprise Linux BaseOS EUS (v.9.6), Red Hat Enterprise Linux Real Time EUS (v.9.6), Red Hat Enterprise Linux Real Time for NFV EUS (v.9.6)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:13565: Red Hat Enterprise Linux AppStream (v. 9), Red Hat Enterprise Linux BaseOS (v. 9), Red Hat Enterprise Linux CodeReady Linux Builder (v. 9), Red Hat Enterprise Linux Real Time (v. 9), Red Hat Enterprise Linux Real Time for NFV (v. 9)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:19225: Red Hat Enterprise Linux AppStream (v. 9), Red Hat Enterprise Linux BaseOS (v. 9), Red Hat Enterprise Linux CodeReady Linux Builder (v. 9), Red Hat Enterprise Linux Real Time (v. 9), Red Hat Enterprise Linux Real Time for NFV (v. 9)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:13577: Red Hat Enterprise Linux BaseOS (v. 8), Red Hat Enterprise Linux CRB (v. 8)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:15976: Red Hat Enterprise Linux BaseOS (v. 8)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:14165: Red Hat Enterprise Linux BaseOS AUS (v.8.4), Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:14230: Red Hat Enterprise Linux BaseOS AUS (v.8.6), Red Hat Enterprise Linux BaseOS E4S (v.8.6), Red Hat Enterprise Linux BaseOS TUS (v.8.6)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:16111: Red Hat Enterprise Linux BaseOS E4S (v.8.6)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:13681: Red Hat Enterprise Linux BaseOS E4S (v.8.8), Red Hat Enterprise Linux BaseOS TUS (v.8.8)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:16210: Red Hat Enterprise Linux BaseOS E4S (v.8.8)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:16209: Red Hat Enterprise Linux BaseOS E4S (v.9.0)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:16208: Red Hat Enterprise Linux BaseOS E4S (v.9.2)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:16063: Red Hat Enterprise Linux BaseOS EUS (v.9.4)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:16018: Red Hat Enterprise Linux BaseOS EUS (v.9.6)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:15978: Red Hat Enterprise Linux BaseOS (v. 9)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:13578: Red Hat Enterprise Linux NFV (v. 8), Red Hat Enterprise Linux RT (v. 8)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:14137: Red Hat Enterprise Linux NFV E4S (v.9.0), Red Hat Enterprise Linux Real Time E4S (v.9.0)"
              },
              {
                "lang": "en",
                "value": "RHSA-2026:14301: Red Hat Enterprise Linux Real Time E4S (v.9.2), Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-04-22T00:00:00.000Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-04-22T00:00:00.000Z",
                "value": "Made public."
              }
            ],
            "title": "kernel: crypto: algif_aead - Revert to operating out-of-place",
            "workarounds": [
              {
                "lang": "en",
                "value": "See the security bulletin for a detailed mitigation procedure."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Linux",
              "programFiles": [
                "crypto/af_alg.c",
                "crypto/algif_aead.c",
                "crypto/algif_skcipher.c",
                "include/crypto/if_alg.h"
              ],
              "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
              "vendor": "Linux",
              "versions": [
                {
                  "lessThan": "893d22e0135fa394db81df88697fba6032747667",
                  "status": "affected",
                  "version": "72548b093ee38a6d4f2a19e6ef1948ae05c181f7",
                  "versionType": "git"
                },
                {
                  "lessThan": "19d43105a97be0810edbda875f2cd03f30dc130c",
                  "status": "affected",
                  "version": "72548b093ee38a6d4f2a19e6ef1948ae05c181f7",
                  "versionType": "git"
                },
                {
                  "lessThan": "961cfa271a918ad4ae452420e7c303149002875b",
                  "status": "affected",
                  "version": "72548b093ee38a6d4f2a19e6ef1948ae05c181f7",
                  "versionType": "git"
                },
                {
                  "lessThan": "3115af9644c342b356f3f07a4dd1c8905cd9a6fc",
                  "status": "affected",
                  "version": "72548b093ee38a6d4f2a19e6ef1948ae05c181f7",
                  "versionType": "git"
                },
                {
                  "lessThan": "8b88d99341f139e23bdeb1027a2a3ae10d341d82",
                  "status": "affected",
                  "version": "72548b093ee38a6d4f2a19e6ef1948ae05c181f7",
                  "versionType": "git"
                },
                {
                  "lessThan": "fafe0fa2995a0f7073c1c358d7d3145bcc9aedd8",
                  "status": "affected",
                  "version": "72548b093ee38a6d4f2a19e6ef1948ae05c181f7",
                  "versionType": "git"
                },
                {
                  "lessThan": "ce42ee423e58dffa5ec03524054c9d8bfd4f6237",
                  "status": "affected",
                  "version": "72548b093ee38a6d4f2a19e6ef1948ae05c181f7",
                  "versionType": "git"
                },
                {
                  "lessThan": "a664bf3d603dc3bdcf9ae47cc21e0daec706d7a5",
                  "status": "affected",
                  "version": "72548b093ee38a6d4f2a19e6ef1948ae05c181f7",
                  "versionType": "git"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "Linux",
              "programFiles": [
                "crypto/af_alg.c",
                "crypto/algif_aead.c",
                "crypto/algif_skcipher.c",
                "include/crypto/if_alg.h"
              ],
              "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
              "vendor": "Linux",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.14"
                },
                {
                  "lessThan": "4.14",
