9 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-31620
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ALSA: usx2y: us144mkii: fix NULL deref on missing interface 0 A malicious USB device with the TASCAM US-144MKII device id can have a configuration containing...
EUVD-2021-15350
Malware in sbrugna...
CVE-2025-8058
The regcomp function in the GNU C library version from 2.4 to 2.41 is subject to a double free if some previous allocation fails. It can be accomplished either by a malloc failure or by using an interposed malloc that injects random malloc failures. The double free can allow buffer manipulation...
Updated rootcerts, nss & firefox packages fix security vulnerabilities
CVE-2025-6424: A use-after-free in FontFaceSet resulted in a potentially exploitable crash. CVE-2025-6425: An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser, and persisted between containers and normal/private...
CVE-2025-38029 kasan: avoid sleepable page allocation from atomic context
In the Linux kernel, the following vulnerability has been resolved: kasan: avoid sleepable page allocation from atomic context applytopterange enters the lazy MMU mode and then invokes kasanpopulatevmallocpte callback on each page table walk iteration. However, the callback can go into sleep when...
Ubuntu 24.04 LTS : Linux kernel (Azure, N-Series) vulnerabilities (USN-7468-1)
"The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7468-1 advisory. Michael Randrianantenaina discovered that the Bluetooth driver in the Linux Kernel contained an improper access control vulnerability. A nearby attacker...
AZL-39791 CVE-2024-31852 affecting package compiler-rt for versions less than 18.1.2-2
LLVM before 18.1.3 generates code in which the LR register can be overwritten without data being saved to the stack, and thus there can sometimes be an exploitable error in the flow of control. This affects the ARM backend and can be demonstrated with Clang. NOTE: the vendor perspective is "we...
OpenJDK: IOR deserialization issue in CORBA (8303384)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: CORBA. Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf; Oracle GraalVM Enterprise Edition: 20.3.11 and 21.3.7. Easily exploitable vulnerability allows...
SUSE-SU-2018:1511-1 Security update for the Linux Kernel (Live Patch 19 for SLE 12 SP2)
This update for the Linux Kernel 4.4.114-9267 fixes several issues. The following security issues were fixed: - CVE-2017-13166: An elevation of privilege vulnerability in the kernel v4l2 video driver was fixed. bsc1085447. - CVE-2018-8897: A statement in the System Programming Guide of the Intel ...