CVE-2022-34802

Jenkins RocketChat Notifier Plugin 1.5.2 and earlier stores the login password and webhook token unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system...

CVE-2022-28138

A cross-site request forgery CSRF vulnerability in Jenkins RocketChat Notifier Plugin 1.4.10 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credential...

CVE-2022-28139

A missing permission check in Jenkins RocketChat Notifier Plugin 1.4.10 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials...

CVE-2021-21634

Jenkins Jabber XMPP notifier and control Plugin 1.41 and earlier stores passwords unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system...

CVE-2020-6974

Honeywell Notifier Web Server NWS Version 3.50 is vulnerable to a path traversal attack, which allows an attacker to bypass access to restricted directories. Honeywell has released a firmware update to address the problem...

CVE-2020-6972

In Notifier Web Server NWS Version 3.50 and earlier, the Honeywell Fire Web Server’s authentication may be bypassed by a capture-replay attack from a web browser...

kernel: RDMA/mlx5: Move events notifier registration to be after device registration

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Move events notifier registration to be after device registration Move pkey change work initialization and cleanup from device resources stage to notifier stage, since this is the stage which handles this work events...

SUSE CVE-2022-49882

In the Linux kernel, the following vulnerability has been resolved: KVM: Reject attempts to consume or refresh inactive gfntopfncache Reject kvmgpccheck and kvmgpcrefresh if the cache is inactive. Not checking the active flag during refresh is particularly egregious, as KVM can end up with a vali...

SUSE CVE-2025-37868

In the Linux kernel, the following vulnerability has been resolved: drm/xe/userptr: fix notifier vs folio deadlock User is reporting what smells like notifier vs folio deadlock, where migratepagesbatch on core kernel side is holding folio locks and then interacting with the mappings of it, howeve...

DEBIAN-CVE-2025-37868

In the Linux kernel, the following vulnerability has been resolved: drm/xe/userptr: fix notifier vs folio deadlock User is reporting what smells like notifier vs folio deadlock, where migratepagesbatch on core kernel side is holding folio locks and then interacting with the mappings of it, howeve...

CVE-2025-37868

In the Linux kernel, the following vulnerability has been resolved: drm/xe/userptr: fix notifier vs folio deadlock User is reporting what smells like notifier vs folio deadlock, where migratepagesbatch on core kernel side is holding folio locks and then interacting with the mappings of it, howeve...

UBUNTU-CVE-2025-37868

In the Linux kernel, the following vulnerability has been resolved: drm/xe/userptr: fix notifier vs folio deadlock User is reporting what smells like notifier vs folio deadlock, where migratepagesbatch on core kernel side is holding folio locks and then interacting with the mappings of it, howeve...

CVE-2025-37868 drm/xe/userptr: fix notifier vs folio deadlock

In the Linux kernel, the following vulnerability has been resolved: drm/xe/userptr: fix notifier vs folio deadlock User is reporting what smells like notifier vs folio deadlock, where migratepagesbatch on core kernel side is holding folio locks and then interacting with the mappings of it, howeve...

CVE-2025-37868 drm/xe/userptr: fix notifier vs folio deadlock

In the Linux kernel, the following vulnerability has been resolved: drm/xe/userptr: fix notifier vs folio deadlock User is reporting what smells like notifier vs folio deadlock, where migratepagesbatch on core kernel side is holding folio locks and then interacting with the mappings of it, howeve...

CVE-2025-37868

Technical details beyond the initial Linux kernel description are not provided in the connected documents. Monitor for updates; this entry notes a fix for notifier vs folio deadlock in drm/xe/userptr in the Linux kernel, cherry-picked from a commit.

SUSE CVE-2022-49919

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: release flow rule object from commit path No need to postpone this to the commit release path, since no packets are walking over this object, this is accessed from control plane only. This helped uncovered UA...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which stems from a deadlock risk in the drm/xe userptr notifier and folio locks, which could cause the system to hang...

PT-2025-20518 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A deadlock issue has been identified in the Linux kernel, specifically in the drm/xe/userptr component. The issue occurs when the migrate pages batch function holds folio locks and...

CVE-2023-53138

In the Linux kernel, the following vulnerability has been resolved: net: caif: Fix use-after-free in cfusbldevicenotify syzbot reported use-after-free in cfusbldevicenotify 1. This causes a stack trace like below: BUG: KASAN: use-after-free in cfusbldevicenotify+0x7c9/0x870 net/caif/caifusb.c:138...

DEBIAN-CVE-2022-49919

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: release flow rule object from commit path No need to postpone this to the commit release path, since no packets are walking over this object, this is accessed from control plane only. This helped uncovered UA...