CVE-2025-38011

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: csa unmap use uninterruptible lock After process exit to unmap csa and free GPU vm, if signal is accepted and then waiting to take vm lock is interrupted and return, it causes memory leaking and below warning backtrac...

UBUNTU-CVE-2025-38078

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix race of buffer access at PCM OSS layer The PCM OSS layer tries to clear the buffer with the silence data at initialization or reconfiguration of a stream with the explicit call of sndpcmformatsetsilence with...

PT-2025-26004 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.19.0-rc5-test+ 309 Description: A vulnerability in the Linux kernel has been resolved, related to event probes eprobes in the tracing subsystem. The issue occurs when attempting to retrieve the instruction...

PT-2025-26152 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A kernel memory leak issue has been identified in the Linux kernel's crypto subsystem, specifically in the ccp driver. The problem occurs when input passed to certain sev ioctl...

The vulnerability of the Local Security Authority Subsystem Service (LSASS) in Windows operating systems allows a perpetrator to trigger a service failure.

The vulnerability of the Local Security Authority Subsystem Service LSASS in Windows operating systems is related to an uncontrolled consumption of resources. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

Linux Kernel Improper Ownership Management Vulnerability

Linux Kernel contains an improper ownership management vulnerability, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bu...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: block: fix resource leak in blkregisterqueue error path When registering a queue fails after blkmqsysfsregister is successful but the function later encounters an error, we need to clean up the blkmqsysfs resources. Add the missi...

TencentOS Server 3: kernel (TSSA-2023:0132)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0132 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

Medium: python3-tornado

Issue Overview: Tornado is a Python web framework and asynchronous networking library. When Tornado's multipart/form-data parser encounters certain errors, it logs a warning but continues trying to parse the remainder of the data. This allows remote attackers to generate an extremely high volume ...

Amazon Linux 2 : python-tornado (ALAS-2025-2888)

The version of python-tornado installed on the remote host is prior to 4.2.1-3. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2888 advisory. Tornado is a Python web framework and asynchronous networking library. When Tornado's multipart/form- data parser encounters...

Amazon Linux 2023 : python3-tornado (ALAS2023-2025-1002)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1002 advisory. Tornado is a Python web framework and asynchronous networking library. When Tornado's multipart/form- data parser encounters certain errors, it logs a warning but continues trying to parse the remainde...

Amazon Linux 2 : python3-tornado (ALAS-2025-2889)

The version of python3-tornado installed on the remote host is prior to 5.0.2-4. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2889 advisory. Tornado is a Python web framework and asynchronous networking library. When Tornado's multipart/form- data parser encounter...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: udp: Fix memory accounting leak. CVE-2025-22058 Affected Packages: kernel Note: This advisory is applicable to Amazon Linux 2 - Kernel-5.15 Extra. Visit this page to learn more about Amazon Linux 2 AL2 Extras and...

CVE-2025-32712

Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally...

kernel: um: Fix out-of-bounds read in LDT setup

A vulnerability was found in the Linux kernel's user mode um subsystem, specifically within the Local Descriptor Table LDT setup functionality. The issue arises from the syscallstubdata function misinterpreting the datacount parameter as a byte count rather than a count of longs, leading to an...

KLA84760 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, gain privileges, execute arbitrary code, cause denial of service, spoof user interface. Below is a complete list of...

Medium: python-tornado

Issue Overview: Tornado is a Python web framework and asynchronous networking library. When Tornado's multipart/form-data parser encounters certain errors, it logs a warning but continues trying to parse the remainder of the data. This allows remote attackers to generate an extremely high volume ...

Microsoft Windows Local Security Authority Subsystem Service 资源管理错误漏洞

The Microsoft Windows Local Security Authority Subsystem Service is an internal program of Microsoft Corporation USA that runs Windows system security policies. It verifies user identity, manages user password changes, and generates access characters when a user logs on to a computer standalone o...

PT-2025-24836

Name of the Vulnerable Software and Affected Versions Windows Local Security Authority Subsystem Service LSASS affected versions not specified Description The issue concerns uncontrolled resource consumption in the Windows Local Security Authority Subsystem Service LSASS, allowing an unauthorized...

PT-2025-27692

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to the fixed version Description: A use-after-free vulnerability has been identified in the Linux kernel, specifically in the io uring subsystem. The issue arises when the sq-thread is released while being used in...