9106 matches found
AZL-59943 CVE-2025-21920 affecting package kernel for versions less than 6.6.85.1-2
In the Linux kernel, the following vulnerability has been resolved: vlan: enforce underlying device type Currently, VLAN devices can be created on top of non-ethernet devices. Besides the fact that it doesn't make much sense, this also causes a bug which leaks the address of a kernel function to...
AZL-59976 CVE-2025-21920 affecting package kernel for versions less than 5.15.180.1-1
In the Linux kernel, the following vulnerability has been resolved: vlan: enforce underlying device type Currently, VLAN devices can be created on top of non-ethernet devices. Besides the fact that it doesn't make much sense, this also causes a bug which leaks the address of a kernel function to...
UBUNTU-CVE-2025-21924
In the Linux kernel, the following vulnerability has been resolved: net: hns3: make sure ptp clock is unregister and freed if hclgeptpgetcycle returns an error During the initialization of ptp, hclgeptpgetcycle might return an error and returned directly without unregister clock and free it. To...
UBUNTU-CVE-2025-21959
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconncount: Fully initialize struct nfconncounttuple in inserttree Since commit b36e4523d4d5 "netfilter: nfconncount: fix garbage collection confirm race", cpu and jiffies32 were introduced to the struct...
CVE-2025-21980 sched: address a potential NULL pointer dereference in the GRED scheduler.
In the Linux kernel, the following vulnerability has been resolved: sched: address a potential NULL pointer dereference in the GRED scheduler. If kzalloc in gredinit returns a NULL pointer, the code follows the error handling path, invoking greddestroy. This, in turn, calls gredoffload, where...
CVE-2025-21959
CVE-2025-21959 affects the Linux kernel netfilter nf_conncount code. The issue arises from not initializing fields cpu and jiffies32 in struct nf_conncount_tuple during insertion (insert_tree()), after prior fixes added cpu/jiffies32 in nf_conncount_add() but count_tree() path remained uninitiali...
CVE-2025-21959 netfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert_tree()
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconncount: Fully initialize struct nfconncounttuple in inserttree Since commit b36e4523d4d5 "netfilter: nfconncount: fix garbage collection confirm race", cpu and jiffies32 were introduced to the struct...
CVE-2025-21959
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconncount: Fully initialize struct nfconncounttuple in inserttree Since commit b36e4523d4d5 "netfilter: nfconncount: fix garbage collection confirm race", cpu and jiffies32 were introduced to the struct...
CVE-2025-21959 netfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert_tree()
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconncount: Fully initialize struct nfconncounttuple in inserttree Since commit b36e4523d4d5 "netfilter: nfconncount: fix garbage collection confirm race", cpu and jiffies32 were introduced to the struct...
CVE-2025-21924
The CVE affects the Linux kernel net/ hns3/ hclge_ptp code path. During ptp initialization, if hclge_ptp_get_cycle returns an error, the clock could remain unregistered and not freed. The fix adds a call to hclge_ptp_destroy_clock to unregister and free the clock when ptp_cycle acquisition fails,...
CVE-2025-21920
CVE-2025-21920 (Linux kernel VLAN subtype): The issue occurs when creating VLAN devices on non-Ethernet underlying devices, which can trigger an out-of-bounds read by dev_mc_add due to __dev_mc_add using dev->addr_len as the multicast length. The underlying cause is not enforcing the underlyin...
The vulnerability of the manaDestroyTxq() function in the Linux kernel driver allows a hacker to induce a service failure.
The vulnerability of the manaDestroyTxq function in the Linux kernel driver is related to incorrect initialization of resources. Exploiting this vulnerability can allow an attacker to cause a service failure...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from pmcmdioctl not fully initializing structures potentially leading to information disclosure...
CVE-2025-24235
A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. A remote attacker may be able to cause unexpected app termination or heap corruption...
CVE-2025-24235
A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A remote attacker may be able to cause unexpected app termination or heap corruption...
CVE-2025-24235
A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A remote attacker may be able to cause unexpected app termination or heap corruption...
PT-2025-13917 · Apple · Apple Macos
Name of the Vulnerable Software and Affected Versions: macOS versions prior to 13.7.5 macOS versions prior to 14.7.5 macOS versions prior to 15.4 Description: A memory initialization issue was addressed with improved memory handling. A remote attacker may be able to cause unexpected app terminati...
Apple macOS 安全漏洞
Apple macOS is a suite of specialized operating systems developed for Mac computers by Apple Inc. in the United States. A security vulnerability exists in Apple macOS Sequoia, which stems from a memory initialization issue that could result in application termination or heap corruption...
CVE-2023-53009
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Add sync after creating vram bo There will be data corruption on vram allocated by svm if the initialization is not complete and application is writting on the memory. Adding sync to wait for the initialization...
SUSE CVE-2022-49742
In the Linux kernel, the following vulnerability has been resolved: f2fs: initialize locks earlier in f2fsfillsuper syzbot is reporting lockdep warning at f2fshandleerror 1, for spinlock&sbi-errorlock is called before spinlockinit is called. For safe locking in error handling, move initialization...