                  "status": "unaffected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.10.*",
                  "status": "unaffected",
                  "version": "5.10.254",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.15.*",
                  "status": "unaffected",
                  "version": "5.15.204",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.1.*",
                  "status": "unaffected",
                  "version": "6.1.170",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.6.*",
                  "status": "unaffected",
                  "version": "6.6.137",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.12.*",
                  "status": "unaffected",
                  "version": "6.12.85",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.18.*",
                  "status": "unaffected",
                  "version": "6.18.22",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.19.*",
                  "status": "unaffected",
                  "version": "6.19.12",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "*",
                  "status": "unaffected",
                  "version": "7.0",
                  "versionType": "original_commit_for_fix"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "5.10.254",
                      "versionStartIncluding": "4.14",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "5.15.204",
                      "versionStartIncluding": "4.14",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.1.170",
                      "versionStartIncluding": "4.14",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.6.137",
                      "versionStartIncluding": "4.14",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.12.85",
                      "versionStartIncluding": "4.14",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.18.22",
                      "versionStartIncluding": "4.14",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.19.12",
                      "versionStartIncluding": "4.14",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "7.0",
                      "versionStartIncluding": "4.14",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: algif_aead - Revert to operating out-of-place\n\nThis mostly reverts commit 72548b093ee3 except for the copying of\nthe associated data.\n\nThere is no benefit in operating in-place in algif_aead since the\nsource and destination come from different mappings.  Get rid of\nall the complexity added for in-place operation and just copy the\nAD directly."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-11T22:08:34.612Z",
            "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
            "shortName": "Linux"
          },
          "references": [
            {
              "url": "https://git.kernel.org/stable/c/893d22e0135fa394db81df88697fba6032747667"
            },
            {
              "url": "https://git.kernel.org/stable/c/19d43105a97be0810edbda875f2cd03f30dc130c"
            },
            {
              "url": "https://git.kernel.org/stable/c/961cfa271a918ad4ae452420e7c303149002875b"
            },
            {
              "url": "https://git.kernel.org/stable/c/3115af9644c342b356f3f07a4dd1c8905cd9a6fc"
            },
            {
              "url": "https://git.kernel.org/stable/c/8b88d99341f139e23bdeb1027a2a3ae10d341d82"
            },
            {
              "url": "https://git.kernel.org/stable/c/fafe0fa2995a0f7073c1c358d7d3145bcc9aedd8"
            },
            {
              "url": "https://git.kernel.org/stable/c/ce42ee423e58dffa5ec03524054c9d8bfd4f6237"
            },
            {
              "url": "https://git.kernel.org/stable/c/a664bf3d603dc3bdcf9ae47cc21e0daec706d7a5"
            }
          ],
          "title": "crypto: algif_aead - Revert to operating out-of-place",
          "x_generator": {
            "engine": "bippy-1.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "assignerShortName": "Linux",
        "cveId": "CVE-2026-31431",
        "datePublished": "2026-04-22T08:15:10.123Z",
        "dateReserved": "2026-03-09T15:48:24.089Z",
        "dateUpdated": "2026-07-01T12:05:08.344Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-50302 (GCVE-0-2024-50302)

    Vulnerability from cvelistv5 – Published: 2024-11-19 01:30 – Updated: 2026-05-23 15:55
    VLAI CISA KEVIntel
    Title
    HID: core: zero-initialize the report buffer
    Summary
    In the Linux kernel, the following vulnerability has been resolved: HID: core: zero-initialize the report buffer Since the report buffer is used by all kinds of drivers in various ways, let's zero-initialize it during allocation to make sure that it can't be ever used to leak kernel memory via specially-crafted report.
    SSVC
    Exploitation: active Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-908 - Use of Uninitialized Resource
    Assigner
    Impacted products
    Vendor Product Version
    Linux Linux Affected: 27ce405039bfe6d3f4143415c638f56a3df77dca , < e7ea60184e1e88a3c9e437b3265cbb6439aa7e26 (git)
    Affected: 27ce405039bfe6d3f4143415c638f56a3df77dca , < 3f9e88f2672c4635960570ee9741778d4135ecf5 (git)
    Affected: 27ce405039bfe6d3f4143415c638f56a3df77dca , < d7dc68d82ab3fcfc3f65322465da3d7031d4ab46 (git)
    Affected: 27ce405039bfe6d3f4143415c638f56a3df77dca , < 05ade5d4337867929e7ef664e7ac8e0c734f1aaf (git)
    Affected: 27ce405039bfe6d3f4143415c638f56a3df77dca , < 1884ab3d22536a5c14b17c78c2ce76d1734e8b0b (git)
    Affected: 27ce405039bfe6d3f4143415c638f56a3df77dca , < 9d9f5c75c0c7f31766ec27d90f7a6ac673193191 (git)
    Affected: 27ce405039bfe6d3f4143415c638f56a3df77dca , < 492015e6249fbcd42138b49de3c588d826dd9648 (git)
    Affected: 27ce405039bfe6d3f4143415c638f56a3df77dca , < 177f25d1292c7e16e1199b39c85480f7f8815552 (git)
    Affected: b2b6cadad699d44a8a5b2a60f3d960e00d6fb3b7 (git)
    Affected: fe6c9b48ebc920ff21c10c50ab2729440c734254 (git)
    Affected: 3.10.16 , < 3.11 (semver)
    Affected: 3.11.5 , < 3.12 (semver)
    Create a notification for this product.
