4211 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-40203
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - listmount: don't call pathput under namespace semaphore Massage listmount and make sure we don't call pathput under the namespace semaphore. If we put the last...
DEBIAN-CVE-2025-40203
In the Linux kernel, the following vulnerability has been resolved: listmount: don't call pathput under namespace semaphore Massage listmount and make sure we don't call pathput under the namespace semaphore. If we put the last reference we're fscked...
CVE-2025-40203
In the Linux kernel, the following vulnerability has been resolved: listmount: don't call pathput under namespace semaphore Massage listmount and make sure we don't call pathput under the namespace semaphore. If we put the last reference we're fscked...
AZL-70076 CVE-2025-40195 affecting package kernel for versions less than 6.6.117.1-1
In the Linux kernel, the following vulnerability has been resolved: mount: handle NULL values in mntnsrelease When calling in listmount mntnsrelease may be passed a NULL pointer. Handle that case gracefully...
DEBIAN-CVE-2025-40178
In the Linux kernel, the following vulnerability has been resolved: pid: Add a judgment for ns null in pidnrns taskpidnrns ns = taskactivepidnscurrent; pidnrnsrcudereferencetaskpidptrtask, type, ns; if pid && ns-level level Sometimes null is returned for taskactivepidns. Then it will trigger kern...
AZL-70085 CVE-2025-40178 affecting package kernel for versions less than 6.6.117.1-1
In the Linux kernel, the following vulnerability has been resolved: pid: Add a judgment for ns null in pidnrns taskpidnrns ns = taskactivepidnscurrent; pidnrnsrcudereferencetaskpidptrtask, type, ns; if pid && ns-level level Sometimes null is returned for taskactivepidns. Then it will trigger kern...
CVE-2025-40178
In the Linux kernel, the following vulnerability has been resolved: pid: Add a judgment for ns null in pidnrns taskpidnrns ns = taskactivepidnscurrent; pidnrnsrcudereferencetaskpidptrtask, type, ns; if pid && ns-level level Sometimes null is returned for taskactivepidns. Then it will trigger kern...
UBUNTU-CVE-2025-40178
In the Linux kernel, the following vulnerability has been resolved: pid: Add a judgment for ns null in pidnrns taskpidnrns ns = taskactivepidnscurrent; pidnrnsrcudereferencetaskpidptrtask, type, ns; if pid && ns-level level Sometimes null is returned for taskactivepidns. Then it will trigger kern...
UBUNTU-CVE-2025-40203
In the Linux kernel, the following vulnerability has been resolved: listmount: don't call pathput under namespace semaphore Massage listmount and make sure we don't call pathput under the namespace semaphore. If we put the last reference we're fscked...
CVE-2025-40203 listmount: don't call path_put() under namespace semaphore
In the Linux kernel, the following vulnerability has been resolved: listmount: don't call pathput under namespace semaphore Massage listmount and make sure we don't call pathput under the namespace semaphore. If we put the last reference we're fscked...
CVE-2025-40203 listmount: don't call path_put() under namespace semaphore
In the Linux kernel, the following vulnerability has been resolved: listmount: don't call pathput under namespace semaphore Massage listmount and make sure we don't call pathput under the namespace semaphore. If we put the last reference we're fscked...
CVE-2025-40203
In the Linux kernel, the following vulnerability has been resolved: listmount: don't call pathput under namespace semaphore Massage listmount and make sure we don't call pathput under the namespace semaphore. If we put the last reference we're fscked...
CVE-2025-40203
CVE-2025-40203 pertains to the Linux kernel: listmount code may call path_put() under the namespace semaphore, potentially leaving the reference count in an unsafe state. The fixes are described as ensuring that path_put() is not invoked while holding the namespace semaphore to avoid a risk where...
CVE-2025-40195
CVE-2025-40195 is a Linux kernel vulnerability where, in listmount(), a NULL pointer could be passed to mnt_ns_release(). The fix ensures mnt_ns_release() handles NULL values gracefully, preventing potential crashes or undefined behavior. Connected advisories confirm the issue and provide remedia...
CVE-2025-40195
In the Linux kernel, the following vulnerability has been resolved: mount: handle NULL values in mntnsrelease When calling in listmount mntnsrelease may be passed a NULL pointer. Handle that case gracefully...
CVE-2025-40178 pid: Add a judgment for ns null in pid_nr_ns
In the Linux kernel, the following vulnerability has been resolved: pid: Add a judgment for ns null in pidnrns taskpidnrns ns = taskactivepidnscurrent; pidnrnsrcudereferencetaskpidptrtask, type, ns; if pid && ns-level level Sometimes null is returned for taskactivepidns. Then it will trigger kern...
CVE-2025-40178
In the Linux kernel, the following vulnerability has been resolved: pid: Add a judgment for ns null in pidnrns taskpidnrns ns = taskactivepidnscurrent; pidnrnsrcudereferencetaskpidptrtask, type, ns; if pid && ns-level level Sometimes null is returned for taskactivepidns. Then it will trigger kern...
CVE-2025-40178 pid: Add a judgment for ns null in pid_nr_ns
In the Linux kernel, the following vulnerability has been resolved: pid: Add a judgment for ns null in pidnrns taskpidnrns ns = taskactivepidnscurrent; pidnrnsrcudereferencetaskpidptrtask, type, ns; if pid && ns-level level Sometimes null is returned for taskactivepidns. Then it will trigger kern...
CVE-2025-40178
CVE-2025-40178 affects the Linux kernel. The issue arises when task_active_pid_ns(current) returns NULL, causing a NULL pointer dereference in pid_nr_ns and triggering a kernel panic. The description states the fix as adding a judgment for a null ns in pid_nr_ns, addressing the NULL-pointer path ...
Observability Operator is vulnerable to Incorrect Privilege Assignment through its Custom Resource MonitorStack
A flaw was found in the Observability Operator. The Operator creates a ServiceAccount with ClusterRole upon deployment of the Namespace-Scoped Custom Resource MonitorStack. This issue allows an adversarial Kubernetes Account with only namespaced-level roles, for example, a tenant controlling a...