763 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-39782
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jbd2: prevent softlockup in jbd2logdocheckpoint Both jbd2logdocheckpoint and jbd2journalshrinkcheckpointlist periodically release jlistlock after processing a...
[SECURITY] Fedora 42 Update: checkpointctl-1.4.0-2.fc42
The checkpointctl command can be used for in-depth analysis of container checkpoints created with Podman and Kubernetes...
SUSE CVE-2025-39782
In the Linux kernel, the following vulnerability has been resolved: jbd2: prevent softlockup in jbd2logdocheckpoint Both jbd2logdocheckpoint and jbd2journalshrinkcheckpointlist periodically release jlistlock after processing a batch of buffers to avoid long hold times on the jlistlock. However,...
DEBIAN-CVE-2025-39782
In the Linux kernel, the following vulnerability has been resolved: jbd2: prevent softlockup in jbd2logdocheckpoint Both jbd2logdocheckpoint and jbd2journalshrinkcheckpointlist periodically release jlistlock after processing a batch of buffers to avoid long hold times on the jlistlock. However,...
CVE-2025-39782
In the Linux kernel, the following vulnerability has been resolved: jbd2: prevent softlockup in jbd2logdocheckpoint Both jbd2logdocheckpoint and jbd2journalshrinkcheckpointlist periodically release jlistlock after processing a batch of buffers to avoid long hold times on the jlistlock. However,...
AZL-74676 CVE-2025-39782 affecting package kernel for versions less than 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: jbd2: prevent softlockup in jbd2logdocheckpoint Both jbd2logdocheckpoint and jbd2journalshrinkcheckpointlist periodically release jlistlock after processing a batch of buffers to avoid long hold times on the jlistlock. However,...
CVE-2025-39782 jbd2: prevent softlockup in jbd2_log_do_checkpoint()
In the Linux kernel, the following vulnerability has been resolved: jbd2: prevent softlockup in jbd2logdocheckpoint Both jbd2logdocheckpoint and jbd2journalshrinkcheckpointlist periodically release jlistlock after processing a batch of buffers to avoid long hold times on the jlistlock. However,...
CVE-2025-39782
CVE-2025-39782 concerns the Linux kernel, specifically the JBD2 journal path. The issue arises because jbd2_log_do_checkpoint() and jbd2_journal_shrink_checkpoint_list() contend for j_list_lock, potentially causing long wait times that can trigger softlockups if sleeping calls do not occur. The a...
CVE-2025-39782 jbd2: prevent softlockup in jbd2_log_do_checkpoint()
In the Linux kernel, the following vulnerability has been resolved: jbd2: prevent softlockup in jbd2logdocheckpoint Both jbd2logdocheckpoint and jbd2journalshrinkcheckpointlist periodically release jlistlock after processing a batch of buffers to avoid long hold times on the jlistlock. However,...
CVE-2025-58756
MONAI Medical Open Network for AI is an AI toolkit for health care imaging. In versions up to and including 1.5.0, in modeldict = torch.loadfullpath, maplocation=torch.devicedevice, weightsonly=True in monai/bundle/scripts.py , weightsonly=True is loaded securely. However, insecure loading method...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the jbd2logdocheckpoint function not handling scheduling correctly, which could lead to a soft lockup...
GHSA-6VM5-6JV9-RJPJ MONAI: Unsafe torch usage may lead to arbitrary code execution
Summary In modeldict = torch.loadfullpath, maplocation=torch.devicedevice, weightsonly=True in monai/bundle/scripts.py , weightsonly=True is loaded securely. However, insecure loading methods still exist elsewhere in the project, such as when loading checkpoints. This is a common practice when...
MONAI: Unsafe torch usage may lead to arbitrary code execution
Summary In modeldict = torch.loadfullpath, maplocation=torch.devicedevice, weightsonly=True in monai/bundle/scripts.py , weightsonly=True is loaded securely. However, insecure loading methods still exist elsewhere in the project, such as when loading checkpoints. This is a common practice when...
CVE-2025-58756
MONAI Medical Open Network for AI is an AI toolkit for health care imaging. In versions up to and including 1.5.0, in modeldict = torch.loadfullpath, maplocation=torch.devicedevice, weightsonly=True in monai/bundle/scripts.py , weightsonly=True is loaded securely. However, insecure loading method...
PYSEC-2025-141
MONAI Medical Open Network for AI is an AI toolkit for health care imaging. In versions up to and including 1.5.0, in modeldict = torch.loadfullpath, maplocation=torch.devicedevice, weightsonly=True in monai/bundle/scripts.py , weightsonly=True is loaded securely. However, insecure loading method...
CVE-2025-58756 MONAI's unsafe torch usage may lead to arbitrary code execution
MONAI Medical Open Network for AI is an AI toolkit for health care imaging. In versions up to and including 1.5.0, in modeldict = torch.loadfullpath, maplocation=torch.devicedevice, weightsonly=True in monai/bundle/scripts.py , weightsonly=True is loaded securely. However, insecure loading method...
CVE-2025-58756 MONAI's unsafe torch usage may lead to arbitrary code execution
MONAI Medical Open Network for AI is an AI toolkit for health care imaging. In versions up to and including 1.5.0, in modeldict = torch.loadfullpath, maplocation=torch.devicedevice, weightsonly=True in monai/bundle/scripts.py , weightsonly=True is loaded securely. However, insecure loading method...
Linux Distros Unpatched Vulnerability : CVE-2025-0426
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A security issue was discovered in Kubernetes where a large number of container checkpoint requests made to the unauthenticated kubelet read-only HTTP endpoint...
NVIDIA Transformers4Rec load_model_trainer_states_from_checkpoint Deserialization of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of NVIDIA Transformers4Rec. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Linux Distros Unpatched Vulnerability : CVE-2017-18344
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The timercreate syscall implementation in kernel/time/posix-timers.c in the Linux kernel before 4.14.8 doesn't properly validate the sigevent-sigevnotify field,...