    Linux Linux Affected: 3.12
    Unaffected: 0 , < 3.12 (semver)
    Unaffected: 4.19.324 , ≤ 4.19.* (semver)
    Unaffected: 5.4.286 , ≤ 5.4.* (semver)
    Unaffected: 5.10.230 , ≤ 5.10.* (semver)
    Unaffected: 5.15.172 , ≤ 5.15.* (semver)
    Unaffected: 6.1.117 , ≤ 6.1.* (semver)
    Unaffected: 6.6.61 , ≤ 6.6.* (semver)
    Unaffected: 6.11.8 , ≤ 6.11.* (semver)
    Unaffected: 6.12 , ≤ * (original_commit_for_fix)
    Create a notification for this product.
    Siemens RUGGEDCOM RST2428P Unaffected: 0 , < * (custom)
    Create a notification for this product.
    Siemens SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family Unaffected: 0 , < * (custom)
    Create a notification for this product.
    Siemens SCALANCE XCM-/XRM-/XCH-/XRH-300 family Unaffected: 0 , < * (custom)
    Create a notification for this product.
    Siemens SIMATIC S7-1500 TM MFP - GNU/Linux subsystem Affected: 0 , < * (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "NONE",
                  "baseScore": 5.5,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-50302",
                    "options": [
                      {
                        "Exploitation": "active"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-05T04:55:26.718337Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              },
              {
                "other": {
                  "content": {
                    "dateAdded": "2025-03-04",
                    "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-50302"
                  },
                  "type": "kev"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-908",
                    "description": "CWE-908 Use of Uninitialized Resource",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-21T22:55:35.755Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "government-resource"
                ],
                "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-50302"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2025-03-04T00:00:00.000Z",
                "value": "CVE-2024-50302 added to CISA KEV"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-03T22:28:19.656Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"
              },
              {
                "url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "defaultStatus": "unknown",
                "product": "RUGGEDCOM RST2428P",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "defaultStatus": "unknown",
                "product": "SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "defaultStatus": "unknown",
                "product": "SCALANCE XCM-/XRM-/XCH-/XRH-300 family",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "defaultStatus": "unknown",
                "product": "SIMATIC S7-1500 TM MFP - GNU/Linux subsystem",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-12T12:01:00.886Z",
              "orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
              "shortName": "siemens-SADP"
            },
            "references": [
              {
                "url": "https://cert-portal.siemens.com/productcert/html/ssa-265688.html"
              },
              {
                "url": "https://cert-portal.siemens.com/productcert/html/ssa-355557.html"
              }
            ],
            "x_adpType": "supplier"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Linux",
              "programFiles": [
                "drivers/hid/hid-core.c"
              ],
              "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
              "vendor": "Linux",
              "versions": [
                {
                  "lessThan": "e7ea60184e1e88a3c9e437b3265cbb6439aa7e26",
                  "status": "affected",
                  "version": "27ce405039bfe6d3f4143415c638f56a3df77dca",
                  "versionType": "git"
                },
                {
                  "lessThan": "3f9e88f2672c4635960570ee9741778d4135ecf5",
                  "status": "affected",
                  "version": "27ce405039bfe6d3f4143415c638f56a3df77dca",
                  "versionType": "git"
                },
                {
                  "lessThan": "d7dc68d82ab3fcfc3f65322465da3d7031d4ab46",
                  "status": "affected",
                  "version": "27ce405039bfe6d3f4143415c638f56a3df77dca",
                  "versionType": "git"
                },
                {
                  "lessThan": "05ade5d4337867929e7ef664e7ac8e0c734f1aaf",
                  "status": "affected",
                  "version": "27ce405039bfe6d3f4143415c638f56a3df77dca",
                  "versionType": "git"
                },
                {
                  "lessThan": "1884ab3d22536a5c14b17c78c2ce76d1734e8b0b",
                  "status": "affected",
                  "version": "27ce405039bfe6d3f4143415c638f56a3df77dca",
                  "versionType": "git"
                },
                {
                  "lessThan": "9d9f5c75c0c7f31766ec27d90f7a6ac673193191",
                  "status": "affected",
                  "version": "27ce405039bfe6d3f4143415c638f56a3df77dca",
                  "versionType": "git"
                },
                {
                  "lessThan": "492015e6249fbcd42138b49de3c588d826dd9648",
                  "status": "affected",
                  "version": "27ce405039bfe6d3f4143415c638f56a3df77dca",
                  "versionType": "git"
                },
                {
                  "lessThan": "177f25d1292c7e16e1199b39c85480f7f8815552",
                  "status": "affected",
                  "version": "27ce405039bfe6d3f4143415c638f56a3df77dca",
                  "versionType": "git"
                },
                {
                  "status": "affected",
                  "version": "b2b6cadad699d44a8a5b2a60f3d960e00d6fb3b7",
                  "versionType": "git"
                },
                {
                  "status": "affected",
                  "version": "fe6c9b48ebc920ff21c10c50ab2729440c734254",
                  "versionType": "git"
                },
                {
                  "lessThan": "3.11",
                  "status": "affected",
                  "version": "3.10.16",
                  "versionType": "semver"
                },
                {
                  "lessThan": "3.12",
                  "status": "affected",
                  "version": "3.11.5",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "Linux",
              "programFiles": [
                "drivers/hid/hid-core.c"
              ],
              "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
              "vendor": "Linux",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.12"
                },
                {
                  "lessThan": "3.12",
                  "status": "unaffected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "4.19.*",
                  "status": "unaffected",
                  "version": "4.19.324",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.4.*",
                  "status": "unaffected",
                  "version": "5.4.286",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.10.*",
                  "status": "unaffected",
                  "version": "5.10.230",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.15.*",
                  "status": "unaffected",
                  "version": "5.15.172",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.1.*",
                  "status": "unaffected",
                  "version": "6.1.117",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.6.*",
                  "status": "unaffected",
                  "version": "6.6.61",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.11.*",
                  "status": "unaffected",
                  "version": "6.11.8",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "*",
                  "status": "unaffected",
                  "version": "6.12",
                  "versionType": "original_commit_for_fix"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.19.324",
                      "versionStartIncluding": "3.12",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "5.4.286",
                      "versionStartIncluding": "3.12",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "5.10.230",
                      "versionStartIncluding": "3.12",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "5.15.172",
                      "versionStartIncluding": "3.12",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.1.117",
                      "versionStartIncluding": "3.12",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.6.61",
                      "versionStartIncluding": "3.12",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.11.8",
                      "versionStartIncluding": "3.12",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.12",
                      "versionStartIncluding": "3.12",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                      "versionStartIncluding": "3.10.16",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                      "versionStartIncluding": "3.11.5",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: core: zero-initialize the report buffer\n\nSince the report buffer is used by all kinds of drivers in various ways, let\u0027s\nzero-initialize it during allocation to make sure that it can\u0027t be ever used\nto leak kernel memory via specially-crafted report."
