170 matches found
UBUNTU-CVE-2025-39777
In the Linux kernel, the following vulnerability has been resolved: crypto: acomp - Fix CFI failure due to type punning To avoid a crash when control flow integrity is enabled, make the workspace "stream" free function use a consistent type, and call it through a function pointer that has that sa...
CVE-2025-39777
The CVE-2025-39777 entry concerns the Linux kernel crypto: acomp component, where a control flow integrity (CFI) failure was caused by type punning. The issue could lead to a crash when CFG is enabled. The documented fix uses a consistent type for the workspace free function and ensures it is inv...
CVE-2025-39777 crypto: acomp - Fix CFI failure due to type punning
In the Linux kernel, the following vulnerability has been resolved: crypto: acomp - Fix CFI failure due to type punning To avoid a crash when control flow integrity is enabled, make the workspace "stream" free function use a consistent type, and call it through a function pointer that has that sa...
CVE-2025-39777 crypto: acomp - Fix CFI failure due to type punning
In the Linux kernel, the following vulnerability has been resolved: crypto: acomp - Fix CFI failure due to type punning To avoid a crash when control flow integrity is enabled, make the workspace "stream" free function use a consistent type, and call it through a function pointer that has that sa...
PT-2025-37235
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains an issue related to control flow integrity CFI. A type punning issue within the acomp component could lead to a crash when CFI is enabled. The resolution...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an improper type conversion, which could lead to a control flow integrity failure...
Linux Distros Unpatched Vulnerability : CVE-2025-38033
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - x86/Kconfig: make CFIAUTODEFAULT depend on !RUST or Rust = 1.88 Calling core::fmt::write from rust code while FineIBT is enabled results in a kernel panic:...
CVE-2025-38033
In the Linux kernel, the following vulnerability has been resolved: x86/Kconfig: make CFIAUTODEFAULT depend on !RUST or Rust = 1.88 Calling core::fmt::write from rust code while FineIBT is enabled results in a kernel panic: 4614.199779 kernel BUG at arch/x86/kernel/cet.c:132! 4614.205343 Oops:...
SUSE CVE-2025-38033
In the Linux kernel, the following vulnerability has been resolved: x86/Kconfig: make CFIAUTODEFAULT depend on !RUST or Rust = 1.88 Calling core::fmt::write from rust code while FineIBT is enabled results in a kernel panic: 4614.199779 kernel BUG at arch/x86/kernel/cet.c:132! 4614.205343 Oops:...
UBUNTU-CVE-2025-38033
In the Linux kernel, the following vulnerability has been resolved: x86/Kconfig: make CFIAUTODEFAULT depend on !RUST or Rust = 1.88 Calling core::fmt::write from rust code while FineIBT is enabled results in a kernel panic: 4614.199779 kernel BUG at arch/x86/kernel/cet.c:132! 4614.205343 Oops:...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: x86/Kconfig: make CFIAUTODEFAULT dependent on !RUST or Rust = 1.88 Calling core::fmt::write from Rust code while FineIBT is enabled results in a kernel panic: 4614.199779 Kernel BUG at arch/x86/kernel/cet.c:132! 4614.205343...
CVE-2024-47813
Wasmtime is an open source runtime for WebAssembly. Under certain concurrent event orderings, a wasmtime::Engine's internal type registry was susceptible to double-unregistration bugs due to a race condition, leading to panics and potentially type registry corruption. That registry corruption...
The vulnerability of Xen hypervisors relates to the incorrect sequence of processor instructions, allowing attackers to gain unauthorized access to protected information.
The vulnerability of Xen hypervisors is related to an incorrect sequence of processor instructions, due to the absence of the ENDBR instruction and a prologue/eepilog for CFI schemes based on hash. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access ...
DEBIAN-CVE-2022-49709
In the Linux kernel, the following vulnerability has been resolved: cfi: Fix cfislowpathdiag RCU usage with cpuidle RCUNONIDLE usage during cfislowpathdiag can result in an invalid RCU state in the cpuidle code path: WARNING: CPU: 1 PID: 0 at kernel/rcu/tree.c:613 rcueqsenter+0xe4/0x138 ... Call...
UBUNTU-CVE-2022-49709
In the Linux kernel, the following vulnerability has been resolved: cfi: Fix cfislowpathdiag RCU usage with cpuidle RCUNONIDLE usage during cfislowpathdiag can result in an invalid RCU state in the cpuidle code path: WARNING: CPU: 1 PID: 0 at kernel/rcu/tree.c:613 rcueqsenter+0xe4/0x138 ... Call...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from CFI not properly handling RCU state in the cpuidle path...
kernel: net: ethernet: ti: Fix return type of netcp_ndo_start_xmit()
A type confusion flaw was found in the Linux kernel's Texas Instruments NETCP Ethernet driver in the packet transmit function signature. A local user can trigger this issue on systems with kernel Control Flow Integrity enabled, where the incorrect return type of the ndostartxmit function causes C...
CVE-2022-48994
In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: Fix function prototype mismatch in sndseqexpandvarevent With clang's kernel control flow integrity kCFI, CONFIGCFICLANG, indirect call targets are validated against the expected function pointer prototype to make sure...
CVE-2022-48994
In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: Fix function prototype mismatch in sndseqexpandvarevent With clang's kernel control flow integrity kCFI, CONFIGCFICLANG, indirect call targets are validated against the expected function pointer prototype to make sure...
DEBIAN-CVE-2022-48994
In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: Fix function prototype mismatch in sndseqexpandvarevent With clang's kernel control flow integrity kCFI, CONFIGCFICLANG, indirect call targets are validated against the expected function pointer prototype to make sure...