Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: gfs2: Prevent recursive memory reclamation The function new inode returns a new inode with inode-imapping-gfpmask set to GFPHIGHUSERMOVABLE. This value includes the GFPFS flag, so allocations in that address space can recursively...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: vdpasimblk: The number of address spaces and virtqueue groups was set. The commit bda324fd037a “vdpasim: control virtqueue support” added two new fields nas, ngroups to vdpasimdevattr. However, we forgot to initialize these field...

requests-hardened 代码问题漏洞

requests-hardened is a Python library developed by Saleor Commerce, aimed at enhancing the security of HTTP requests. requests-hardened has code vulnerabilities; these vulnerabilities stem from the lack of SSRF protection, which fails to prevent access to shared address spaces as defined in RFC...

CVE-2025-68356

In the Linux kernel, the following vulnerability has been resolved: gfs2: Prevent recursive memory reclaim Function newinode returns a new inode with inode-imapping-gfpmask set to GFPHIGHUSERMOVABLE. This value includes the GFPFS flag, so allocations in that address space can recurse into...

EUVD-2025-205098

In the Linux kernel, the following vulnerability has been resolved: gfs2: Prevent recursive memory reclaim Function newinode returns a new inode with inode-imapping-gfpmask set to GFPHIGHUSERMOVABLE. This value includes the GFPFS flag, so allocations in that address space can recurse into...

CVE-2025-68356

In the Linux kernel, the following vulnerability has been resolved: gfs2: Prevent recursive memory reclaim Function newinode returns a new inode with inode-imapping-gfpmask set to GFPHIGHUSERMOVABLE. This value includes the GFPFS flag, so allocations in that address space can recurse into...

CVE-2025-68356

In the Linux kernel, the following vulnerability has been resolved: gfs2: Prevent recursive memory reclaim Function newinode returns a new inode with inode-imapping-gfpmask set to GFPHIGHUSERMOVABLE. This value includes the GFPFS flag, so allocations in that address space can recurse into...

CVE-2025-68356

CVE-2025-68356 describes a Linux kernel issue in gfs2 where new_inode() could set inode address space GFP masks to GFP_HIGHUSER_MOVABLE, potentially including __GFP_FS and allowing memory reclaim to recurse into filesystem code, risking stack usage and deadlocks. The fix is to remove __GFP_FS fro...

CVE-2025-68356 gfs2: Prevent recursive memory reclaim

In the Linux kernel, the following vulnerability has been resolved: gfs2: Prevent recursive memory reclaim Function newinode returns a new inode with inode-imapping-gfpmask set to GFPHIGHUSERMOVABLE. This value includes the GFPFS flag, so allocations in that address space can recurse into...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a lack of detachioas operations in vfio/pds that could lead to a probe failure...

Linux Distros Unpatched Vulnerability : CVE-2022-50058

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: vdpasimblk: set number of address spaces and virtqueue groups Commit bda324fd037a vdpasim:...

CVE-2022-50058 vdpa_sim_blk: set number of address spaces and virtqueue groups

In the Linux kernel, the following vulnerability has been resolved: vdpasimblk: set number of address spaces and virtqueue groups Commit bda324fd037a "vdpasim: control virtqueue support" added two new fields nas, ngroups to vdpasimdevattr, but we forgot to initialize them for vdpasimblk. When...

CVE-2022-50058

In the Linux kernel, the following vulnerability has been resolved: vdpasimblk: set number of address spaces and virtqueue groups Commit bda324fd037a "vdpasim: control virtqueue support" added two new fields nas, ngroups to vdpasimdevattr, but we forgot to initialize them for vdpasimblk. When...

nossrf 安全漏洞

nossrf is a Snyk open source package. A security vulnerability exists in versions prior to nossrf 1.0.4 that stems from an attacker being able to bypass SSRF protection mechanisms by providing hostnames that resolve to local or reserved IP address spaces...

DEBIAN-CVE-2023-32721

A stored XSS has been found in the Zabbix web application in the Maps element if a URL field is set with spaces before URL...

Server-Side Request Forgery (SSRF)

gitlab is vulnerable to Server-Side Request Forgery SSRF. The vulnerability exists because the shared address spaces are not blocked for requests, allowing an attacker to cause blind SSRF attacks...

kernel: vdpa_sim_blk: set number of address spaces and virtqueue groups

In the Linux kernel, the following vulnerability has been resolved: vdpasimblk: set number of address spaces and virtqueue groups Commit bda324fd037a "vdpasim: control virtqueue support" added two new fields nas, ngroups to vdpasimdevattr, but we forgot to initialize them for vdpasimblk. When...

PT-2022-33395 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions v5.19 through v5.19.3 Description: The issue is related to the vdpa sim blk, which is used to set the number of address spaces and virtqueue groups. The actual impact and attack plausibility have not yet been proven...