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-23T15:55:02.106Z",
            "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
            "shortName": "Linux"
          },
          "references": [
            {
              "url": "https://git.kernel.org/stable/c/e7ea60184e1e88a3c9e437b3265cbb6439aa7e26"
            },
            {
              "url": "https://git.kernel.org/stable/c/3f9e88f2672c4635960570ee9741778d4135ecf5"
            },
            {
              "url": "https://git.kernel.org/stable/c/d7dc68d82ab3fcfc3f65322465da3d7031d4ab46"
            },
            {
              "url": "https://git.kernel.org/stable/c/05ade5d4337867929e7ef664e7ac8e0c734f1aaf"
            },
            {
              "url": "https://git.kernel.org/stable/c/1884ab3d22536a5c14b17c78c2ce76d1734e8b0b"
            },
            {
              "url": "https://git.kernel.org/stable/c/9d9f5c75c0c7f31766ec27d90f7a6ac673193191"
            },
            {
              "url": "https://git.kernel.org/stable/c/492015e6249fbcd42138b49de3c588d826dd9648"
            },
            {
              "url": "https://git.kernel.org/stable/c/177f25d1292c7e16e1199b39c85480f7f8815552"
            }
          ],
          "title": "HID: core: zero-initialize the report buffer",
          "x_generator": {
            "engine": "bippy-1.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "assignerShortName": "Linux",
        "cveId": "CVE-2024-50302",
        "datePublished": "2024-11-19T01:30:51.300Z",
        "dateReserved": "2024-10-21T19:36:19.987Z",
        "dateUpdated": "2026-05-23T15:55:02.106Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-49894 (GCVE-0-2024-49894)

    Vulnerability from cvelistv5 – Published: 2024-10-21 18:01 – Updated: 2026-05-12 11:58
    VLAI
    Title
    drm/amd/display: Fix index out of bounds in degamma hardware format translation
    Summary
    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix index out of bounds in degamma hardware format translation Fixes index out of bounds issue in `cm_helper_translate_curve_to_degamma_hw_format` function. The issue could occur when the index 'i' exceeds the number of transfer function points (TRANSFER_FUNC_POINTS). The fix adds a check to ensure 'i' is within bounds before accessing the transfer function points. If 'i' is out of bounds the function returns false to indicate an error. Reported by smatch: drivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:594 cm_helper_translate_curve_to_degamma_hw_format() error: buffer overflow 'output_tf->tf_pts.red' 1025 <= s32max drivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:595 cm_helper_translate_curve_to_degamma_hw_format() error: buffer overflow 'output_tf->tf_pts.green' 1025 <= s32max drivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:596 cm_helper_translate_curve_to_degamma_hw_format() error: buffer overflow 'output_tf->tf_pts.blue' 1025 <= s32max
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    Assigner
    Impacted products
    Vendor Product Version
    Linux Linux Affected: 4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c , < b3dfa878257a7e98830b3009ca5831a01d8f85fc (git)
    Affected: 4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c , < f5f6d90087131812c1e4b9d3103f400f1624396d (git)
    Affected: 4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c , < c130a3c09e3746c1a09ce26c20d21d449d039b1d (git)
    Affected: 4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c , < c6979719012a90e5b8e3bc31725fbfdd0b9b2b79 (git)
    Affected: 4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c , < 2495c8e272d84685403506833a664fad932e453a (git)
    Affected: 4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c , < 122e3a7a8c7bcbe3aacddd6103f67f9f36bed473 (git)
    Affected: 4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c , < 2f5da549535be8ccd2ab7c9abac8562ad370b181 (git)
    Affected: 4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c , < 07078fa5d589a7fbce8f81ea8acf7aa0021ab38e (git)
    Affected: 4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c , < b7e99058eb2e86aabd7a10761e76cae33d22b49f (git)
    Create a notification for this product.
    Linux Linux Affected: 4.15
    Unaffected: 0 , < 4.15 (semver)
    Unaffected: 4.19.323 , ≤ 4.19.* (semver)
    Unaffected: 5.4.285 , ≤ 5.4.* (semver)
    Unaffected: 5.10.227 , ≤ 5.10.* (semver)
    Unaffected: 5.15.168 , ≤ 5.15.* (semver)
    Unaffected: 6.1.113 , ≤ 6.1.* (semver)
    Unaffected: 6.6.55 , ≤ 6.6.* (semver)
    Unaffected: 6.10.14 , ≤ 6.10.* (semver)
    Unaffected: 6.11.3 , ≤ 6.11.* (semver)
    Unaffected: 6.12 , ≤ * (original_commit_for_fix)
    Create a notification for this product.
