Vulnerability of the mtdchar_ioctl() function in the drivers/mtd/mtdchar.c module – A driver for supporting MTD devices in the Linux operating system, which allows a hacker to cause a service failure.

Vulnerability of the mtdcharioctl function in the drivers/mtd/mtdchar.c module – The Linux kernel’s MTD device support driver is vulnerable to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to cause service failures...

The Trip to ZigBee Backscatter across a Decade, a Systematic Review

The field of backscatter communication has undergone a profound transformation, evolving from a niche technology for radio-frequency identification RFID into a sophisticated paradigm poised to enable a truly battery-free Internet of Things IoT. This evolution is built upon a deepening understandi...

SUSE CVE-2022-50005

In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: Fix use-after-free bugs caused by pn532cmdtimeout When the pn532 uart device is detaching, the pn532uartremove is called. But there are no functions in pn532uartremove that could delete the cmdtimeout timer, which wil...

The vulnerability of the kvm_arch_vcpu_ioctl() function in the arch/x86/kvm/x86.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the kvmarchvcpuioctl function in the arch/x86/kvm/x86.c module of the Linux operating system is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility o...

The vulnerability of the default_operstate() function in the net/core/link_watch.c module exposes the support for network functions in the Linux kernel. This allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the defaultoperstate function in the net/core/linkwatch.c module related to Linux kernel network functions is associated with synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity,...

Watermarking Autoregressive Image Generation

Watermarking the outputs of generative models has emerged as a promising approach for tracking their provenance. Despite significant interest in autoregressive image generation models and their potential for misuse, no prior work has attempted to watermark their outputs at the token level. In thi...

DEBIAN-CVE-2022-49968

In the Linux kernel, the following vulnerability has been resolved: ieee802154/adf7242: defer destroyworkqueue call There is a possible race condition use-after-free like below FREE | USE adf7242remove | adf7242channel canceldelayedworksync | destroyworkqueue 1 | adf7242cmdrx | moddelayedwork 2 |...

UBUNTU-CVE-2025-38058

In the Linux kernel, the following vulnerability has been resolved: legitimizemnt: check for MNTSYNCUMOUNT should be under mountlock ... or we risk stealing final mntput from sync umount - raising mntcount after umount2 has verified that victim is not busy, but before it has set MNTSYNCUMOUNT; in...

The vulnerability of the AsIO3.sys driver, a software for managing and configuring Asus Armoury Crate devices, allows a hacker to elevate their privileges in the Windows operating system to the SYSTEM level.

The vulnerability of the AsIO3.sys driver, a software for managing and configuring Asus Armoury Crate devices, is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to elevate their privileges in the Windows operating system to SYSTE...

PT-2025-26054 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue concerns the Linux kernel, specifically the android binder component. It involves the unsafe practice of saving a pointer to a VMA outside of the mmap lock for later use. Thi...

PT-2025-28878

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A use-after-free vulnerability exists in the vhci flush function within the Bluetooth HCI core of the Linux kernel. The vulnerability occurs when a thread closes a vhci file descriptor...

The vulnerability of the Git-based software platform for collaborative code development on GitLab arises from synchronization errors when using a shared resource. This vulnerability allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to synchronization errors when using a shared resource. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

CVE-2025-48992

Group-Office is affected by a stored and blind XSS in the Name field of user profiles for versions prior to 6.8.123 and prior to 25.0.27. The vulnerability allows an attacker to set their name to a JavaScript payload, which executes when the compromised user adds that attacker to Synchronization ...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: net: ibmveth: make vethpoolstore stop hanging v2: - Created a single error handling unlock and exit in vethpoolstore - Greatly expanded commit message with previous explanatory-only text Summary: Use rtnlmutex to synchronize...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: mm: zswap: properly synchronize freeing resources during CPU hotunplug In zswapcompress and zswapdecompress, the per-CPU acompctx of the current CPU at the beginning of the operation is retrieved and used throughout. However, sin...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: vxlan: vnifilter: Fixed the issue where the default FDB entry was deleted without holding the hash lock. When a VNI is deleted from a VXLAN device in ‘vnifilter’ mode, the FDB entry associated with the default remote assuming one...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: make sure that ptprate is not 0 before configuring EST If the ptprate recorded earlier in the driver happens to be 0, this bogus value will propagate up to EST configuration, where it will trigger a division by 0...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Synchronous access between the reset thread and the TM thread for reply queues. When the task management thread processes reply queues while the reset thread resets them, the task management thread accesses an inval...

Security Bulletin: IBM Security Verify Password Synchronization Plug-in for Windows AD is affected by multiple vulnerabilities

Summary IBM Security Verify Password Synchronization Plug-in for Windows AD has addressed these vulnerabilities. Vulnerability Details CVEID:CVE-2022-0778 DESCRIPTION: The BNmodsqrt function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime...

The vulnerability of the synchronization application for Qsync Central files relates to the lack of security measures for the SQL query structure, allowing a hacker to execute arbitrary code.

The vulnerability of the Qsync Central file synchronization application is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...