CVE-2022-49197

CVE-2022-49197 affects the Linux kernel’s netlink af_netlink path. When netlink messages are received, netlink_recvmsg() fills sender info including a 32-bit nl_groups bitfield that indicates multicast group membership. The issue is a shift-out-of-bounds in computing the group mask for high-numbe...

CVE-2022-49197 af_netlink: Fix shift out of bounds in group mask calculation

In the Linux kernel, the following vulnerability has been resolved: afnetlink: Fix shift out of bounds in group mask calculation When a netlink message is received, netlinkrecvmsg fills in the address of the sender. One of the fields is the 32-bit bitfield nlgroups, which carries the multicast...

CVE-2022-49099

CVE-2022-49099 : Linux kernel vulnerability in hv_vmbus/vmbus driver stack. The issue arises during device object initialization in vmbus_device_register(), where dma_mask, dma_parms, and dma_mask must be set before device_register() is called. The fixed trace relates to netvsc/vmbus probe paths ...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an out-of-bounds shift in the group mask calculation...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the dmamask and dmaparms of the device object in the vmbusdeviceregister function not being properly...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the arm64 topology initialization not setting smtmask correctly before notifying the CPU to boot, which coul...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a resource consumption due to a dmasetmask failure not handled correctly in the cx23885initdev function...

X.Org和Xwayland 资源管理错误漏洞

X.Org is an open source free software from the X.Org Foundation.Xwayland is an open source communication protocol from Xwayland that specifies how a display server communicates with its clients. A resource management error vulnerability exists in X.Org and Xwayland that stems from evaluating chan...

Zoom Jenkins Marketplace plugin information disclosure vulnerability

Zoom Jenkins Marketplace plugin is a plugin from Zoom USA. The Zoom Jenkins Marketplace plugin suffers from an information disclosure vulnerability that stems from a missing password field mask. An attacker can exploit this vulnerability to disclose sensitive information...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Fixed encoder-possibleclones. The encoder itself should now be included in its possibleclones bitmask. Previously, it was not verified whether drivers were correctly populating possibleclones. This has been changed in...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Update log-pagemask,bits if log-pagesize changes. If an NTFS file system is mounted to another system with a different PAGESIZE compared to the original system, log-pagesize will change during logreplay, but...

Astra Linux – Vulnerability in gst-plugins-base1.0

GStreamer is a library for constructing graphs of media-handling components. A OOB-read vulnerability has been detected in the formatchannelmask function in gst-discoverer.c. The vulnerability affects the local array position, which is defined with a fixed size of 64 elements. However, the functi...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: cpufreq: CPPC: Fixed a possible nullptrderef issue in cppcgetcpucost. cpufreqcpugetraw may return NULL if the CPU is not included in policy-cpus cpu mask, which could lead to a null pointer dereference. Therefore, check for NULL ...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: FireWire: OHCI: Masking of bus reset interrupts between ISR and the bottom half In the FireWire OHCI interrupt handler, if a bus reset interrupt occurs, the bus reset interrupts are masked until busresetwork processes and clears...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: mlxsw: spectrumaclerp: Fixed object nesting warnings ACLs in Spectrum-2 and newer ASICs can reside in the algorithmic TCAM A-TCAM or in the ordinary circuit TCAM C-TCAM. The former can contain more ACLs i.e., tc filters, but t...

Zoom Jenkins Marketplace plugin 安全漏洞

Zoom Jenkins Marketplace plugin is a plugin from Zoom USA. The Zoom Jenkins Marketplace plugin suffers from an information disclosure vulnerability that stems from a missing password field mask. An attacker can exploit this vulnerability to disclose sensitive information...

The vulnerability of the mask_cidr6() function in the tcprewrite tool for editing and replaying PCAP files allows a attacker to cause a service failure.

The vulnerability of the maskcidr6 function in the tcprewrite tool for editing and replaying PCAP files is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause service interruptions remotely...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: IORINGOPREAD did not correctly consume the provided buffer list when CVE-2023-52926 In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fixed overflow check in mienumattr CVE-2024-27407 I...

PT-2025-3639 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.12.0-rc6-06316-g7f63786ad3d1-dirty Description: The issue is related to a NULL pointer dereference in the tcpci irq function when handling shared interrupts. This can occur when two Type-C ports share an...

SUSE CVE-2024-56656

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix aggregation ID mask to prevent oops on 5760X chips The 5760X P7 chip's HW GRO/LRO interface is very similar to that of the previous generation 5750X or P5. However, the aggregation ID fields in the completion structur...