    Siemens RUGGEDCOM RST2428P Unaffected: 0 , < * (custom)
    Create a notification for this product.
    Siemens SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family Unaffected: 0 , < * (custom)
    Create a notification for this product.
    Siemens SCALANCE XCM-/XRM-/XCH-/XRH-300 family Unaffected: 0 , < * (custom)
    Create a notification for this product.
    Siemens SIMATIC S7-1500 TM MFP - GNU/Linux subsystem Affected: 0 , < * (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-49894",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-22T13:43:53.969023Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-22T13:48:48.651Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-03T22:22:58.352Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"
              },
              {
                "url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "defaultStatus": "unknown",
                "product": "RUGGEDCOM RST2428P",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "defaultStatus": "unknown",
                "product": "SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "defaultStatus": "unknown",
                "product": "SCALANCE XCM-/XRM-/XCH-/XRH-300 family",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "unaffected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "defaultStatus": "unknown",
                "product": "SIMATIC S7-1500 TM MFP - GNU/Linux subsystem",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-12T11:58:57.343Z",
              "orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
              "shortName": "siemens-SADP"
            },
            "references": [
              {
                "url": "https://cert-portal.siemens.com/productcert/html/ssa-265688.html"
              },
              {
                "url": "https://cert-portal.siemens.com/productcert/html/ssa-355557.html"
              }
            ],
            "x_adpType": "supplier"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Linux",
              "programFiles": [
                "drivers/gpu/drm/amd/display/dc/dcn10/dcn10_cm_common.c"
              ],
              "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
              "vendor": "Linux",
              "versions": [
                {
                  "lessThan": "b3dfa878257a7e98830b3009ca5831a01d8f85fc",
                  "status": "affected",
                  "version": "4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c",
                  "versionType": "git"
                },
                {
                  "lessThan": "f5f6d90087131812c1e4b9d3103f400f1624396d",
                  "status": "affected",
                  "version": "4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c",
                  "versionType": "git"
                },
                {
                  "lessThan": "c130a3c09e3746c1a09ce26c20d21d449d039b1d",
                  "status": "affected",
                  "version": "4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c",
                  "versionType": "git"
                },
                {
                  "lessThan": "c6979719012a90e5b8e3bc31725fbfdd0b9b2b79",
                  "status": "affected",
                  "version": "4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c",
                  "versionType": "git"
                },
                {
                  "lessThan": "2495c8e272d84685403506833a664fad932e453a",
                  "status": "affected",
                  "version": "4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c",
                  "versionType": "git"
                },
                {
                  "lessThan": "122e3a7a8c7bcbe3aacddd6103f67f9f36bed473",
                  "status": "affected",
                  "version": "4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c",
                  "versionType": "git"
                },
                {
                  "lessThan": "2f5da549535be8ccd2ab7c9abac8562ad370b181",
                  "status": "affected",
                  "version": "4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c",
                  "versionType": "git"
                },
                {
                  "lessThan": "07078fa5d589a7fbce8f81ea8acf7aa0021ab38e",
                  "status": "affected",
                  "version": "4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c",
                  "versionType": "git"
                },
                {
                  "lessThan": "b7e99058eb2e86aabd7a10761e76cae33d22b49f",
                  "status": "affected",
                  "version": "4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c",
                  "versionType": "git"
                }
              ]
            },
            {
              "defaultStatus": "affected",
              "product": "Linux",
              "programFiles": [
                "drivers/gpu/drm/amd/display/dc/dcn10/dcn10_cm_common.c"
              ],
              "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
              "vendor": "Linux",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.15"
                },
                {
                  "lessThan": "4.15",
                  "status": "unaffected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "4.19.*",
                  "status": "unaffected",
                  "version": "4.19.323",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.4.*",
                  "status": "unaffected",
                  "version": "5.4.285",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.10.*",
                  "status": "unaffected",
                  "version": "5.10.227",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "5.15.*",
                  "status": "unaffected",
                  "version": "5.15.168",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.1.*",
                  "status": "unaffected",
                  "version": "6.1.113",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.6.*",
                  "status": "unaffected",
                  "version": "6.6.55",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.10.*",
                  "status": "unaffected",
                  "version": "6.10.14",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.11.*",
                  "status": "unaffected",
                  "version": "6.11.3",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "*",
                  "status": "unaffected",
                  "version": "6.12",
                  "versionType": "original_commit_for_fix"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.19.323",
                      "versionStartIncluding": "4.15",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "5.4.285",
                      "versionStartIncluding": "4.15",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "5.10.227",
                      "versionStartIncluding": "4.15",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "5.15.168",
