AZL-64320 CVE-2025-6498 affecting package tidy 5.8.0-6

A vulnerability classified as problematic has been found in HTACG tidy-html5 5.8.0. Affected is the function defaultAlloc of the file src/alloc.c. The manipulation leads to memory leak. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be...

PT-2025-33560

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.16.0-rc2 Description: The Linux kernel contained a flaw in the alloc tag top users function within the lib/alloc tag component. This function attempted to acquire a semaphore lock alloc tag cttype-mod lock eve...

SUSE CVE-2025-38018

In the Linux kernel, the following vulnerability has been resolved: net/tls: fix kernel panic when allocpage failed We cannot set fraglist to NULL pointer when allocpage failed. It will be used in tlsstrpcheckqueueok when the next time tlsstrpreadsock is called. This is because we don't reset...

CVE-2022-49988

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

AZL-70214 CVE-2022-49961 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: bpf: Do markchainprecision for ARGCONSTALLOCSIZEORZERO Precision markers need to be propagated whenever we have an ARGCONST style argument, as the verifier cannot consider imprecise scalars to be equivalent for the purposes of...

UBUNTU-CVE-2022-50143

In the Linux kernel, the following vulnerability has been resolved: intelth: Fix a resource leak in an error handling path If an error occurs after calling 'pciallocirqvectors', 'pcifreeirqvectors' must be called as already done in the remove function...

CVE-2022-49988

Mode C: The connected PT-2025-25914 entry documents a Linux kernel vulnerability in the binder_alloc path related to missing mmap read lock calls when using the VMA. Specifically, mmap_read_lock() is not taken in binder_alloc_print_pages() and during checks in binder_alloc_new_buf_locked(), with ...

CVE-2022-49988

...

CVE-2022-49947 binder: fix alloc->vma_vm_mm null-ptr dereference

In the Linux kernel, the following vulnerability has been resolved: binder: fix alloc-vmavmmm null-ptr dereference Syzbot reported a couple issues introduced by commit 44e602b4e52f "binderalloc: add missing mmaplock calls when using the VMA", in which we attempt to acquire the mmaplock when...

CVE-2022-49947

CVE-2022-49947: Linux kernel binder null-ptr dereference in alloc->vma_vm_mm. Connected reports confirm a fix: initialize alloc->vma_vm_mm during open() and cache from current->mm to guarantee safe mmap_lock usage when a binder_proc has not mmap’d to set up alloc space. Descriptions deta...

DEBIAN-CVE-2025-38018

In the Linux kernel, the following vulnerability has been resolved: net/tls: fix kernel panic when allocpage failed We cannot set fraglist to NULL pointer when allocpage failed. It will be used in tlsstrpcheckqueueok when the next time tlsstrpreadsock is called. This is because we don't reset...

UBUNTU-CVE-2025-38018

In the Linux kernel, the following vulnerability has been resolved: net/tls: fix kernel panic when allocpage failed We cannot set fraglist to NULL pointer when allocpage failed. It will be used in tlsstrpcheckqueueok when the next time tlsstrpreadsock is called. This is because we don't reset...

CVE-2025-38018 net/tls: fix kernel panic when alloc_page failed

In the Linux kernel, the following vulnerability has been resolved: net/tls: fix kernel panic when allocpage failed We cannot set fraglist to NULL pointer when allocpage failed. It will be used in tlsstrpcheckqueueok when the next time tlsstrpreadsock is called. This is because we don't reset...

CVE-2025-38018

In the Linux kernel, the following vulnerability has been resolved: net/tls: fix kernel panic when allocpage failed We cannot set fraglist to NULL pointer when allocpage failed. It will be used in tlsstrpcheckqueueok when the next time tlsstrpreadsock is called. This is because we don't reset...

PT-2025-25914 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, related to the binder alloc module. The issue involved missing mmap lock calls when using the VMA. Specifically, the mmap read lo...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from bpf not marking ARGCONSTALLOCSIZEORZERO precision, which could result in a status error...

PT-2025-25793

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, which previously caused a kernel panic when alloc page failed. This issue occurred because the frag list was set to a NULL pointer...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix null pointer dereference in allocpreauthhash The Client send malformed smb2 negotiate request. ksmbd return error response. Subsequently, the client can send smb2 session setup even thought conn-preauthinfo is not...

SUSE-SU-2025:20344-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-28956: x86/ibt: Keep IBT disabled during alternative patching bsc1242006. - CVE-2024-35840: mptcp: use OPTIONMPTCPMPJSYNACK in...

CVE-2021-39595

An issue was discovered in swftools through 20200710. A stack-buffer-overflow exists in the function rfxalloc located in mem.c. It allows an attacker to cause code Execution...