firefox: thunderbird: Sandbox escape due to undefined behavior, invalid pointer in the Graphics: Canvas2D component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to undefined behavior, invalid pointer in the Graphics...

CVE-2022-50366 powercap: intel_rapl: fix UBSAN shift-out-of-bounds issue

In the Linux kernel, the following vulnerability has been resolved: powercap: intelrapl: fix UBSAN shift-out-of-bounds issue When value timeunit, the parameter of ilog2 will be zero and the return value is -1. u64-1 is too large for shift exponent and then will trigger shift-out-of-bounds: shift...

Linux Distros Unpatched Vulnerability : CVE-2025-39821

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: perf: Avoid undefined behavior from stopping/starting inactive events Calling pmu-start/stop...

SUSE CVE-2025-39821

In the Linux kernel, the following vulnerability has been resolved: perf: Avoid undefined behavior from stopping/starting inactive events Calling pmu-start/stop on perf events in PERFEVENTSTATEOFF can leave event-hw.idx at -1. When PMU drivers later attempt to use this negative index as a shift...

CVE-2025-39821

In the Linux kernel, the following vulnerability has been resolved: perf: Avoid undefined behavior from stopping/starting inactive events Calling pmu-start/stop on perf events in PERFEVENTSTATEOFF can leave event-hw.idx at -1. When PMU drivers later attempt to use this negative index as a shift...

DEBIAN-CVE-2025-39821

In the Linux kernel, the following vulnerability has been resolved: perf: Avoid undefined behavior from stopping/starting inactive events Calling pmu-start/stop on perf events in PERFEVENTSTATEOFF can leave event-hw.idx at -1. When PMU drivers later attempt to use this negative index as a shift...

UBUNTU-CVE-2025-39821

In the Linux kernel, the following vulnerability has been resolved: perf: Avoid undefined behavior from stopping/starting inactive events Calling pmu-start/stop on perf events in PERFEVENTSTATEOFF can leave event-hw.idx at -1. When PMU drivers later attempt to use this negative index as a shift...

CVE-2025-39821 perf: Avoid undefined behavior from stopping/starting inactive events

In the Linux kernel, the following vulnerability has been resolved: perf: Avoid undefined behavior from stopping/starting inactive events Calling pmu-start/stop on perf events in PERFEVENTSTATEOFF can leave event-hw.idx at -1. When PMU drivers later attempt to use this negative index as a shift...

CVE-2025-39821 perf: Avoid undefined behavior from stopping/starting inactive events

In the Linux kernel, the following vulnerability has been resolved: perf: Avoid undefined behavior from stopping/starting inactive events Calling pmu-start/stop on perf events in PERFEVENTSTATEOFF can leave event-hw.idx at -1. When PMU drivers later attempt to use this negative index as a shift...

CVE-2025-39821

CVE-2025-39821 (Linux kernel perf - UBSAN risk) The issue is a logic flaw in perf event throttling where a group’s disabled member in PERF_EVENT_STATE_OFF could be throttle-started/stoppped, causing PMU drivers to receive an event with hw.idx = -1. This negative index is used as a shift exponent ...

CVE-2025-39821 perf: Avoid undefined behavior from stopping/starting inactive events

In the Linux kernel, the following vulnerability has been resolved: perf: Avoid undefined behavior from stopping/starting inactive events Calling pmu-start/stop on perf events in PERFEVENTSTATEOFF can leave event-hw.idx at -1. When PMU drivers later attempt to use this negative index as a shift...

CVE-2025-39812 sctp: initialize more fields in sctp_v6_from_sk()

In the Linux kernel, the following vulnerability has been resolved: sctp: initialize more fields in sctpv6fromsk syzbot found that sin6scopeid was not properly initialized, leading to undefined behavior. Clear sin6scopeid and sin6flowinfo. BUG: KMSAN: uninit-value in sctpv6cmpaddr+0x887/0x8c0...

CVE-2025-10528 Sandbox escape due to undefined behavior, invalid pointer in the Graphics: Canvas2D component

Sandbox escape due to undefined behavior, invalid pointer in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 143, Firefox ESR 140.3, Thunderbird 143, and Thunderbird 140.3...

CVE-2025-10528

Sandbox escape due to undefined behavior, invalid pointer in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 143, Firefox ESR 140.3, Thunderbird 143, and Thunderbird 140.3...

DEBIAN-CVE-2023-53272

In the Linux kernel, the following vulnerability has been resolved: net: ena: fix shift-out-of-bounds in exponential backoff The ENA adapters on our instances occasionally reset. Once recently logged a UBSAN failure to console in the process: UBSAN: shift-out-of-bounds in...

CVE-2023-53272 net: ena: fix shift-out-of-bounds in exponential backoff

In the Linux kernel, the following vulnerability has been resolved: net: ena: fix shift-out-of-bounds in exponential backoff The ENA adapters on our instances occasionally reset. Once recently logged a UBSAN failure to console in the process: UBSAN: shift-out-of-bounds in...

CVE-2023-53272

CVE-2023-53272 relates to the Linux kernel ENA driver (net: ena) where a UBSAN shift-out-of-bounds in the exponential backoff was observed during device reset. The issue stems from exponent calculations that could overflow 32-bit types, causing UBSAN panics when backoff delays grow large. The adv...

Firefox -- Sandbox escape due to undefined behavior

https://bugzilla.mozilla.org/showbug.cgi?id=1986185 reports: Sandbox escape due to undefined behavior, invalid pointer in the Graphics: Canvas2D component...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not properly initializing the sin6scopeid and sin6flowinfo fields, which could lead to undefined behavior...

PT-2025-37966

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw where calling pmu-start/stop on perf events in PERF EVENT STATE OFF can lead to undefined behavior. This occurs when event-hw.idx is at -1, and PMU...