Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from f2fsmapblocks not triggering foreground GC in lfs mode, which could lead to space exhaustion...

Linux Distros Unpatched Vulnerability : CVE-2014-9529

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Race condition in the keygcunusedkeys function in security/keys/gc.c in the Linux kernel through 3.18.2 allows local users to cause a denial of service memory...

Linux Distros Unpatched Vulnerability : CVE-2015-7872

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The keygcunusedkeys function in security/keys/gc.c in the Linux kernel through 4.2.6 allows local users to cause a denial of service OOPS via crafted keyctl...

Linux Distros Unpatched Vulnerability : CVE-2024-3853

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free could result if a JavaScript realm was in the process of being initialized when a garbage collection started. This vulnerability affects Firefo...

Linux Distros Unpatched Vulnerability : CVE-2024-5688

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - If a garbage collection was triggered at the right time, a use-after-free could have occurred during object transplant. This vulnerability affects Firefox 127,...

Linux Distros Unpatched Vulnerability : CVE-2023-5171

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - During Ion compilation, a Garbage Collection could have resulted in a use-after-free condition, allowing an attacker to write two NUL bytes, and cause a...

Linux Distros Unpatched Vulnerability : CVE-2023-29544

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - If multiple instances of resource exhaustion occurred at the incorrect time, the garbage collector could have caused memory corruption and a potentially...

Linux Distros Unpatched Vulnerability : CVE-2024-36972

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: afunix: Update unixsksk-oobskb under skreceivequeue lock. Billy Jheng Bing-Jhong reported a...

Linux Distros Unpatched Vulnerability : CVE-2022-31146

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Wasmtime is a standalone runtime for WebAssembly. There is a bug in the Wasmtime's code generator, Cranelift, where functions using reference types may be...

Linux Distros Unpatched Vulnerability : CVE-2022-2602

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iouring UAF, Unix SCM garbage collection CVE-2022-2602 Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVEL 80900 C...

Security Bulletin: IBM® Db2® is affected by a vulnerability in protobuf-java (CVE-2022-3510, CVE-2022-3509, CVE-2022-3171).

Summary protobuf-java core and lite are vulnerable to a denial of service, caused by a flaw in the parsing procedure for binary and text format data. By sending non-repeated embedded messages with repeated or unknown fields, a remote authenticated attacker could exploit this vulnerability to caus...

OESA-2025-1813 python-pycares security update

pycares is a Python module which provides an interface to c-ares.c-ares is a C library that performs DNS requests and name resolutions asynchronously. Security Fixes: pycares is a Python module which provides an interface to c-ares. c-ares is a C library that performs DNS requests and name...

OESA-2025-1811 python-pycares security update

pycares is a Python module which provides an interface to c-ares.c-ares is a C library that performs DNS requests and name resolutions asynchronously. Security Fixes: pycares is a Python module which provides an interface to c-ares. c-ares is a C library that performs DNS requests and name...

PT-2025-29050

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.10.234-syzkaller Description: A flaw exists in the jffs2 file system within the Linux kernel where the result of jffs2 prealloc raw node refs was not adequately checked in several places. This could lead to a...

SUSE CVE-2025-38164

In the Linux kernel, the following vulnerability has been resolved: f2fs: zone: fix to avoid inconsistence in between SIT and SSA w/ below testcase, it will cause inconsistence in between SIT and SSA. createnullblk 512 2 1024 1024 mkfs.f2fs -m /dev/nullb0 mount /dev/nullb0 /mnt/f2fs/ touch...

DEBIAN-CVE-2025-38164

In the Linux kernel, the following vulnerability has been resolved: f2fs: zone: fix to avoid inconsistence in between SIT and SSA w/ below testcase, it will cause inconsistence in between SIT and SSA. createnullblk 512 2 1024 1024 mkfs.f2fs -m /dev/nullb0 mount /dev/nullb0 /mnt/f2fs/ touch...

UBUNTU-CVE-2025-38164

In the Linux kernel, the following vulnerability has been resolved: f2fs: zone: fix to avoid inconsistence in between SIT and SSA w/ below testcase, it will cause inconsistence in between SIT and SSA. createnullblk 512 2 1024 1024 mkfs.f2fs -m /dev/nullb0 mount /dev/nullb0 /mnt/f2fs/ touch...

DEBIAN-CVE-2025-48945

pycares is a Python module which provides an interface to c-ares. c-ares is a C library that performs DNS requests and name resolutions asynchronously. Prior to version 4.9.0, pycares is vulnerable to a use-after-free condition that occurs when a Channel object is garbage collected while DNS...

SUSE CVE-2022-50000

In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: fix stuck flows on cleanup due to pending work To clear the flow table on flow table free, the following sequence normally happens in order: 1 gcstep work is stopped to disable any further stats/del requests...

DEBIAN-CVE-2022-50000

In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: fix stuck flows on cleanup due to pending work To clear the flow table on flow table free, the following sequence normally happens in order: 1 gcstep work is stopped to disable any further stats/del requests...