                      "versionStartIncluding": "4.15",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.1.113",
                      "versionStartIncluding": "4.15",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.6.55",
                      "versionStartIncluding": "4.15",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.10.14",
                      "versionStartIncluding": "4.15",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.11.3",
                      "versionStartIncluding": "4.15",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.12",
                      "versionStartIncluding": "4.15",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix index out of bounds in degamma hardware format translation\n\nFixes index out of bounds issue in\n`cm_helper_translate_curve_to_degamma_hw_format` function. The issue\ncould occur when the index \u0027i\u0027 exceeds the number of transfer function\npoints (TRANSFER_FUNC_POINTS).\n\nThe fix adds a check to ensure \u0027i\u0027 is within bounds before accessing the\ntransfer function points. If \u0027i\u0027 is out of bounds the function returns\nfalse to indicate an error.\n\nReported by smatch:\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:594 cm_helper_translate_curve_to_degamma_hw_format() error: buffer overflow \u0027output_tf-\u003etf_pts.red\u0027 1025 \u003c= s32max\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:595 cm_helper_translate_curve_to_degamma_hw_format() error: buffer overflow \u0027output_tf-\u003etf_pts.green\u0027 1025 \u003c= s32max\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:596 cm_helper_translate_curve_to_degamma_hw_format() error: buffer overflow \u0027output_tf-\u003etf_pts.blue\u0027 1025 \u003c= s32max"
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-11T20:41:19.632Z",
            "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
            "shortName": "Linux"
          },
          "references": [
            {
              "url": "https://git.kernel.org/stable/c/b3dfa878257a7e98830b3009ca5831a01d8f85fc"
            },
            {
              "url": "https://git.kernel.org/stable/c/f5f6d90087131812c1e4b9d3103f400f1624396d"
            },
            {
              "url": "https://git.kernel.org/stable/c/c130a3c09e3746c1a09ce26c20d21d449d039b1d"
            },
            {
              "url": "https://git.kernel.org/stable/c/c6979719012a90e5b8e3bc31725fbfdd0b9b2b79"
            },
            {
              "url": "https://git.kernel.org/stable/c/2495c8e272d84685403506833a664fad932e453a"
            },
            {
              "url": "https://git.kernel.org/stable/c/122e3a7a8c7bcbe3aacddd6103f67f9f36bed473"
            },
            {
              "url": "https://git.kernel.org/stable/c/2f5da549535be8ccd2ab7c9abac8562ad370b181"
            },
            {
              "url": "https://git.kernel.org/stable/c/07078fa5d589a7fbce8f81ea8acf7aa0021ab38e"
            },
            {
              "url": "https://git.kernel.org/stable/c/b7e99058eb2e86aabd7a10761e76cae33d22b49f"
            }
          ],
          "title": "drm/amd/display: Fix index out of bounds in degamma hardware format translation",
          "x_generator": {
            "engine": "bippy-1.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "assignerShortName": "Linux",
        "cveId": "CVE-2024-49894",
        "datePublished": "2024-10-21T18:01:28.360Z",
        "dateReserved": "2024-10-21T12:17:06.025Z",
        "dateUpdated": "2026-05-12T11:58:57.343Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-4911 (GCVE-0-2023-4911)

    Vulnerability from cvelistv5 – Published: 2023-10-03 17:25 – Updated: 2026-05-12 10:18
    VLAI CISA KEVIntel
    Title
    Glibc: buffer overflow in ld.so leading to privilege escalation
    Summary
    A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.
    SSVC
    Exploitation: active Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-122 - Heap-based Buffer Overflow
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2023:5453 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2023:5454 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2023:5455 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2023:5476 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2024:0033 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2023-4911 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2238352 issue-trackingx_refsource_REDHAT
    https://www.qualys.com/2023/10/03/cve-2023-4911/l…
    https://www.qualys.com/cve-2023-4911/
    https://www.exploit-db.com/exploits/52479
    http://packetstormsecurity.com/files/174986/glibc… x_transferred
    http://packetstormsecurity.com/files/176288/Glibc… x_transferred
    http://seclists.org/fulldisclosure/2023/Oct/11 x_transferred
    http://www.openwall.com/lists/oss-security/2023/10/03/2 x_transferred
    http://www.openwall.com/lists/oss-security/2023/10/03/3 x_transferred
    http://www.openwall.com/lists/oss-security/2023/10/05/1 x_transferred
    http://www.openwall.com/lists/oss-security/2023/1… x_transferred
    http://www.openwall.com/lists/oss-security/2023/10/14/3 x_transferred
    http://www.openwall.com/lists/oss-security/2023/10/14/5 x_transferred
    http://www.openwall.com/lists/oss-security/2023/10/14/6 x_transferred
    https://lists.fedoraproject.org/archives/list/pac… x_transferred
    https://lists.fedoraproject.org/archives/list/pac… x_transferred
    https://lists.fedoraproject.org/archives/list/pac… x_transferred
    https://security.gentoo.org/glsa/202310-03 x_transferred
    https://security.netapp.com/advisory/ntap-2023101… x_transferred
    https://www.debian.org/security/2023/dsa-5514 x_transferred
    https://www.cisa.gov/known-exploited-vulnerabilit… government-resource
    https://cert-portal.siemens.com/productcert/html/…
    https://cert-portal.siemens.com/productcert/html/…
    https://cert-portal.siemens.com/productcert/html/…
    Impacted products
    Vendor Product Version
    Affected: 2.34 , < 2.39 (custom)
    Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:2.28-225.el8_8.6 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:8::appstream
        cpe:/o:redhat:enterprise_linux:8::baseos
        cpe:/a:redhat:enterprise_linux:8::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Unaffected: 0:2.28-189.6.el8_6 , < * (rpm)
        cpe:/o:redhat:rhel_eus:8.6::baseos
        cpe:/a:redhat:rhel_eus:8.6::appstream
        cpe:/o:redhat:rhev_hypervisor:4.4::el8
        cpe:/a:redhat:rhel_eus:8.6::crb
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:2.34-60.el9_2.7 , < * (rpm)
        cpe:/a:redhat:enterprise_linux:9::appstream
        cpe:/a:redhat:enterprise_linux:9::crb
        cpe:/o:redhat:enterprise_linux:9::baseos
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:2.34-28.el9_0.4 , < * (rpm)
        cpe:/a:redhat:rhel_eus:9.0::appstream
        cpe:/o:redhat:rhel_eus:9.0::baseos
        cpe:/a:redhat:rhel_eus:9.0::crb
    Create a notification for this product.
