7529 matches found
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the bcmgenet driver not guaranteeing order during register reads and writes, which could lead to a transfer...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the efxchannelhastxqueues function not handling the efxseparatetxchannels parameter correctly, which results...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to free the page array when watchqueue is disassembled...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not properly handling queue merges that have been set up...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from bfq not checking if the parents are the same when merging queues...
X.Org和Xwayland 资源管理错误漏洞
X.Org is an open source free software from the X.Org Foundation.Xwayland is an open source communication protocol from Xwayland that specifies how a display server communicates with its clients. A resource management error vulnerability exists in X.Org and Xwayland that stems from a device being...
PT-2025-13222
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, related to the RDMA/bnxt re module. The issue occurs when using nvme target with use srq on, resulting in a kernel panic due to a...
kernel: tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink().
A use-after-free UAF vulnerability was found and fixed in the Linux kernel's TCP subsystem related to request socket reqsk timers during handshake handling. This issue stems from a race condition caused by relying on timerpending in reqskqueueunlink. This could result in the timer continuing to r...
SUSE CVE-2025-21703
In the Linux kernel, the following vulnerability has been resolved: netem: Update sch-q.qlen before qdisctreereducebacklog qdisctreereducebacklog notifies parent qdisc only if child qdisc becomes empty, therefore we need to reduce the backlog of the child qdisc before calling it. Otherwise it wou...
DEBIAN-CVE-2025-21702
In the Linux kernel, the following vulnerability has been resolved: pfifotailenqueue: Drop new packet when sch-limit == 0 Expected behaviour: In case we reach scheduler's limit, pfifotailenqueue will drop a packet in scheduler's queue and decrease scheduler's qlen by one. Then, pfifotailenqueue...
UBUNTU-CVE-2025-21702
In the Linux kernel, the following vulnerability has been resolved: pfifotailenqueue: Drop new packet when sch-limit == 0 Expected behaviour: In case we reach scheduler's limit, pfifotailenqueue will drop a packet in scheduler's queue and decrease scheduler's qlen by one. Then, pfifotailenqueue...
UBUNTU-CVE-2025-21703
In the Linux kernel, the following vulnerability has been resolved: netem: Update sch-q.qlen before qdisctreereducebacklog qdisctreereducebacklog notifies parent qdisc only if child qdisc becomes empty, therefore we need to reduce the backlog of the child qdisc before calling it. Otherwise it wou...
CVE-2025-21703
In the Linux kernel, the following vulnerability has been resolved: netem: Update sch-q.qlen before qdisctreereducebacklog qdisctreereducebacklog notifies parent qdisc only if child qdisc becomes empty, therefore we need to reduce the backlog of the child qdisc before calling it. Otherwise it wou...
CVE-2025-21702 pfifo_tail_enqueue: Drop new packet when sch->limit == 0
In the Linux kernel, the following vulnerability has been resolved: pfifotailenqueue: Drop new packet when sch-limit == 0 Expected behaviour: In case we reach scheduler's limit, pfifotailenqueue will drop a packet in scheduler's queue and decrease scheduler's qlen by one. Then, pfifotailenqueue...
SUSE CVE-2023-52903
In the Linux kernel, the following vulnerability has been resolved: iouring: lock overflowing for IOPOLL syzbot reports an issue with overflow filling for IOPOLL: WARNING: CPU: 0 PID: 28 at iouring/iouring.c:734 iocqringeventoverflow+0x1c0/0x230 iouring/iouring.c:734 CPU: 0 PID: 28 Comm:...
CVE-2025-24900
Concorde (Nexkey) vulnerability: lack of CSRF protection and misconfigured cookies for MediaProxy authentication allow bypassing authentication, enabling image loading without restrictions. Affects versions prior to 12.25Q1.1 (SameSite attribute missing); prior to 12.24Q2.3 the same cookie also a...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: nvme: tcp: avoid race between queuelock lock and destroy Commit 76d54bf20cdc "nvme-tcp: don’t access released sockets during error recovery" added a mutexlock call for the queue-queuelock in nvmetcpgetaddress. However, the...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Added a check for the srqmaxsge attribute. The maxsge attribute is provided by the user and is inserted and used unchecked. Therefore, ensure that the value does not exceed the maximum allowed value before using it...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ionic: fix use after netifnapidel When queues are started, netifnapiadd and napienable are called. If there are 4 queues and only 3 queues are used for the current configuration, only 3 queues’ napi should be registered and...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the printerwrite function in the files drivers/usb/gadget/function/fprinter.c from version 6.7.4 onwards does not call usbepqueue properly. This may allow attackers to cause a denial of service or result in unspecified other impacts...