1086 matches found
CVE-2025-21939
In the Linux kernel, the following vulnerability has been resolved: drm/xe/hmm: Don't dereference struct page pointers without notifier lock The pnfs that we obtain from hmmrangefault point to pages that we don't have a reference on, and the guarantee that they are still in the cpu page-tables is...
DEBIAN-CVE-2025-21939
In the Linux kernel, the following vulnerability has been resolved: drm/xe/hmm: Don't dereference struct page pointers without notifier lock The pnfs that we obtain from hmmrangefault point to pages that we don't have a reference on, and the guarantee that they are still in the cpu page-tables is...
UBUNTU-CVE-2025-21939
In the Linux kernel, the following vulnerability has been resolved: drm/xe/hmm: Don't dereference struct page pointers without notifier lock The pnfs that we obtain from hmmrangefault point to pages that we don't have a reference on, and the guarantee that they are still in the cpu page-tables is...
CVE-2025-21939 drm/xe/hmm: Don't dereference struct page pointers without notifier lock
In the Linux kernel, the following vulnerability has been resolved: drm/xe/hmm: Don't dereference struct page pointers without notifier lock The pnfs that we obtain from hmmrangefault point to pages that we don't have a reference on, and the guarantee that they are still in the cpu page-tables is...
CVE-2025-21939 drm/xe/hmm: Don't dereference struct page pointers without notifier lock
In the Linux kernel, the following vulnerability has been resolved: drm/xe/hmm: Don't dereference struct page pointers without notifier lock The pnfs that we obtain from hmmrangefault point to pages that we don't have a reference on, and the guarantee that they are still in the cpu page-tables is...
CVE-2025-21939
CVE-2025-21939 concerns the Linux kernel drm/xe/hmm path. The vulnerability stems from pnfs obtained via hmm_range_fault() referencing pages without holding the notifier lock, risking dereferencing struct page pointers and dirty/accessed marks. The fix builds the sg-table manually and maintains t...
CVE-2025-30792
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ufukart Comment Approved Notifier Extended comment-approved-notifier-extended allows Stored XSS.This issue affects Comment Approved Notifier Extended: from n/a through = 5.2...
CVE-2025-30792
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ufukart Comment Approved Notifier Extended comment-approved-notifier-extended allows Stored XSS.This issue affects Comment Approved Notifier Extended: from n/a through = 5.2...
CVE-2025-30792
CVE-2025-30792 is a Stored XSS vulnerability in the WordPress plugin Comment Approved Notifier Extended (affected: from n/a through 5.2). The issue arises from improper input neutralization during web page generation, enabling an attacker to inject malicious scripts via input that is rendered by ...
WordPress Comment Approved Notifier Extended plugin <= 5.2 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Nabil Irawan in WordPress Plugin Comment Approved Notifier Extended versions = 5.2...
WordPress plugin Comment Approved Notifier Extended 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress...
OESA-2025-1318 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Zap all roots when unmapping gfn range in TDP MMU Zap both valid and invalid roots when zapping/unmapping a gfn range, as KVM must ensure it holds ...
Azure Linux 3.0 Security Update: kernel (CVE-2024-56715)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-56715 advisory. - In the Linux kernel, the following vulnerability has been resolved: ionic: Fix netdev notifier unregister on...
CBL Mariner 2.0 Security Update: kernel (CVE-2024-56715)
The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-56715 advisory. - In the Linux kernel, the following vulnerability has been resolved: ionic: Fix netdev notifier unregister on...
ionic: Fix netdev notifier unregister on failure
...
Linux Distros Unpatched Vulnerability : CVE-2024-56715
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ionic: Fix netdev notifier unregister on failure If registernetdev fails, then the driver leaks the netdev notifier. Fix this by calling ioniclifunregister on...
PT-2025-14320 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, related to the drm/xe/hmm component. The issue involves dereferencing struct page pointers without holding the notifier lock, whi...
SUSE CVE-2021-47639
In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Zap all roots when unmapping gfn range in TDP MMU Zap both valid and invalid roots when zapping/unmapping a gfn range, as KVM must ensure it holds no references to the freed page after returning from the unmap...
SUSE CVE-2022-49077
In the Linux kernel, the following vulnerability has been resolved: mmmremap.c: avoid pointless invalidaterangestart/end on mremapoldsize=0 If an mremap syscall with oldsize=0 ends up in movepagetables, it will call invalidaterangestart/invalidaterangeend unnecessarily, i.e. with an empty range...
SUSE CVE-2022-49098
In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Fix potential crash on module unload The vmbus driver relies on the panic notifier infrastructure to perform some operations when a panic event is detected. Since vmbus can be built as module, it is required...