    Red Hat Red Hat Virtualization 4 for Red Hat Enterprise Linux 8 Unaffected: 0:2.28-189.6.el8_6 , < * (rpm)
        cpe:/o:redhat:rhel_eus:8.6::baseos
        cpe:/a:redhat:rhel_eus:8.6::appstream
        cpe:/o:redhat:rhev_hypervisor:4.4::el8
        cpe:/a:redhat:rhel_eus:8.6::crb
    Create a notification for this product.
    Red Hat Red Hat Virtualization 4 for Red Hat Enterprise Linux 8 Unaffected: 0:4.5.3-10.el8ev , < * (rpm)
        cpe:/o:redhat:rhev_hypervisor:4.4::el8
    Create a notification for this product.
    Red Hat Red Hat Virtualization 4 for Red Hat Enterprise Linux 8 Unaffected: 0:4.5.3-202312060823_8.6 , < * (rpm)
        cpe:/o:redhat:rhev_hypervisor:4.4::el8
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
    Create a notification for this product.
    Siemens SIMATIC S7-1500 CPU 1518-4 PN/DP MFP Affected: V3.1.5 , < * (custom)
    Create a notification for this product.
    Siemens SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP Affected: V3.1.5 , < * (custom)
    Create a notification for this product.
    Siemens SIPLUS S7-1500 CPU 1518-4 PN/DP MFP Affected: V3.1.5 , < * (custom)
    Create a notification for this product.
    Date Public
    2023-10-03 17:00
    Credits
    Red Hat would like to thank Qualys Research Labs for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2026-02-13T17:01:57.799Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "https://www.exploit-db.com/exploits/52479"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/174986/glibc-ld.so-Local-Privilege-Escalation.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/176288/Glibc-Tunables-Privilege-Escalation.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2023/Oct/11"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/10/03/2"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/10/03/3"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/10/05/1"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/10/13/11"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/10/14/3"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/10/14/5"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2023/10/14/6"
              },
              {
                "name": "RHSA-2023:5453",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2023:5453"
              },
              {
                "name": "RHSA-2023:5454",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2023:5454"
              },
              {
                "name": "RHSA-2023:5455",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2023:5455"
              },
              {
                "name": "RHSA-2023:5476",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2023:5476"
              },
              {
                "name": "RHSA-2024:0033",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2024:0033"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2023-4911"
              },
              {
                "name": "RHBZ#2238352",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2238352"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DBUQRRPB47TC3NJOUIBVWUGFHBJAFDL/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DFG4P76UHHZEWQ26FWBXG76N2QLKKPZA/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NDAQWHTSVOCOZ5K6KPIWKRT3JX4RTZUR/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202310-03"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20231013-0006/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2023/dsa-5514"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.qualys.com/cve-2023-4911/"
              }
            ],
            "title": "CVE Program Container",
            "x_generator": {
              "engine": "ADPogram 0.0.1"
            }
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-4911",
                    "options": [
                      {
                        "Exploitation": "active"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-15T19:45:35.724824Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              },
              {
                "other": {
                  "content": {
                    "dateAdded": "2023-11-21",
                    "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-4911"
                  },
                  "type": "kev"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-21T23:05:35.687Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "government-resource"
                ],
                "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-4911"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2023-11-21T00:00:00.000Z",
                "value": "CVE-2023-4911 added to CISA KEV"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "defaultStatus": "unknown",
                "product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "V3.1.5",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "defaultStatus": "unknown",
                "product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "V3.1.5",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "defaultStatus": "unknown",
                "product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "V3.1.5",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "defaultStatus": "unknown",
                "product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "V3.1.5",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "defaultStatus": "unknown",
                "product": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP",
                "vendor": "Siemens",
                "versions": [
                  {
                    "lessThan": "*",
                    "status": "affected",
                    "version": "V3.1.5",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-12T10:18:01.935Z",
              "orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
              "shortName": "siemens-SADP"
            },
            "references": [
              {
                "url": "https://cert-portal.siemens.com/productcert/html/ssa-831302.html"
              },
              {
                "url": "https://cert-portal.siemens.com/productcert/html/ssa-794697.html"
              },
              {
                "url": "https://cert-portal.siemens.com/productcert/html/ssa-082556.html"
              }
            ],
            "x_adpType": "supplier"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://sourceware.org/git/glibc.git",
              "defaultStatus": "unaffected",
              "packageName": "glibc",
              "versions": [
                {
                  "lessThan": "2.39",
                  "status": "affected",
                  "version": "2.34",
                  "versionType": "custom"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream",
                "cpe:/o:redhat:enterprise_linux:8::baseos",
                "cpe:/a:redhat:enterprise_linux:8::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "glibc",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:2.28-225.el8_8.6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:8::appstream",
                "cpe:/o:redhat:enterprise_linux:8::baseos",
                "cpe:/a:redhat:enterprise_linux:8::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "glibc",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:2.28-225.el8_8.6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:8.6::baseos",
                "cpe:/a:redhat:rhel_eus:8.6::appstream",
                "cpe:/o:redhat:rhev_hypervisor:4.4::el8",
                "cpe:/a:redhat:rhel_eus:8.6::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "glibc",
              "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:2.28-189.6.el8_6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream",
                "cpe:/a:redhat:enterprise_linux:9::crb",
                "cpe:/o:redhat:enterprise_linux:9::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "glibc",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:2.34-60.el9_2.7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:enterprise_linux:9::appstream",
                "cpe:/a:redhat:enterprise_linux:9::crb",
                "cpe:/o:redhat:enterprise_linux:9::baseos"
              ],
              "defaultStatus": "affected",
              "packageName": "glibc",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:2.34-60.el9_2.7",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:rhel_eus:9.0::appstream",
                "cpe:/o:redhat:rhel_eus:9.0::baseos",
                "cpe:/a:redhat:rhel_eus:9.0::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "glibc",
              "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:2.34-28.el9_0.4",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhel_eus:8.6::baseos",
                "cpe:/a:redhat:rhel_eus:8.6::appstream",
                "cpe:/o:redhat:rhev_hypervisor:4.4::el8",
                "cpe:/a:redhat:rhel_eus:8.6::crb"
              ],
              "defaultStatus": "affected",
              "packageName": "glibc",
              "product": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:2.28-189.6.el8_6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhev_hypervisor:4.4::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "redhat-release-virtualization-host",
              "product": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.5.3-10.el8ev",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:rhev_hypervisor:4.4::el8"
              ],
              "defaultStatus": "affected",
              "packageName": "redhat-virtualization-host",
              "product": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "0:4.5.3-202312060823_8.6",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:6"
              ],
              "defaultStatus": "unaffected",
              "packageName": "glibc",
              "product": "Red Hat Enterprise Linux 6",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7"
              ],
              "defaultStatus": "unaffected",
              "packageName": "compat-glibc",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:7"
              ],
              "defaultStatus": "unaffected",
              "packageName": "glibc",
              "product": "Red Hat Enterprise Linux 7",
              "vendor": "Red Hat"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Red Hat would like to thank Qualys Research Labs for reporting this issue."
