68 matches found
CVE-2026-53184
In the Linux kernel, the following vulnerability has been resolved: udp: clear skb-dev before running a sockmap verdict On the UDP receive path skb-dev is repurposed as devscratch the truesize/state cache set by udpsetdevscratch, through the union struct netdevice dev; unsigned long devscratch; i...
CVE-2026-53184
The CVE-2026-53184 issue affects the Linux kernel UDP sockmap path. On UDP receive, skb->dev is repurposed as dev_scratch; when a SK_SKB verdict program uses BPF socket-lookup helpers (bpf_sk_lookup_tcp/udp, bpf_skc_lookup_tcp), skb->dev may still hold the dev_scratch value, and dev_net(skb...
PT-2026-51847
Content removed...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: VMCI: Check context-notifypage after calling getuserpagesfast to avoid GPF. The call to getuserpagesfast in vmcihostunlockedioctl may return NULL for context-notifypage, causing a GPF. To avoid this, check that context-notifypage...
EUVD-2025-203630
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix general protection fault in smcdiagdump The syzbot report a crash: Oops: general protection fault, probably for non-canonical address 0xfbd5a5d5a0000003: 0000 1 SMP KASAN NOPTI KASAN: maybe wild-memory-access in rang...
CVE-2025-40155 iommu/vt-d: debugfs: Fix legacy mode page table dump logic
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: debugfs: Fix legacy mode page table dump logic In legacy mode, SSPTPTR is ignored if TT is not 00b or 01b. SSPTPTR maybe uninitialized or zero in that case and may cause oops like: Oops: general protection fault,...
Siemens SIMATIC Devices Improper Input Validation (CVE-2024-36270)
netfilter: tproxy: bail out if IP has been disabled on the device syzbot reports: general protection fault, probably for non-canonical address This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...
UBUNTU-CVE-2022-50538
In the Linux kernel, the following vulnerability has been resolved: vme: Fix error not catched in fakeinit In fakeinit, rootdeviceregister is possible to fail but it's ignored, which can cause unregistering vmeroot fail when exit. general protection fault, probably for non-canonical address...
EUVD-2016-10195
Malware in sbrugna...
EUVD-2014-3575
Malware in sbrugna...
UBUNTU-CVE-2023-53259
In the Linux kernel, the following vulnerability has been resolved: VMCI: check context-notifypage after call to getuserpagesfast to avoid GPF The call to getuserpagesfast in vmcihostsetupnotify can return NULL context-notifypage causing a GPF. To avoid GPF check if context-notifypage == NULL and...
Linux Distros Unpatched Vulnerability : CVE-2024-46788
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Use a cpumask to know what threads are kthreads The startkthread and...
CVE-2025-2892
The All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the post Meta Description and Canonical URL parameters in all versions up to, and including, 4.8.1.1 due to insufficient input sanitization and...
UBUNTU-CVE-2022-49799
In the Linux kernel, the following vulnerability has been resolved: tracing: Fix wild-memory-access in registersynthevent In registersynthevent, if setsyntheventprintfmt failed, then both traceremoveeventcall and unregistertraceevent will be called, which means the traceeventcall will call...
CVE-2024-49863
In the Linux kernel, the following vulnerability has been resolved: vhost/scsi: null-ptr-dereference in vhostscsigetreq Since commit 3f8ca2e115e5 "vhost/scsi: Extract common handling code from control queue handler" a null pointer dereference bug can be triggered when guest sends an SCSI AN...
CVE-2024-49953 net/mlx5e: Fix crash caused by calling __xfrm_state_delete() twice
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix crash caused by calling xfrmstatedelete twice The km.state is not checked in driver's delayed work. When xfrmstatecheckexpire is called, the state can be reset to XFRMSTATEEXPIRED, even if it is XFRMSTATEDEAD...
CVE-2024-46788 tracing/osnoise: Use a cpumask to know what threads are kthreads
In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Use a cpumask to know what threads are kthreads The startkthread and stopthread code was not always called with the interfacelock held. This means that the kthread variable could be unexpectedly changed causing t...
CVE-2022-48781
In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - get rid of algmemoryallocated algmemoryallocated does not seem to be really used. algproto does have a .memoryallocated field, but no corresponding .sysctlmem. This means skhasaccount returns true, but all...
PT-2024-11803 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.17.0-rc3-syzkaller-00316-gb81b1829e7e3 Description: The vulnerability is related to the crypto: af alg module in the Linux kernel. The issue arises because the alg memory allocated field is not used, but the a...
CVE-2024-40962
CVE-2024-40962 affects the Linux kernel btrfs zoning code. The issue is a NULL pointer dereference in btrfs_zone_finish_endio() when handling zoned NODATASUM writes under zoned emulation for conventional zones. The fix, as described in the disclosure, is to allocate dummy checksums for zoned NODA...