CVE-2022-50714 wifi: mt76: mt7921e: fix rmmod crash in driver reload test

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921e: fix rmmod crash in driver reload test In insmod/rmmod stress test, the following crash dump shows up immediately. The problem is caused by missing mt76dev in mt7921pciremove. We should make sure the drvdata i...

CVE-2022-50714

CVE-2022-50714 involves a Linux kernel driver issue in wifi mt76/mt7921e. The crash occurs during insmod/rmmod stress testing due to a missing mt76_dev in mt7921_pci_remove(), with the drvdata not guaranteed ready when probe() finishes. The result is a KASAN user-memory-access write (8 bytes) dur...

CVE-2023-54037

In the Linux kernel, the following vulnerability has been resolved: ice: prevent NULL pointer deref during reload Calling ethtool during reload can lead to call trace, because VSI isn't configured for some time, but netdev is alive. To fix it add rtnl lock for VSI deconfig and config. Set...

CVE-2023-54037

In the Linux kernel, the following vulnerability has been resolved: ice: prevent NULL pointer deref during reload Calling ethtool during reload can lead to call trace, because VSI isn't configured for some time, but netdev is alive. To fix it add rtnl lock for VSI deconfig and config. Set...

UBUNTU-CVE-2023-54037

In the Linux kernel, the following vulnerability has been resolved: ice: prevent NULL pointer deref during reload Calling ethtool during reload can lead to call trace, because VSI isn't configured for some time, but netdev is alive. To fix it add rtnl lock for VSI deconfig and config. Set...

CVE-2023-54037

CVE-2023-54037 involves the Linux kernel ice driver where ethtool reload can trigger a NULL pointer deref if VSI is not yet configured. The fix adds a rtnl lock around VSI deconfig/config, zeros num_q_vectors after freeing, guards tx/rx_rings in ring-related ethtool ops, and ensures proper unroll...

CVE-2023-54037 ice: prevent NULL pointer deref during reload

In the Linux kernel, the following vulnerability has been resolved: ice: prevent NULL pointer deref during reload Calling ethtool during reload can lead to call trace, because VSI isn't configured for some time, but netdev is alive. To fix it add rtnl lock for VSI deconfig and config. Set...

CVE-2023-54037 ice: prevent NULL pointer deref during reload

In the Linux kernel, the following vulnerability has been resolved: ice: prevent NULL pointer deref during reload Calling ethtool during reload can lead to call trace, because VSI isn't configured for some time, but netdev is alive. To fix it add rtnl lock for VSI deconfig and config. Set...

PT-2025-53016

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1.0-07460-g7ae9888d6e1c 580 Description A flaw exists in the Linux kernel related to devlink snapshot handling. Specifically, the devlink region snapshot del function does not consistently hold the region lock...

PT-2025-53131

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a memory leak in the kexec functionality related to the ELF header buffer. The issue is identified by the kmemleak detector and occurs during the elf kexec load...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the ice driver not properly synchronizing the VSI configuration during a reload, which could lead to null...

PT-2025-53217

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the nilfs2 file system within the Linux kernel where a kernel warning or panic may occur due to the reuse of discarded buffers in the mark buffer dirty function,...

PT-2025-52994

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's ice network driver. Calling ethtool during a reload operation can lead to a kernel NULL pointer dereference because the Virtual Switch Interface VSI i...

CVE-2025-66397 ChurchCRM's Kiosk Manager Functions are vulnerable to Broken Access Control

ChurchCRM is an open-source church management system. Prior to version 6.5.3, the allowRegistration, acceptKiosk, reloadKiosk, and identifyKiosk functions in the Kiosk Manager feature suffers from broken access control, allowing any authenticated user to allow and accept kiosk registrations, and...

CVE-2025-68080

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Saad Iqbal User Avatar - Reloaded user-avatar-reloaded allows Stored XSS.This issue affects User Avatar - Reloaded: from n/a through = 1.2.2...

CVE-2023-53747

In the Linux kernel, the following vulnerability has been resolved: vcscreen: reload load of struct vcdata pointer in vcswrite to avoid UAF After a call to consoleunlock in vcswrite the vcdata struct can be freed by vcportdestruct. Because of that, the struct vcdata pointer must be reloaded in th...

systemd security update

252-55.0.3.7 - serialize: don't allocate 1M on the stack just like that LINUX-16166 - Route logs from container mapped uids to the system journal Orabug: 38135007 - Drop delay when nspawn fails to reset loginuid Orabug: 37793135 - Improve logging for api bus connection and subscribers Orabug:...

TencentOS Server 4: kernel (TSSA-2025:0046)

"The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0046 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilitie...

Mozilla Firefox ESR < 52.2

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 52.2. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2017-16 advisory. - A number of security vulnerabilities in the Graphite 2 library including out-of-bounds reads, buffer...

CVE-2025-8870

On affected platforms running Arista EOS, certain serial console input might result in an unexpected reload of the device.153...