From 3a37f869636dd9da6f897546688aee79901bdd51 Mon Sep 17 00:00:00 2001 From: Oracle Linux CVE analysis bot Date: Fri, 6 Mar 2026 15:23:55 +0000 Subject: [PATCH 1/5] Analysis for CVE-2025-68810.yml --- vulns/CVE-2025-68810.yml | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 vulns/CVE-2025-68810.yml diff --git a/vulns/CVE-2025-68810.yml b/vulns/CVE-2025-68810.yml new file mode 100644 index 0000000..3458d2b --- /dev/null +++ b/vulns/CVE-2025-68810.yml @@ -0,0 +1,11 @@ +reachability: Local +memory_corruption: true +bug_class: UaF +impact: LPE +privileges_required: false +notes: |2- + UaF in the KVM subsystem when clearing the KVM_MEM_GUEST_MEMFD flag on an + existing memslot, leading to arbitrary kernel memory corruption and + eventually LPE +author: Oracle Corporation +version: v0.1 From 72cf917e55d16d923b9c2632306ed80da636613a Mon Sep 17 00:00:00 2001 From: Oracle Linux CVE analysis bot Date: Fri, 6 Mar 2026 15:23:55 +0000 Subject: [PATCH 2/5] Analysis for CVE-2026-23001.yml --- vulns/CVE-2026-23001.yml | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 vulns/CVE-2026-23001.yml diff --git a/vulns/CVE-2026-23001.yml b/vulns/CVE-2026-23001.yml new file mode 100644 index 0000000..064761e --- /dev/null +++ b/vulns/CVE-2026-23001.yml @@ -0,0 +1,8 @@ +reachability: Local +memory_corruption: true +bug_class: UaF +impact: LPE +privileges_required: false +notes: UaF in macvlan module, could be triggered using network namespace(unshare -rn) +author: Oracle Corporation +version: v0.1 From 5a00cb423ac63c3c816342c59c253c39bc2fab9b Mon Sep 17 00:00:00 2001 From: Oracle Linux CVE analysis bot Date: Fri, 6 Mar 2026 15:23:55 +0000 Subject: [PATCH 3/5] Analysis for CVE-2026-23004.yml --- vulns/CVE-2026-23004.yml | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 vulns/CVE-2026-23004.yml diff --git a/vulns/CVE-2026-23004.yml b/vulns/CVE-2026-23004.yml new file mode 100644 index 0000000..95086b8 --- /dev/null +++ b/vulns/CVE-2026-23004.yml @@ -0,0 +1,8 @@ +reachability: Local +memory_corruption: true +bug_class: UaF +impact: LPE +privileges_required: false +notes: UaF in net/core leading to LPE. Reachable through namespaces +author: Oracle Corporation +version: v0.1 From 88cd29b17b1baf1aa9dd0cfa08a4525d0f5c31ed Mon Sep 17 00:00:00 2001 From: Oracle Linux CVE analysis bot Date: Fri, 6 Mar 2026 15:23:55 +0000 Subject: [PATCH 4/5] Analysis for CVE-2026-23111.yml --- vulns/CVE-2026-23111.yml | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 vulns/CVE-2026-23111.yml diff --git a/vulns/CVE-2026-23111.yml b/vulns/CVE-2026-23111.yml new file mode 100644 index 0000000..5c36ab4 --- /dev/null +++ b/vulns/CVE-2026-23111.yml @@ -0,0 +1,8 @@ +reachability: Local +memory_corruption: true +bug_class: UaF +impact: LPE +privileges_required: false +notes: UaF in net/netfilter leading to LPE reachable from namespaces +author: Oracle Corporation +version: v0.1 From a29adf72a754b6bd007c2385ffa6a164dd35aa03 Mon Sep 17 00:00:00 2001 From: Oracle Linux CVE analysis bot Date: Fri, 6 Mar 2026 15:23:55 +0000 Subject: [PATCH 5/5] Analysis for CVE-2026-23209.yml --- vulns/CVE-2026-23209.yml | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 vulns/CVE-2026-23209.yml diff --git a/vulns/CVE-2026-23209.yml b/vulns/CVE-2026-23209.yml new file mode 100644 index 0000000..19a95b2 --- /dev/null +++ b/vulns/CVE-2026-23209.yml @@ -0,0 +1,8 @@ +reachability: Local +memory_corruption: true +bug_class: UaF +impact: LPE +privileges_required: false +notes: UaF in drivers/net macvlan leading to LPE. Reachable from namespaces +author: Oracle Corporation +version: v0.1