CVE-2025-68322 parisc: Avoid crash due to unaligned access in unwinder

In the Linux kernel, the following vulnerability has been resolved: parisc: Avoid crash due to unaligned access in unwinder Guenter Roeck reported this kernel crash on his emulated B160L machine: Starting network: udhcpc: started, v1.36.1 Backtrace: unwindonce+0x1c/0x5c...

CVE-2025-68322 parisc: Avoid crash due to unaligned access in unwinder

In the Linux kernel, the following vulnerability has been resolved: parisc: Avoid crash due to unaligned access in unwinder Guenter Roeck reported this kernel crash on his emulated B160L machine: Starting network: udhcpc: started, v1.36.1 Backtrace: unwindonce+0x1c/0x5c...

CVE-2025-68322

CVE-2025-68322 affects the Linux kernel on PA-RISC where unwinding stack could read unaligned memory, triggering a crash and spinlock recursion. The public descriptions in multiple sources (SUSE, Red Hat, Debian, NVD/NVD mirrors, OSV) confirm the issue and report a fix: add an alignment check bef...

EUVD-2025-203646

In the Linux kernel, the following vulnerability has been resolved: hungtask: fix warnings caused by unaligned lock pointers The blocker tracking mechanism assumes that lock pointers are at least 4-byte aligned to use their lower bits for type encoding. However, as reported by Eero Tamminen, some...

CVE-2025-68250

In the Linux kernel, the following vulnerability has been resolved: hungtask: fix warnings caused by unaligned lock pointers The blocker tracking mechanism assumes that lock pointers are at least 4-byte aligned to use their lower bits for type encoding. However, as reported by Eero Tamminen, some...

CVE-2025-68250

In the Linux kernel, the following vulnerability has been resolved: hungtask: fix warnings caused by unaligned lock pointers The blocker tracking mechanism assumes that lock pointers are at least 4-byte aligned to use their lower bits for type encoding. However, as reported by Eero Tamminen, some...

UBUNTU-CVE-2025-68250

In the Linux kernel, the following vulnerability has been resolved: hungtask: fix warnings caused by unaligned lock pointers The blocker tracking mechanism assumes that lock pointers are at least 4-byte aligned to use their lower bits for type encoding. However, as reported by Eero Tamminen, some...

CVE-2025-68308 can: kvaser_usb: leaf: Fix potential infinite loop in command parsers

In the Linux kernel, the following vulnerability has been resolved: can: kvaserusb: leaf: Fix potential infinite loop in command parsers The kvaserusbleafwaitcmd and kvaserusbleafreadbulkcallback functions contain logic to zero-length commands. These commands are used to align data to the USB...

CVE-2025-68308 can: kvaser_usb: leaf: Fix potential infinite loop in command parsers

In the Linux kernel, the following vulnerability has been resolved: can: kvaserusb: leaf: Fix potential infinite loop in command parsers The kvaserusbleafwaitcmd and kvaserusbleafreadbulkcallback functions contain logic to zero-length commands. These commands are used to align data to the USB...

CVE-2025-68250 hung_task: fix warnings caused by unaligned lock pointers

In the Linux kernel, the following vulnerability has been resolved: hungtask: fix warnings caused by unaligned lock pointers The blocker tracking mechanism assumes that lock pointers are at least 4-byte aligned to use their lower bits for type encoding. However, as reported by Eero Tamminen, some...

CVE-2025-68250

The CVE-2025-68250 entry is about a Linux kernel issue where the blocker tracking mechanism assumed 4-byte alignment for lock pointers to encode types in lower bits. On architectures like m68k with only 2-byte alignment for 32-bit values, two WARN_ON_ONCE checks could trigger. The fix silently ig...

CVE-2025-68250 hung_task: fix warnings caused by unaligned lock pointers

In the Linux kernel, the following vulnerability has been resolved: hungtask: fix warnings caused by unaligned lock pointers The blocker tracking mechanism assumes that lock pointers are at least 4-byte aligned to use their lower bits for type encoding. However, as reported by Eero Tamminen, some...

UIXPOSE: Mobile Malware Detection Via Intention-Behaviour Discrepancy Analysis

We introduce UIXPOSE, a source-code-agnostic framework that operates on both compiled and open-source apps. This framework applies Intention Behaviour Alignment IBA to mobile malware analysis, aligning UI-inferred intent with runtime semantics. Previous work either infers intent statically, e.g.,...

PT-2025-51734

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the unwinder that can lead to a system crash due to unaligned memory access. This issue occurs when the unwinder attempts to read the previous stack...

Linux Distros Unpatched Vulnerability : CVE-2025-68322

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - parisc: Avoid crash due to unaligned access in unwinder Guenter Roeck reported this kernel crash on his emulated B160L machine: Starting network: udhcpc: starte...

PT-2025-51663

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue related to the blocker tracking mechanism, which assumes 4-byte alignment of lock pointers. Some architectures, like m68k, only guarantee 2-byte...

PT-2025-51712

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the kvaser usb leaf wait cmd and kvaser usb leaf read bulk callback functions related to handling zero-length commands used for aligning data to U...

OESA-2025-2797 bwa security update

BWA is a program for aligning sequencing reads against a large reference genome e.g. human genome. It has two major components, one for read shorter than 150bp and the other for longer reads. Security Fixes: BWA aka Burrow-Wheeler Aligner before 2019-01-23 has a stack-based buffer overflow in the...

Cybersecurity Performance Goals 2.0 for Critical Infrastructure

Today, CISA released updated Cross-Sector Cybersecurity Performance Goals CPG 2.0 with measurable actions for critical infrastructure owners and operators to achieve a foundational level of cybersecurity. This update incorporates lessons learned, aligns with the most recent National Institute of...

CVE-2025-40336

In the Linux kernel, the following vulnerability has been resolved: drm/gpusvm: fix hmmpfntomaporder usage Handle the case where the hmm range partially covers a huge page like 2M, otherwise we can potentially end up doing something nasty like mapping memory which is outside the range, and maybe...