CVE-2022-50167 bpf: fix potential 32-bit overflow when accessing ARRAY map element

In the Linux kernel, the following vulnerability has been resolved: bpf: fix potential 32-bit overflow when accessing ARRAY map element If BPF array map is bigger than 4GB, element pointer calculation can overflow because both index and elemsize are u32. Fix this everywhere by forcing 64-bit...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from ext4 triggering a warning when bmap and write compete...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from bootmem not removing the vmemmap page from kmemleak, which could cause memory leak detection to stop...

PT-2025-26093

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A potential 32-bit overflow issue has been identified in the Linux kernel when accessing BPF array map elements. This occurs when the BPF array map exceeds 4GB, causing the element point...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: For the clk subsystem, in the qcom module’s dispcc-sm6350 function, the parentmap property was added for clocks where it is missing. If a clkrcg2 has a parent, it should also have the parentmap property defined. Otherwise, a NULL...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: bpf: Fixed a soft lockup issue in arenamapfree on 64k page kernels. In an aarch64 kernel with CONFIGPAGESIZE64KB=y, the arenahtab test causes a segmentation fault and a soft lockup. This same issue is not observed when using 4k...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: bpf: Fixed the kmemleak warning related to percpu hashmap Vlad Poenaru reported the following kmemleak issue: - Unreferenced object 0x606fd7c44ac8 size 32: Backtrace crc 0: pcupallocnoprof+0x730/0xeb0 bpfmapallocpercpu+0x69/0xc0...

PT-2025-49373

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s handling of page faults within secret memory files created using memfd secret2. Concurrent page faults in the same page by multiple tasks can lead to ...

kernel: tracing: Ensure visibility when inserting an element into tracing_map

In the Linux kernel, the following vulnerability has been resolved: tracing: Ensure visibility when inserting an element into tracingmap The Linux kernel CVE team has assigned CVE-2024-26645 to this issue. Upstream advisory:...

CVE-2025-30145 GeoServer has an Infinite Loop Vulnerability in Jiffle process

GeoServer is an open source server that allows users to share and edit geospatial data. Malicious Jiffle scripts can be executed by GeoServer, either as a rendering transformation in WMS dynamic styles or as a WPS process, that can enter an infinite loop to trigger denial of service. This...

Security update for go1.24

This update for go1.24 fixes the following issues: go1.24.4 released 2025-06-05 includes security fixes to the crypto/x509, net/http, and os packages, as well as bug fixes to the linker, the go command, and the hash/maphash and os packages. bsc1236217 go1.24 release tracking CVE-2025-22874...

CVE-2025-49445

Cross-Site Request Forgery CSRF vulnerability in WP Map Plugins Interactive UK Regional Map interactive-uk-regional-map allows Cross Site Request Forgery.This issue affects Interactive UK Regional Map: from n/a through = 2.0...

CVE-2025-49449

Cross-Site Request Forgery CSRF vulnerability in WP Map Plugins Interactive Regional Map of Africa interactive-map-of-africa allows Cross Site Request Forgery.This issue affects Interactive Regional Map of Africa: from n/a through = 1.0...

CVE-2025-49441

Missing Authorization vulnerability in WP Map Plugins Interactive Regional Map of Florida interactive-map-of-florida allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Interactive Regional Map of Florida: from n/a through = 1.0...

CVE-2025-27334

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ángel C. Simple Google Static Map simple-google-static-map allows DOM-Based XSS.This issue affects Simple Google Static Map: from n/a through = 1.0.1...

CVE-2025-49449

Cross-Site Request Forgery CSRF vulnerability in WP Map Plugins Interactive Regional Map of Africa interactive-map-of-africa allows Cross Site Request Forgery.This issue affects Interactive Regional Map of Africa: from n/a through = 1.0...

CVE-2025-49445

Cross-Site Request Forgery CSRF vulnerability in WP Map Plugins Interactive UK Regional Map interactive-uk-regional-map allows Cross Site Request Forgery.This issue affects Interactive UK Regional Map: from n/a through = 2.0...

CVE-2025-49441

Missing Authorization vulnerability in WP Map Plugins Interactive Regional Map of Florida interactive-map-of-florida allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Interactive Regional Map of Florida: from n/a through = 1.0...

CVE-2025-27334

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ángel C. Simple Google Static Map simple-google-static-map allows DOM-Based XSS.This issue affects Simple Google Static Map: from n/a through = 1.0.1...

CVE-2025-49441

CVE-2025-49441 refers to a Missing Authorization vulnerability in the WordPress plugin “Interactive Regional Map of Florida.” The connected documents confirm: affected software is Interactive Regional Map of Florida (plugin), with version range up to 1.0; the issue is an access-control/configurat...