248 matches found
CVE-2025-40126 sparc: fix accurate exception reporting in copy_{from_to}_user for UltraSPARC
In the Linux kernel, the following vulnerability has been resolved: sparc: fix accurate exception reporting in copyfromtouser for UltraSPARC The referenced commit introduced exception handlers on user-space memory references in copyfromuser and copytouser. These handlers return from the respectiv...
CVE-2025-40126
CVE-2025-40126 affects the Linux kernel (sparc/UltraSPARC) where a faulty exception handling path in copy_from_user and copy_to_user could affect the return value in faulting scenarios. The referenced commit added exception handlers for user-space memory references and incorrectly calculated the ...
CVE-2025-40126 sparc: fix accurate exception reporting in copy_{from_to}_user for UltraSPARC
In the Linux kernel, the following vulnerability has been resolved: sparc: fix accurate exception reporting in copyfromtouser for UltraSPARC The referenced commit introduced exception handlers on user-space memory references in copyfromuser and copytouser. These handlers return from the respectiv...
CVE-2025-40124 sparc: fix accurate exception reporting in copy_{from_to}_user for UltraSPARC III
In the Linux kernel, the following vulnerability has been resolved: sparc: fix accurate exception reporting in copyfromtouser for UltraSPARC III Anthony Yznaga tracked down that a BUGON in ext4 code with large folios enabled resulted from copyfromuser returning impossibly large values greater tha...
CVE-2025-40124 sparc: fix accurate exception reporting in copy_{from_to}_user for UltraSPARC III
In the Linux kernel, the following vulnerability has been resolved: sparc: fix accurate exception reporting in copyfromtouser for UltraSPARC III Anthony Yznaga tracked down that a BUGON in ext4 code with large folios enabled resulted from copyfromuser returning impossibly large values greater tha...
CVE-2025-40112
In Linux kernel (SPARC Niagara), CVE-2025-40112 is addressed by fixing the exception handling for user-space memory references in copy_from_user and copy_to_user. The referenced commits correct calculations and an epilogue in the user fault path, ensuring accurate remaining-byte accounting and pr...
CVE-2025-40112
In the Linux kernel, the following vulnerability has been resolved: sparc: fix accurate exception reporting in copyfromtouser for Niagara The referenced commit introduced exception handlers on user-space memory references in copyfromuser and copytouser. These handlers return from the respective...
CVE-2025-40112 sparc: fix accurate exception reporting in copy_{from_to}_user for Niagara
In the Linux kernel, the following vulnerability has been resolved: sparc: fix accurate exception reporting in copyfromtouser for Niagara The referenced commit introduced exception handlers on user-space memory references in copyfromuser and copytouser. These handlers return from the respective...
CVE-2025-40112 sparc: fix accurate exception reporting in copy_{from_to}_user for Niagara
In the Linux kernel, the following vulnerability has been resolved: sparc: fix accurate exception reporting in copyfromtouser for Niagara The referenced commit introduced exception handlers on user-space memory references in copyfromuser and copytouser. These handlers return from the respective...
PT-2025-46588
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue was identified in the Linux kernel related to exception handling within the copy from user and copy to user functions on the Niagara architecture. The problem stemmed from...
Linux Distros Unpatched Vulnerability : CVE-2025-40126
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sparc: fix accurate exception reporting in copyfromtouser for UltraSPARC The referenced commit introduced exception handlers on user-space memory references in...
Linux Distros Unpatched Vulnerability : CVE-2025-40112
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sparc: fix accurate exception reporting in copyfromtouser for Niagara The referenced commit introduced exception handlers on user-space memory references in...
CVE-2025-62520
Mantis Bug Tracker MantisBT is an open source issue tracker. In versions 2.27.1 and below, due to insufficient access-level checks, any non-admin user with access to manageconfigcolumnspage.php can use the Copy From action to retrieve the columns configuration from a private project they have no...
MantisBT < 2.27.2 Unauthorized Disclosure (GHSA-g582-8vwr-68h2)
The version of MantisBT installed on the remote host is prior to 2.27.2. It is, therefore, affected by a vulnerability as referenced in the GHSA-g582-8vwr-68h2 advisory. - Due to insufficient access-level checks, any non-admin user having access to manageconfigcolumnspage typically project manage...
CVE-2025-62520
CVE-2025-62520 concerns MantisBT prior to 2.27.2. The issue arises from insufficient access checks in manage_config_columns_page.php, allowing any non-admin user with access to that page to use Copy From to retrieve the columns configuration from a private project they should not access. Affected...
Improper Authorization
Overview mantisbt/mantisbt is a mantis bug tracker. Affected versions of this package are vulnerable to Improper Authorization due to insufficient access-level checks in the manageconfigcolumnspage.php. An attacker can retrieve configuration details from private projects by using the 'Copy From'...
MantisBT unauthorized disclosure of private project column configuration
Impact Due to insufficient access-level checks, any non-admin user having access to manageconfigcolumnspage.php typically project managers having MANAGER role can use the Copy From action to retrieve the columns configuration from a private project they have no access to. Access to the reverse...
GHSA-G582-8VWR-68H2 MantisBT unauthorized disclosure of private project column configuration
Impact Due to insufficient access-level checks, any non-admin user having access to manageconfigcolumnspage.php typically project managers having MANAGER role can use the Copy From action to retrieve the columns configuration from a private project they have no access to. Access to the reverse...
PT-2025-44805
Name of the Vulnerable Software and Affected Versions MantisBT versions 2.27.1 and below Description Mantis Bug Tracker MantisBT is an open source issue tracker. Insufficient access-level checks allow a non-admin user with access to the manage config columns page.php page to retrieve the columns...
SUSE CVE-2025-40051
In the Linux kernel, the following vulnerability has been resolved: vhost: vringh: Modify the return value check The return value of copyfromiter and copytoiter can't be negative, check whether the copied lengths are equal...