354 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-53138
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: caif: Fix use-after-free in cfusbldevicenotify syzbot reported use-after-free in cfusbldevicenotify 1. This causes a stack trace like below: BUG: KASAN:...
Linux Distros Unpatched Vulnerability : CVE-2024-26780
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: afunix: Fix task hung while purging oobskb in GC. syzbot reported a task hung; at the same...
Linux Distros Unpatched Vulnerability : CVE-2023-53028
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: Revert wifi: mac80211: fix memory leak in ieee80211ifadd This reverts commit...
Linux Distros Unpatched Vulnerability : CVE-2023-52603
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - UBSAN: array-index-out-of-bounds in dtSplitRoot Syzkaller reported the following issue: oop0: detected capacity change from 0 to 32768 UBSAN:...
CVE-2025-38129
CVE-2025-38129 details a Linux kernel use-after-free in page_pool_recycle_in_ring, linked to page_pool's per-CPU recycle mechanism. The root cause is that a page may be freed while the page pool’s ring is still being recycled, resulting in a potential use-after-free when the producer_lock is not ...
CVE-2019-16548
A cross-site request forgery vulnerability in Jenkins Google Compute Engine Plugin 4.1.1 and earlier in ComputeEngineClouddoProvision could be used to provision new agents...
CVE-2023-53119 nfc: pn533: initialize struct pn533_out_arg properly
In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: initialize struct pn533outarg properly struct pn533outarg used as a temporary context for outurb is not initialized properly. Its uninitialized 'phy' field can be dereferenced in error cases inside pn533outcomplete...
CVE-2022-49916 rose: Fix NULL pointer dereference in rose_send_frame()
In the Linux kernel, the following vulnerability has been resolved: rose: Fix NULL pointer dereference in rosesendframe The syzkaller reported an issue: KASAN: null-ptr-deref in range 0x0000000000000380-0x0000000000000387 CPU: 0 PID: 4069 Comm: kworker/0:15 Not tainted...
CVE-2022-49738 f2fs: fix to do sanity check on i_extra_isize in is_alive()
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on iextraisize in isalive syzbot found a f2fs bug: BUG: KASAN: slab-out-of-bounds in datablkaddr fs/f2fs/f2fs.h:2891 inline BUG: KASAN: slab-out-of-bounds in isalive fs/f2fs/gc.c:1117 inline BUG: KASA...
Linux Distros Unpatched Vulnerability : CVE-2024-50256
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: nfrejectipv6: fix potential crash in nfsendreset6 I got a syzbot report without a repro 1 crashing in nfsendreset6 I think the issue is that...
Linux Distros Unpatched Vulnerability : CVE-2024-35976
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: xsk: validate user input for XDPUMEM|COMPLETIONFILLRING syzbot reported an illegal copy in...
Linux Distros Unpatched Vulnerability : CVE-2022-48802
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/proc: taskmmu.c: don't read mapcount for migration entry The syzbot reported the below BUG: kernel BUG at include/linux/page-flags.h:785! invalid opcode: 000...
Linux Distros Unpatched Vulnerability : CVE-2022-48781
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - get rid of algmemoryallocated algmemoryallocated does not seem to be really...
Linux Distros Unpatched Vulnerability : CVE-2022-49456
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: bonding: fix missed rcu protection When removing the rcureadlock in bondethtoolgettsinfo as...
Linux Distros Unpatched Vulnerability : CVE-2022-49087
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: rxrpc: fix a race in rxrpcexitnet Current code can lead to the following race: CPU0 CPU1...
CVE-2022-49696
In the Linux kernel, the following vulnerability has been resolved: tipc: fix use-after-free Read in tipcnamedreinit syzbot found the following issue on: ================================================================== BUG: KASAN: use-after-free in tipcnamedreinit+0x94f/0x9b0...
CVE-2024-57882
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix TCP options overflow. Syzbot reported the following splat: Oops: general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 1 PREEMPT SMP KASAN PTI KASAN: null-ptr-deref in range...
CVE-2024-53105
In the Linux kernel, the following vulnerability has been resolved: mm: pagealloc: move mlocked flag clearance into freepagesprepare Syzbot reported a bad page state problem caused by a page being freed using freepage still having a mlocked flag at freepagesprepare stage: BUG: Bad page state in...
CVE-2024-50293
Technical details about CVE-2024-50293 (net/smc dangling sk in __smc_create) are not publicly provided in the supplied documents. Monitor for updates from official advisories.
CVE-2024-50256
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfrejectipv6: fix potential crash in nfsendreset6 I got a syzbot report without a repro 1 crashing in nfsendreset6 I think the issue is that dev-hardheaderlen is zero, and we attempt later to push an Ethernet header. U...