12623 matches found
CVE-2025-39897
In the Linux kernel, the following vulnerability has been resolved: net: xilinx: axienet: Add error handling for RX metadata pointer retrieval Add proper error checking for dmaenginedescgetmetadataptr which can return an error pointer and lead to potential crashes or undefined behaviour if the...
UBUNTU-CVE-2025-39897
In the Linux kernel, the following vulnerability has been resolved: net: xilinx: axienet: Add error handling for RX metadata pointer retrieval Add proper error checking for dmaenginedescgetmetadataptr which can return an error pointer and lead to potential crashes or undefined behaviour if the...
CVE-2025-39925 can: j1939: implement NETDEV_UNREGISTER notification handler
In the Linux kernel, the following vulnerability has been resolved: can: j1939: implement NETDEVUNREGISTER notification handler syzbot is reporting unregisternetdevice: waiting for vcan0 to become free. Usage count = 2 problem, for j1939 protocol did not have NETDEVUNREGISTER notification handler...
CVE-2025-39913 tcp_bpf: Call sk_msg_free() when tcp_bpf_send_verdict() fails to allocate psock->cork.
In the Linux kernel, the following vulnerability has been resolved: tcpbpf: Call skmsgfree when tcpbpfsendverdict fails to allocate psock-cork. syzbot reported the splat below. 0 The repro does the following: 1. Load a skmsg prog that calls bpfmsgcorkbytesmsg, corkbytes 2. Attach the prog to a...
CVE-2025-39913
In the Linux kernel, the following vulnerability has been resolved: tcpbpf: Call skmsgfree when tcpbpfsendverdict fails to allocate psock-cork. syzbot reported the splat below. 0 The repro does the following: 1. Load a skmsg prog that calls bpfmsgcorkbytesmsg, corkbytes 2. Attach the prog to a...
CVE-2025-39897 net: xilinx: axienet: Add error handling for RX metadata pointer retrieval
In the Linux kernel, the following vulnerability has been resolved: net: xilinx: axienet: Add error handling for RX metadata pointer retrieval Add proper error checking for dmaenginedescgetmetadataptr which can return an error pointer and lead to potential crashes or undefined behaviour if the...
kernel: udp: Fix memory accounting leak.
A memory overflow vulnerability exists within the Linux kernel's networking subsystem. Specifically, an application can set the SORCVBUF socket option to its maximum value INTMAX, which triggers an integer overflow within the udprmemrelease function during socket closure. The udpdestructcommon...
Fedora 41 : bird (2025-702902f388)
The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-702902f388 advisory. BIRD 3.1.4 2025-09-22 BGP: Fixed crash on Notification with a message, CVE-2025-59688 BGP: Fixed invalid memory access in pending TX flush BGP: Fixed a rare...
RHEL 9 : kernel (RHSA-2025:17122)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:17122 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: usb: dwc3: gadget: check that...
Fedora 42 : bird (2025-f6b553e67d)
The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-f6b553e67d advisory. BIRD 3.1.4 2025-09-22 BGP: Fixed crash on Notification with a message, CVE-2025-59688 BGP: Fixed invalid memory access in pending TX flush BGP: Fixed a rare...
PT-2025-40144
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s iSCSI over TCP implementation. Specifically, a NULL pointer dereference can occur during socket access when freeing the socket concurrently with...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from improper handling of zero-copy SKB and TX timestamps in the TCP/UDP protocols, which could lead to a memory...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to properly handle socket release and access contention conditions, which could result in a null...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a possible modification of the cb field of the skb when the xfrm device uses the sfb type qdisc, which could...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not properly cleaning up the mcu skb queue in the mt7915mcuexit function, which could lead to a memory leak...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not checking sock validity before iscsisetparam, which could lead to null pointer dereferencing...
PT-2025-40171
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s SCSI subsystem, specifically within the iscsi tcp component. The issue stems from a missing validation check for the sock variable before it is assign...
PT-2025-40196
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contained memory leaks related to socket sk and zero-copy sk buffs skbs when using TX timestamping. The issue was identified through syzkaller reports, which demonstrate...
kernel: udp: Fix memory accounting leak.
A memory overflow vulnerability exists within the Linux kernel's networking subsystem. Specifically, an application can set the SORCVBUF socket option to its maximum value INTMAX, which triggers an integer overflow within the udprmemrelease function during socket closure. The udpdestructcommon...
NewStart CGSL MAIN 6.06 : lvm2 Vulnerability (NS-SA-2025-0216)
The remote NewStart CGSL host, running version MAIN 6.06, has lvm2 packages installed that are affected by a vulnerability: - The cluster logical volume manager daemon clvmd in lvm2-cluster in LVM2 before 2.02.72, as used in Red Hat Global File System GFS and other products, does not verify clien...