UBUNTU-CVE-2025-68212

In the Linux kernel, the following vulnerability has been resolved: fs: Fix uninitialized 'offp' in statmountstring In statmountstring, most flags assign an output offset pointer offp which is later updated with the string offset. However, the STATMOUNTMNTUIDMAP and STATMOUNTMNTGIDMAP cases...

UBUNTU-CVE-2025-68187

In the Linux kernel, the following vulnerability has been resolved: net: mdio: Check regmap pointer returned by devicenodetoregmap The call to devicenodetoregmap in airohamdioprobe can return an ERRPTR if regmap initialization fails. Currently, the driver stores the pointer without validation,...

CVE-2025-68227 mptcp: Fix proto fallback detection with BPF

In the Linux kernel, the following vulnerability has been resolved: mptcp: Fix proto fallback detection with BPF The sockmap feature allows bpf syscall from userspace, or based on bpf sockops, replacing the skprot of sockets during protocol stack processing with sockmap's custom read/write...

CVE-2025-68212

The CVE-2025-68212 entry concerns a Linux kernel fix for an uninitialized offp in statmount_string(), where UIDMAP/GIDMAP handling originally assigned fields directly instead of using offp. The patch now assigns offp for UIDMAP and GIDMAP to prevent potential dereferences when *offp is updated, a...

CVE-2025-68212

In the Linux kernel, the following vulnerability has been resolved: fs: Fix uninitialized 'offp' in statmountstring In statmountstring, most flags assign an output offset pointer offp which is later updated with the string offset. However, the STATMOUNTMNTUIDMAP and STATMOUNTMNTGIDMAP cases...

CVE-2025-68212 fs: Fix uninitialized 'offp' in statmount_string()

In the Linux kernel, the following vulnerability has been resolved: fs: Fix uninitialized 'offp' in statmountstring In statmountstring, most flags assign an output offset pointer offp which is later updated with the string offset. However, the STATMOUNTMNTUIDMAP and STATMOUNTMNTGIDMAP cases...

CVE-2025-68187 net: mdio: Check regmap pointer returned by device_node_to_regmap()

In the Linux kernel, the following vulnerability has been resolved: net: mdio: Check regmap pointer returned by devicenodetoregmap The call to devicenodetoregmap in airohamdioprobe can return an ERRPTR if regmap initialization fails. Currently, the driver stores the pointer without validation,...

CVE-2025-40356

In the Linux kernel, CVE-2025-40356 relates to the rockchip-sfc SPI driver. The vulnerability was addressed by replacing a DMA-API usage pattern that retrieved DMA addresses via virt_to_phys() with a proper dma_map_single() call, preventing the driver from syncing DMA memory it did not allocate. ...

CVE-2025-40356 spi: rockchip-sfc: Fix DMA-API usage

In the Linux kernel, the following vulnerability has been resolved: spi: rockchip-sfc: Fix DMA-API usage Use DMA-API dmamapsingle call for getting the DMA address of the transfer buffer instead of hacking with virttophys. This fixes the following DMA-API debug warning: ------------ cut here...

SUSE-SU-2025:4412-1 Security update for poppler

This update for poppler fixes the following issues: - CVE-2025-11896: Fixed infinite recursion leading to stack overflow due to object loop in PDF CMap bsc1252337...

ALSA-2025:23325 Moderate: podman security update

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 For...

PT-2025-51665

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the fastrpc map lookup function. The function acquires a reference to a dma buf object using dma buf get for comparison, but this reference is not released,...

PT-2025-51776

@vitejs/plugin-rs provides React Server Components RSC support for Vite. Prior to version 0.5.8, the / vite rsc findSourceMapURL endpoint in @vitejs/plugin-rsc allows unauthenticated arbitrary file read during development mode. An attacker can read any file accessible to the Node.js process by...

Moderate: podman security update

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 For...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a lack of boundary checking for map-maxosd, which could lead to out-of-bounds access...

Vite Plugin React 安全漏洞

Vite Plugin React is an open source plugin for Vite. A security vulnerability exists in Vite Plugin React versions prior to 0.5.8 that stems from an arbitrary file read vulnerability in the /viterscfindSourceMapURL endpoint...

PT-2025-51689

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.14.0-rc2-build2+ 1266 Description The Linux kernel contains a flaw in libceph related to a potential use-after-free condition within the have mon and osd map function. The issue arises from a race condition in...

PT-2025-51640

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s MPTCP implementation related to protocol fallback detection with BPF. The issue arises when a server has MPTCP enabled, but a client sends a TCP SYN...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from a dmabuf object leak in the fastrpcmaplookup function in fastrpc...

Linux Distros Unpatched Vulnerability : CVE-2025-68283

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libceph: replace BUGON with bounds check for map-maxosd OSD indexes come from untrusted network packets. Boundary checks are added to validate these against...