Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from alteratsemdiocreate not freeing a node returned by ofgetchildbyname, resulting in a reference count leak...

PT-2025-8593 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A race condition exists in the Linux kernel's xen/arm component, specifically in the RB-tree based P2M accounting. The issue arises from concurrent calls to set phys to machine multi b...

X.Org和Xwayland 缓冲区错误漏洞

X.Org is an open source free software from the X.Org Foundation.Xwayland is an open source communication protocol from Xwayland that specifies how a display server communicates with its clients. A buffer error vulnerability exists in X.Org and Xwayland that stems from the compRedirectWindow...

CVE-2025-21703

Affecting the Linux kernel netem/qdisc path: the issue stems from updating sch->q.qlen before qdisc_tree_reduce_backlog(), causing DRR to miss qlen_notify() and enabling a use-after-free in the active list. CVSS v3.1 indicates high impact (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H). The Astra Linux ...

The vulnerability of the lib/generic-radix-tree.c component in the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability of the lib/generic-radix-tree.c component in the Linux operating system’s kernel is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a system failure...

The vulnerability of the nilfs2 component in the Linux operating system’s kernel, which allows a hacker to cause a service failure

The vulnerability of the lib/generic-radix-tree.c component in the Linux operating system’s kernel is related to incorrect resource locking. Exploiting this vulnerability can allow an attacker to cause service failures...

SUSE CVE-2023-2663

In Xpdf 4.04 and earlier, a PDF object loop in the page label tree leads to infinite recursion and a stack overflow...

SUSE CVE-2023-2664

In Xpdf 4.04 and earlier, a PDF object loop in the embedded file tree leads to infinite recursion and a stack overflow...

SUSE CVE-2024-57887

In the Linux kernel, the following vulnerability has been resolved: drm: adv7511: Fix use-after-free in adv7533attachdsi The hostnode pointer was assigned and freed in adv7533parsedt, and later, adv7533attachdsi uses the same. Fix this use-after-free issue by dropping ofnodeput in adv7533parsedt...

CLSA-2025-1739352814 kernel: Fix of 13 CVEs

media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in uvcparseformat CVE-2024-53104 - btrfs: fix information leak in btrfsioctllogicaltoino CVE-2024-35849 - net: afcan: do not leave a dangling sk pointer in cancreate CVE-2024-56603 - netfilter: xtables: fix LED ID check in ledtgcheck...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: MIPS: Loongson64: DTS: Actually fixed the PCIe port nodes for ls7a. Fixed the dtc warnings: arch/mips/boot/dts/loongson/ls7a-pch.dtsi:68.16-416.5: Warning interruptprovider: /bus@10000000/pci@1a000000: 'interrupt-cells' found,...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ocfs2: Reserving space for inline xattr before attaching the reflink tree. One of our customers reported a crash and a corrupted ocfs2 filesystem. The crash was due to the detection of corruption. Upon troubleshooting, the fsck -...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fixed the potential NULL pointer dereferencing in nilfsbtreeinsert The patch series “nilfs2: fixes potential issues with empty B-tree nodes” addresses three potential issues with empty B-tree nodes that can occur with...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: gpio: davinci: Validate the obtained number of IRQs. The value of pdata-gpiounbanked is retrieved from the Device Tree. If the Device Tree is corrupted due to any error, this value can be arbitrary. Without this value validation,...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: of/irq: Prevent device address out-of-bounds read in interrupt map walk When ofirqparseraw is invoked with a device address smaller than the interrupt parent node from address-cells property, KASAN detects the following...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: PCI: Keystone: Fixed a NULL pointer dereferencing issue in case of a DT error in kspciesetuprcapp regs. If IORESOURCEMEM is not provided in the Device Tree due to any error, resourcelistfirsttype will return NULL, and...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: btrfs: A sanity check for the btrfs root has been added in btrfssearchslot. Syzbot reports a nullptrderef issue in btrfssearchslot. The reproducer uses rescue=ibadroots, and the extent tree root is corrupted; as a result, the...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: – The faulty behavior of the mm:resolvefaultymmapregion function has been fixed. The mmapregion function is quite problematic, with a confusing control flow and numerous ways in which issues can arise. This leads to incomplete...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: lib/generic-radix-tree.c: A rare race condition in genradixptralloc has been fixed. If we need to increase the tree depth, we will allocate a new node. If another thread increases the tree depth before us, we will still have a...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: btrfs: We’ve fixed our handling of the situation where refs == 0 in the snapshot delete operation. In reada, there’s a bug where refs == 0 can occur. This could be problematic because we don’t hold a lock on the extent leaf, a...