            }
          ],
          "datePublic": "2023-10-03T17:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A buffer overflow was discovered in the GNU C Library\u0027s dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-122",
                  "description": "Heap-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-05T17:25:54.427Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2023:5453",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2023:5453"
            },
            {
              "name": "RHSA-2023:5454",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2023:5454"
            },
            {
              "name": "RHSA-2023:5455",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2023:5455"
            },
            {
              "name": "RHSA-2023:5476",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2023:5476"
            },
            {
              "name": "RHSA-2024:0033",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2024:0033"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2023-4911"
            },
            {
              "name": "RHBZ#2238352",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2238352"
            },
            {
              "url": "https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt"
            },
            {
              "url": "https://www.qualys.com/cve-2023-4911/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-09-04T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2023-10-03T17:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Glibc: buffer overflow in ld.so leading to privilege escalation",
          "workarounds": [
            {
              "lang": "en",
              "value": "For customers who cannot update immediately and do not have Secure Boot feature enabled, the issue can be mitigated using the provided SystemTap script with the following steps.  When enabled, any setuid program invoked with GLIBC_TUNABLES in the environment will be terminated immediately.  To invoke the setuid program, users will then have to unset or clear the GLIBC_TUNABLES envvar, e.g. `GLIBC_TUNABLES= sudo` . \n\nNote that these mitigation steps will need to be repeated if the system is rebooted.\n\n1)    Install required systemtap packages and dependencies as per - https://access.redhat.com/solutions/5441\n\n\n2)    Create the following systemtap script, and name it stap_block_suid_tunables.stp:\n    ~~~\nfunction has_tunable_string:long()\n{\n  name = \"GLIBC_TUNABLES\"\n\n  mm = @task(task_current())-\u003emm;\n  if (mm)\n    {\n      env_start = @mm(mm)-\u003eenv_start;\n      env_end = @mm(mm)-\u003eenv_end;\n\n      if (env_start != 0 \u0026\u0026 env_end != 0)\n        while (env_end \u003e env_start)\n          {\n            cur = user_string(env_start, \"\");\n            env_name = tokenize(cur, \"=\");\n      \n            if (env_name == name \u0026\u0026 tokenize(\"\", \"\") != \"\")\n              return 1;\n            env_start += strlen (cur) + 1\n          }\n    }\n\n  return 0;\n}\n\nprobe process(\"/lib*/ld*.so*\").function(\"__tunables_init\")\n{\n  atsecure = 0;\n  /* Skip processing if we can\u0027t read __libc_enable_secure, e.g. core dump\n     handler (systemd-cgroups-agent and systemd-coredump).  */\n  try { atsecure = @var(\"__libc_enable_secure\"); }\n  catch { printk (4, sprintf (\"CVE-2023-4911: Skipped check: %s (%d)\", execname(), pid())); }\n  if (atsecure \u0026\u0026 has_tunable_string ())\n    raise (9);\n}\n~~~\n\n3) Load the systemtap module into the running kernel:\n    ~~~\n    stap -g -F -m stap_block_suid_tunables stap_block_suid_tunables.stp\n    ~~~\n\n4) Ensure the module is loaded:\n    ~~~\n     lsmod | grep -i stap_block_suid_tunables\nstap_block_suid_tunables     249856  0\n~~~\n\n5) Once the glibc package is updated to the version containing the fix, the systemtap generated kernel module can be removed by running:\n    ~~~\n    rmmod stap_block_suid_tunables\n    ~~~\n\nIf Secure Boot is enabled on a system, the SystemTap module must be signed. An external compiling server can be used to sign the generated kernel module with a key enrolled into the kernel\u0027s keyring or starting with SystemTap 4.7 you can sign a module without a compile server. See further information here - https://www.redhat.com/sysadmin/secure-boot-systemtap"
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-122: Heap-based Buffer Overflow"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2023-4911",
        "datePublished": "2023-10-03T17:25:08.434Z",
        "dateReserved": "2023-09-12T13:10:32.495Z",
        "dateUpdated": "2026-05-12T10:18:01.935Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }