CVE-2025-47368

Memory corruption when dereferencing an invalid userspace address in a user buffer during MCDM IOCTL processing...

[SECURITY] Fedora 43 Update: libnbd-1.23.10-1.fc43

NBD =E2=80=94 Network Block Device =E2=80=94 is a protocol for accessing Bloc k Devices hard disks and disk-like things over a Network. This is the NBD client library in userspace, a simple library for writing NBD clients. The key features are: Synchronous and asynchronous APIs, both for ease of...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989965)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989965 advisory. In the Linux kernel, the following vulnerability has been resolved: binder: make sure fd closes complete During BCFREEBUFFER processing, the BINDERTYPEFDA object...

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-989779)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989779 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: initialize registers in nftdochain Initialize registers to avoid stack leak...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989371)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989371 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkosf: fix possible bogus match in nfosffind nfosffind incorrectly returns true...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989250)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989250 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: initialize registers in nftdochain Initialize registers to avoid stack leak...

CVE-2025-47368

Memory corruption when dereferencing an invalid userspace address in a user buffer during MCDM IOCTL processing...

CVE-2025-47368

CVE-2025-47368 affects Qualcomm DSP Service (Memory corruption in MCDM IOCTL processing when dereferencing an invalid userspace address in a user buffer). The CVSS v3.1 vector indicates a Local, Low-Complexity exploit with Low Privileges Required, no user interaction, and impacts on confidentiali...

CVE-2025-47368 Buffer Over-read in DSP Service

Memory corruption when dereferencing an invalid userspace address in a user buffer during MCDM IOCTL processing...

CVE-2025-47368 Buffer Over-read in DSP Service

Memory corruption when dereferencing an invalid userspace address in a user buffer during MCDM IOCTL processing...

PT-2025-44932

Name of the Vulnerable Software and Affected Versions versions prior to 2025 Description A memory corruption issue exists when dereferencing an invalid userspace address in a user buffer during MCDM IOCTL processing. This can lead to a buffer over-read in the DSP Service. Recommendations At the...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that originates from a memory corruption when an invalid userspace address is dereferenced during MCDM IOCTL processing...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ublk: It is necessary to sanitize the arguments from userspace when adding a device. The Sanity function checks the values for queue depth and the number of queues that we obtain from userspace when adding a device...

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fixed a hang that occurred when cmaneteventcallback failed to call queuework. The referenced commit addressed a crash that occurred when cmaneteventcallback was called for a cmaid, while work on that id from a previous...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Added conditional IBPB mitigation VMSCAPE is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor such as QEMU. Existing mitigations already protect the...

USN-7835-4 linux-hwe-6.8 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Ublk userspace block driver; -...

kernel: KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0 Don't BUG/WARN on interrupt injection due to GIF being cleared, since it's trivial for userspace to force the situation via KVMSETVCPUEVENTS even if having at least...

uio_hv_generic: Let userspace take care of interrupt mask

...

SUSE CVE-2025-40026

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Don't recheck L1 intercepts when completing userspace I/O When completing emulation of instruction that generated a userspace exit for I/O, don't recheck L1 intercepts as KVM has already finished that phase of instructi...

CVE-2025-40026

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Don't recheck L1 intercepts when completing userspace I/O When completing emulation of instruction that generated a userspace exit for I/O, don't recheck L1 intercepts as KVM has already finished that phase of instructi...