36 matches found
ROOT-OS-DEBIAN-11-CVE-2025-38035 CVE-2025-38035 in rootio-linux - Patched by Root
Root has patched CVE-2025-38035 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...
ROOT-OS-DEBIAN-12-CVE-2025-38035 CVE-2025-38035 in rootio-linux - Patched by Root
Root has patched CVE-2025-38035 in the rootio-linux package for Root:Debian:12. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-38035 CVE-2025-38035 in rootio-linux - Patched by Root
Root has patched CVE-2025-38035 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
Azure Linux 3.0 Security Update: kernel (CVE-2025-38035)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38035 advisory. - In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: don't restore null...
EUVD-2025-38035
An argument injection vulnerability exists in the affected product that could allow an attacker to execute arbitrary code within the context of the host machine...
[SECURITY] [DLA 4328-1] linux-6.1 security update
Debian LTS Advisory DLA-4328-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings October 13, 2025 https://wiki.debian.org/LTS Package : linux-6.1 Version : 6.1.153-1 CVE ID : CVE-2024-36331 CVE-2024-36350 CVE-2024-36357 CVE-2024-36913 CVE-2024-41013 CVE-2024-47704...
Ubuntu: Security Advisory (USN-7769-3)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security update for the Linux Kernel
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2019-11135: TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may CVE-2024-36028: mm/hugetlb: fix DEBUGLOCKSWARNON1 when...
Linux Distros Unpatched Vulnerability : CVE-2025-38035
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nvmet-tcp: don't restore null skstatechange queue-statechange is set as part of nvmettcpsetqueuesock, but if the TCP connection isn't established when...
MAL-2025-38035 Malicious code in uyogfphjxwrqlmns (npm)
The package uyogfphjxwrqlmns was found to contain malicious code...
CVE-2025-38035 affecting package kernel for versions less than 6.6.96.1-1
CVE-2025-38035 affecting package kernel for versions less than 6.6.96.1-1. A patched version of the package is available...
BELL-CVE-2025-38035
Bulletin has no description...
CVE-2025-38035
In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: don't restore null skstatechange queue-statechange is set as part of nvmettcpsetqueuesock, but if the TCP connection isn't established when nvmettcpsetqueuesock is called then queue-statechange isn't set and...
CVE-2025-38035
In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: don't restore null skstatechange queue-statechange is set as part of nvmettcpsetqueuesock, but if the TCP connection isn't established when nvmettcpsetqueuesock is called then queue-statechange isn't set and...
AZL-63968 CVE-2025-38035 affecting package kernel for versions less than 6.6.96.1-1
In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: don't restore null skstatechange queue-statechange is set as part of nvmettcpsetqueuesock, but if the TCP connection isn't established when nvmettcpsetqueuesock is called then queue-statechange isn't set and...
CVE-2025-38035
CVE-2025-38035 affects the Linux kernel nvmet-tcp path. The vulnerability arises from nvmet-tcp_queue handling where queue->state_change may be NULL when the TCP connection isn’t established, leading to an unnecessary restoration attempt of sock->sk->sk_state_change. The fix ensures that...
CVE-2025-38035 nvmet-tcp: don't restore null sk_state_change
In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: don't restore null skstatechange queue-statechange is set as part of nvmettcpsetqueuesock, but if the TCP connection isn't established when nvmettcpsetqueuesock is called then queue-statechange isn't set and...
CVE-2025-38035
In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: don't restore null skstatechange queue-statechange is set as part of nvmettcpsetqueuesock, but if the TCP connection isn't established when nvmettcpsetqueuesock is called then queue-statechange isn't set and...
CVE-2023-38035
A security vulnerability in MICS Admin Portal in Ivanti MobileIron Sentry versions 9.18.0 and below, which may allow an attacker to bypass authentication controls on the administrative interface due to an insufficiently restrictive Apache HTTPD configuration...
Metasploit Weekly Wrap-Up
Flask Cookies This week includes two modules related to Flask cookie signatures. One is specific to Apache Superset where session cookies can be resigned, allowing an attacker to elevate their privileges and dump the database connection strings. While adding this functionality, community member...