122 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-71102
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: scs: fix a wrong parameter in scsmagic scsmagic needs a 'void ' variable, but a 'struct...
CVE-2022-0903
A call stack overflow bug in the SAML login feature in Mattermost server in versions up to and including 6.3.2 allows an attacker to crash the server via submitting a maliciously crafted POST body...
UBUNTU-CVE-2023-53866
In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-compress: Reposition and add pcmmutex If paniconwarn is set and compress streamDPCM is started, then kernel panic occurred because card-pcmmutex isn't held appropriately. In the following functions, warning were issued ...
Node.js: Uncatchable "Maximum call stack size exceeded" error on Node.js via async_hooks leads to process crashes bypassing error handlers
A vulnerability was identified in Node.js error handling where "Maximum call stack size exceeded" errors became uncatchable when asynchooks.createHook was enabled. Instead of reaching process.on'uncaughtException', the process terminated, making the crash unrecoverable...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989415)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989415 advisory. In the Linux kernel, the following vulnerability has been resolved: sched/scs: Reset task stack state in bringupcpu To hot unplug a CPU, the idle task on that CPU...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986650)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986650 advisory. In the Linux kernel, the following vulnerability has been resolved: sched/scs: Reset task stack state in bringupcpu To hot unplug a CPU, the idle task on that CPU...
EUVD-2025-25531
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2025-38670
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: arm64/entry: Mask DAIF in cpuswitchto, callonirqstack cpuswitchto and callonirqstack...
SUSE CVE-2025-38670
In the Linux kernel, the following vulnerability has been resolved: arm64/entry: Mask DAIF in cpuswitchto, callonirqstack cpuswitchto and callonirqstack manipulate SP to change to different stacks along with the Shadow Call Stack if it is enabled. Those two stack changes cannot be done atomically...
AZL-75093 CVE-2025-38670 affecting package kernel for versions less than 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: arm64/entry: Mask DAIF in cpuswitchto, callonirqstack cpuswitchto and callonirqstack manipulate SP to change to different stacks along with the Shadow Call Stack if it is enabled. Those two stack changes cannot be done atomically...
DEBIAN-CVE-2025-38670
In the Linux kernel, the following vulnerability has been resolved: arm64/entry: Mask DAIF in cpuswitchto, callonirqstack cpuswitchto and callonirqstack manipulate SP to change to different stacks along with the Shadow Call Stack if it is enabled. Those two stack changes cannot be done atomically...
AZL-66656 CVE-2025-38670 affecting package kernel for versions less than 6.6.104.2-1
In the Linux kernel, the following vulnerability has been resolved: arm64/entry: Mask DAIF in cpuswitchto, callonirqstack cpuswitchto and callonirqstack manipulate SP to change to different stacks along with the Shadow Call Stack if it is enabled. Those two stack changes cannot be done atomically...
CVE-2025-38670
In the Linux kernel, the following vulnerability has been resolved: arm64/entry: Mask DAIF in cpuswitchto, callonirqstack cpuswitchto and callonirqstack manipulate SP to change to different stacks along with the Shadow Call Stack if it is enabled. Those two stack changes cannot be done atomically...
UBUNTU-CVE-2025-38670
In the Linux kernel, the following vulnerability has been resolved: arm64/entry: Mask DAIF in cpuswitchto, callonirqstack cpuswitchto and callonirqstack manipulate SP to change to different stacks along with the Shadow Call Stack if it is enabled. Those two stack changes cannot be done atomically...
CVE-2025-38670
In the Linux kernel, the following vulnerability has been resolved: arm64/entry: Mask DAIF in cpuswitchto, callonirqstack cpuswitchto and callonirqstack manipulate SP to change to different stacks along with the Shadow Call Stack if it is enabled. Those two stack changes cannot be done atomically...
CVE-2025-38670
CVE-2025-38670 affects ARM64 Linux kernel. The vulnerability arises in cpu_switch_to() and call_on_irq_stack() where masking and saving the DAIF state and SCS pointers are not atomic across stack switches, allowing a race during task/IRQ stack transitions. Interrupts (SErrors/Debug Exceptions) ca...
CVE-2025-38670 arm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack()
In the Linux kernel, the following vulnerability has been resolved: arm64/entry: Mask DAIF in cpuswitchto, callonirqstack cpuswitchto and callonirqstack manipulate SP to change to different stacks along with the Shadow Call Stack if it is enabled. Those two stack changes cannot be done atomically...
CVE-2025-38670 arm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack()
In the Linux kernel, the following vulnerability has been resolved: arm64/entry: Mask DAIF in cpuswitchto, callonirqstack cpuswitchto and callonirqstack manipulate SP to change to different stacks along with the Shadow Call Stack if it is enabled. Those two stack changes cannot be done atomically...
Linux Distros Unpatched Vulnerability : CVE-2021-47553
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: sched/scs: Reset task stack state in bringupcpu To hot unplug a CPU, the idle task on that C...
New Malware Loaders Use Call Stack Spoofing, GitHub C2, and .NET Reactor for Stealth
Cybersecurity researchers have discovered an updated version of a malware loader called Hijack Loader that implements new features to evade detection and establish persistence on compromised systems. "Hijack Loader released a new module that implements call stack spoofing to hide the origin of...