6095 matches found
CVE-2025-38316
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: avoid NULL pointer dereference in mt7996setmonitor The function mt7996setmonitor dereferences phy before the NULL sanity check. Fix this to avoid NULL pointer dereference by moving the dereference after the...
CVE-2025-38309
In the Linux kernel, the following vulnerability has been resolved: drm/xe/vm: move xesvminit earlier In xevmcloseandput we need to be able to call xesvmfini, however during vm creation we can call this on the error path, before having actually initialised the svm state, leading to various splats...
CVE-2025-38302
In the Linux kernel, the following vulnerability has been resolved: block: don't use submitbionoacctnocheck in blkzonewplugbiowork Bios queued up in the zone write plug have already gone through all all preparation in the submitbio path, including the freeze protection. Submitting them through...
CVE-2025-38280
In the Linux kernel, the following vulnerability has been resolved: bpf: Avoid bpfprogret0warn when jit fails syzkaller reported an issue: WARNING: CPU: 3 PID: 217 at kernel/bpf/core.c:2357 bpfprogret0warn+0xa/0x20 kernel/bpf/core.c:2357 Modules linked in: CPU: 3 UID: 0 PID: 217 Comm: kworker/u32...
CVE-2025-38268
In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: move tcpmqueuevdmunlocked to asynchronous work A state check was previously added to tcpmqueuevdmunlocked to prevent a deadlock where the DisplayPort Alt Mode driver would be executing work and attempting to gra...
CVE-2025-38267
In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Do not trigger WARNON due to a commitoverrun When reading a memory mapped buffer the reader page is just swapped out with the last page written in the write buffer. If the reader page is the same as the commit buffer...
Advisory ROSA-SA-2025-2907
Software: sudo 1.9.5p2 OS: ROSA Virtualization 3.0 packageevrstring: sudo-1.9.5p2-1.rv30 CVE-ID: CVE-2025-32463 BDU-ID: 2025-07765 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the sudo system administration program is related to the inclusion of functions from an invalid controlled area when usin...
CVE-2025-38210
In the Linux kernel, the following vulnerability has been resolved: configfs-tsm-report: Fix NULL dereference of tsmops Unlike sysfs, the lifetime of configfs objects is controlled by userspace. There is no mechanism for the kernel to find and delete all created config-items. Instead, the...
CVE-2025-38199
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix memory leak due to multiple rxstats allocation rxstats for each arsta is allocated when adding a station. arsta-rxstats will be freed when a station is removed. Redundant allocations are occurring when the same...
CVE-2025-38193
In the Linux kernel, the following vulnerability has been resolved: netsched: schsfq: reject invalid perturb period Gerrard Tai reported that SFQ perturbperiod has no range check yet, and this can be used to trigger a race condition fixed in a separate patch. We want to make sure ctl-perturbperio...
CVE-2025-38190 atm: Revert atm_account_tx() if copy_from_iter_full() fails.
In the Linux kernel, the following vulnerability has been resolved: atm: Revert atmaccounttx if copyfromiterfull fails. In vccsendmsg, we account skb-truesize to sk-skwmemalloc by atmaccounttx. It is expected to be reverted by atmpopraw later called by vcc-dev-ops-sendvcc, skb. However, vccsendms...
CVE-2025-38088
In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap memtrace mmap issue has an out of bounds issue. This patch fixes the by checking that the requested mapping region size should stay within the allocated region si...
CVE-2025-5459
A user with specific node group editing permissions and a specially crafted class parameter could be used to execute commands as root on the primary host. It affects Puppet Enterprise versions 2018.1.8 through 2023.8.3 and 2025.3 and has been resolved in versions 2023.8.4 and 2025.4.0...
CVE-2022-49983
In the Linux kernel, the following vulnerability has been resolved: udmabuf: Set the DMA mask for the udmabuf device v2 If the DMA mask is not set explicitly, the following warning occurs when the userspace tries to access the dma-buf via the CPU as reported by syzbot here: WARNING: CPU: 1 PID:...
CVE-2022-50028 gadgetfs: ep_io - wait until IRQ finishes
In the Linux kernel, the following vulnerability has been resolved: gadgetfs: epio - wait until IRQ finishes after usbepqueue if waitforcompletioninterruptible is interrupted we need to wait until IRQ gets finished. Otherwise complete from epiocomplete can corrupt stack...
CVE-2022-49987
CVE-2022-49987 concerns the Linux kernel md subsystem. The provided documents show the vulnerability arises from md_stop path handling where __md_stop_writes should be stopped earlier to align with normal md-raid and fix a KASAN issue. Multiple advisories (Unity Linux UTSA-2026-004867/992895 and ...
TencentOS Server 3: systemd (TSSA-2024:0212)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0212 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
Advisory ROSA-SA-2025-2882
Software: libtasn1 4.13 OS: ROSA Virtualization 2.1 packageevrstring: libtasn1-4.13-5.rv3 CVE-ID: CVE-2024-12133 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in libtasn1 causes the system to slow down or crash due to inefficient processing of certain certificate data. As a result, an...
Advisory ROSA-SA-2025-2883
Software: libtiff 4.0.9 OS: ROSA Virtualization 2.1 packageevrstring: libtiff-4.0.9-34.rv3 CVE-ID: CVE-2017-17095 BDU-ID: 2019-03339 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the LibTIFF library is related to a heap-based buffer overflow in TIFFSetupStrips. Exploitation of the vulnerability...
CVE-2025-38002
In the Linux kernel, the following vulnerability has been resolved: iouring/fdinfo: grab ctx-uringlock around iouringshowfdinfo Not everything requires locking in there, which is why the 'haslock' variable exists. But enough does that it's a bit unwieldy to manage. Wrap the whole thing in a...