CVE-2024-38311

Improper Input Validation vulnerability in Apache Traffic Server. This issue affects Apache Traffic Server: from 8.0.0 through 8.1.11, from 9.0.0 through 9.2.8, from 10.0.0 through 10.0.3. Users are recommended to upgrade to version 9.2.9 or 10.0.4, which fixes the issue...

Linux Distros Unpatched Vulnerability : CVE-2021-31229

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxmlinternaldtd performs incorrect memory handling while parsing crafted XML files, which...

CVE-2024-41147

An out-of-bounds write vulnerability exists in the madrflacdecodesampleslpc functionality of Miniaudio miniaudio v0.11.21. A specially crafted .flac file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2025-26618 affecting package erlang for versions less than 25.2-3

CVE-2025-26618 affecting package erlang for versions less than 25.2-3. A patched version of the package is available...

CVE-2025-0684

A flaw was found in grub2. When performing a symlink lookup from a reiserfs filesystem, grub's reiserfs fs module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size, however, it improperly checks for integer overflows. A maliciouly crafted filesyste...

CVE-2022-49733

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: oss: Fix race at SNDCTLDSPSYNC There is a small race window at sndpcmosssync that is called from OSS PCM SNDCTLDSPSYNC ioctl; namely the function calls sndpcmossmakeready at first, then takes the paramslock mutex for t...

CVE-2025-21803

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Fix warnings during S3 suspend The enablegpewakeup function calls acpienableallwakeupgpes, and the later one may call the preemptschedulecommon function, resulting in a thread switch and causing the CPU to be in an...

CVE-2025-21801

In the Linux kernel, the following vulnerability has been resolved: net: ravb: Fix missing rtnl lock in suspend/resume path Fix the suspend/resume path by ensuring the rtnl lock is held where required. Calls to ravbopen, ravbclose and wol operations must be performed under the rtnl lock to preven...

CVE-2025-21819

In the Linux kernel, the following vulnerability has been resolved: Revert "drm/amd/display: Use HW lock mgr for PSR1" This reverts commit a2b5a9956269 "drm/amd/display: Use HW lock mgr for PSR1" Because it may cause system hang while connect with two edp panel...

CVE-2025-21820

In the Linux kernel, the following vulnerability has been resolved: tty: xilinxuartps: split sysrq handling lockdep detects the following circular locking dependency: CPU 0 CPU 1 ========================== ============================ cdnsuartisr printk uartportlockport consolelock...

CVE-2025-21817

In the Linux kernel, the following vulnerability has been resolved: block: mark GFPNOIO around sysfs -store sysfs -store is called with queue freezed, meantime we have several -store callbacksupdatenrrequests, wbt, scheduler to allocate memory with GFPKERNEL which may run into direct reclaim code...

CVE-2025-21799

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: am65-cpsw: fix freeing IRQ in am65cpswnussremovetxchns When getting the IRQ we use k3udmagluetxgetirq which returns negative error value on error. So not NULL check is not sufficient to deteremine if IRQ is...

CVE-2025-21777

In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Validate the persistent meta data subbuf array The meta data for a mapped ring buffer contains an array of indexes of all the subbuffers. The first entry is the reader page, and the rest of the entries lay out the...

CVE-2024-58020

In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: Add NULL check in mtinputconfigured devmkasprintf can return a NULL pointer on failure,but this returned value in mtinputconfigured is not checked. Add NULL check in mtinputconfigured, to handle kernel NULL point...

CVE-2025-21797

In the Linux kernel, the following vulnerability has been resolved: HID: corsair-void: Add missing delayed work cancel for headset status The canceldelayedworksync call was missed, causing a use-after-free in corsairvoidremove...

CVE-2025-21790

In the Linux kernel, the following vulnerability has been resolved: vxlan: check vxlanvnigroupinit return value vxlaninit must check vxlanvnigroupinit success otherwise a crash happens later, spotted by syzbot. Oops: general protection fault, probably for non-canonical address 0xdffffc000000002c:...

CVE-2024-58019

In the Linux kernel, the following vulnerability has been resolved: nvkm/gsp: correctly advance the read pointer of GSP message queue A GSP event message consists three parts: message header, RPC header, message body. GSP calculates the number of pages to write from the total size of a GSP messag...

CVE-2025-21744

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix NULL pointer dereference in brcmftxfinalize On removal of the device or unloading of the kernel module a potential NULL pointer dereference occurs. The following sequence deletes the interface: brcmfdetach...

CVE-2025-21736

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix possible int overflows in nilfsfiemap Since nilfsbmaplookupcontig in nilfsfiemap calculates its result by being prepared to go through potentially maxblocks == INTMAX blocks, the value in n may experience an overflow...

CVE-2025-21756

In the Linux kernel, the following vulnerability has been resolved: vsock: Keep the binding until socket destruction Preserve sockets bindings; this includes both resulting from an explicit bind and those implicitly bound through autobind during connect. Prevents socket unbinding during a transpo...