CVE-2025-40087

CVE-2025-40087 affects the Linux kernel NFSD. The issue is a missing proc_layoutcommit for the FlexFiles layout type, which could crash a pNFS client sending LAYOUTCOMMIT. The fix is to define a proc_layoutcommit for FlexFiles to prevent the crash. EulerOS and Oracle Linux advisories list this CV...

CVE-2025-40087 NFSD: Define a proc_layoutcommit for the FlexFiles layout type

In the Linux kernel, the following vulnerability has been resolved: NFSD: Define a proclayoutcommit for the FlexFiles layout type Avoid a crash if a pNFS client should happen to send a LAYOUTCOMMIT operation on a FlexFiles layout...

CVE-2025-40087

In the Linux kernel, the following vulnerability has been resolved: NFSD: Define a proclayoutcommit for the FlexFiles layout type Avoid a crash if a pNFS client should happen to send a LAYOUTCOMMIT operation on a FlexFiles layout...

CVE-2025-40087 NFSD: Define a proc_layoutcommit for the FlexFiles layout type

In the Linux kernel, the following vulnerability has been resolved: NFSD: Define a proclayoutcommit for the FlexFiles layout type Avoid a crash if a pNFS client should happen to send a LAYOUTCOMMIT operation on a FlexFiles layout...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a proclayoutcommit with an undefined FlexFiles layout type, which could lead to a crash...

OPENSUSE-SU-2025:20021-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: Changes in MozillaThunderbird: Mozilla Thunderbird 140.3.0 ESR: Right-clicking 'List-ID' - 'Unsubscribe' created double encoded draft subject Thunderbird could crash on startup Thunderbird could crash when importing mail Opening Websi...

SUSE CVE-2025-40063

In the Linux kernel, the following vulnerability has been resolved: crypto: comp - Use same definition of context alloc and free ops In commit 42d9f6c77479 "crypto: acomp - Move scomp stream allocation code into acomp", the cryptoacompstreams struct was made to rely on having the allocctx and...

CVE-2025-40063

In the Linux kernel, the following vulnerability has been resolved: crypto: comp - Use same definition of context alloc and free ops In commit 42d9f6c77479 "crypto: acomp - Move scomp stream allocation code into acomp", the cryptoacompstreams struct was made to rely on having the allocctx and...

UBUNTU-CVE-2025-40063

In the Linux kernel, the following vulnerability has been resolved: crypto: comp - Use same definition of context alloc and free ops In commit 42d9f6c77479 "crypto: acomp - Move scomp stream allocation code into acomp", the cryptoacompstreams struct was made to rely on having the allocctx and...

CVE-2025-40063

In CVE-2025-40063, the Linux kernel fixed a cryptographic component mismatch: crypto_acomp_streams and scomp_alg relied on alloc_ctx/free_ctx in the same order, but structure layout randomization could desynchronize their definitions. The fix removes a union from scomp_alg so both structures shar...

EUVD-2025-36465

In the Linux kernel, the following vulnerability has been resolved: crypto: comp - Use same definition of context alloc and free ops In commit 42d9f6c77479 "crypto: acomp - Move scomp stream allocation code into acomp", the cryptoacompstreams struct was made to rely on having the allocctx and...

CVE-2025-40063 crypto: comp - Use same definition of context alloc and free ops

In the Linux kernel, the following vulnerability has been resolved: crypto: comp - Use same definition of context alloc and free ops In commit 42d9f6c77479 "crypto: acomp - Move scomp stream allocation code into acomp", the cryptoacompstreams struct was made to rely on having the allocctx and...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from inconsistent definitions of the allocctx and freectx operations, which could lead to problems with...

Open Redirect

Overview com.liferay:com.liferay.layout.admin.web is a portal for Liferay. Affected versions of this package are vulnerable to Open Redirect via the comliferaylayoutadminwebportletGroupPagesPortletredirect parameter in the EditLayoutMVCActionCommand class. Remediation Upgrade...

EUVD-2022-54559

In the Linux kernel, the following vulnerability has been resolved: dm raid: fix accesses beyond end of raid member array On dm-raid table load using raidctr, dm-raid allocates an array rs-devsrs-raiddisks for the raid device members. rs-raiddisks is defined by the number of raid metadata and ima...

Malicious code in cms-layout-server (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-48827 Malicious code in cms-layout-server (npm)

--- -= Per source details. Do not edit below this line.=-...

EUVD-2025-33732

Malicious code in vite-plugin-vue-layout npm...

Malicious Package

Overview vite-plugin-vue-layout is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packag...

Malicious code in vite-plugin-vue-layout (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8dd0f0114d51acfaea5223d47aca72111de403cf5dbeb2fbff4b38345041765b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...