55 matches found
CVE-2023-53989
CVE-2023-53989 (Linux kernel, arm64) The issue is a faulty VA-range sanity check in mm/create_mapping_noalloc() and mm/update_mapping_prot() that could incorrectly trigger on certain regions. The historical condition ((virt >= PAGE_END) && (virt
Linux Distros Unpatched Vulnerability : CVE-2025-68192
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: usb: qmiwwan: initialize MAC header offset in qmimuxrxfixup Raw IP packets have no MAC header, leaving skb-macheader uninitialized. This can trigger kernel...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: NFSD: Avoid calling OPDESC with ops-opnum == OPILLEGAL CVE-2023-53680 Affected Packages: kernel Note: This advisory is applicable to Amazon Linux 2 - Kernel-5.4 Extra. Visit this page to learn more about Amazon...
EUVD-2023-59942
Malicious code in bioql PyPI...
SUSE CVE-2025-39904
In the Linux kernel, the following vulnerability has been resolved: arm64: kexec: initialize kexecbuf struct in loadothersegments Patch series "kexec: Fix invalid field access". The kexecbuf structure was previously declared without initialization. commit bf454ec31add "kexecfile: allow to place...
CVE-2022-50341 cifs: fix oops during encryption
In the Linux kernel, the following vulnerability has been resolved: cifs: fix oops during encryption When running xfstests against Azure the following oops occurred on an arm64 system Unable to handle kernel write to read-only memory at virtual address ffff0001221cf000 Mem abort info: ESR =...
CVE-2025-38670
CVE-2025-38670 affects ARM64 Linux kernel. The vulnerability arises in cpu_switch_to() and call_on_irq_stack() where masking and saving the DAIF state and SCS pointers are not atomic across stack switches, allowing a race during task/IRQ stack transitions. Interrupts (SErrors/Debug Exceptions) ca...
CVE-2025-38670
In the Linux kernel, the following vulnerability has been resolved: arm64/entry: Mask DAIF in cpuswitchto, callonirqstack cpuswitchto and callonirqstack manipulate SP to change to different stacks along with the Shadow Call Stack if it is enabled. Those two stack changes cannot be done atomically...
Linux Distros Unpatched Vulnerability : CVE-2018-18021
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - arch/arm64/kvm/guest.c in KVM in the Linux kernel before 4.18.12 on the arm64 platform mishandles the KVMSETONREG ioctl. This is exploitable by attackers who ca...
CVE-2025-38232
CVE-2025-38232 : A race between NFSD registration and exports_proc causes kernel oopses when exportfs -r and mounting nfsd happen concurrently. The description specifies that the bug arises because nfsd creates the proc entry at init and cleans up at exit, leading to a race with exports_proc. The...
DEBIAN-CVE-2022-50230
In the Linux kernel, the following vulnerability has been resolved: arm64: set UXN on swapper page tables This issue was fixed upstream by accident in c3cee924bd85 "arm64: head: cover entire kernel image in initial ID map" as part of a large refactoring of the arm64 boot flow. This simple fix is...
UBUNTU-CVE-2022-50232
In the Linux kernel, the following vulnerability has been resolved: arm64: set UXN on swapper page tables This issue was fixed upstream by accident in c3cee924bd85 "arm64: head: cover entire kernel image in initial ID map" as part of a large refactoring of the arm64 boot flow. This simple fix is...
CVE-2022-50206 arm64: fix oops in concurrently setting insn_emulation sysctls
In the Linux kernel, the following vulnerability has been resolved: arm64: fix oops in concurrently setting insnemulation sysctls emulationprochandler changes table-data for procdointvecminmax and can generate the following Oops if called concurrently with itself: | Unable to handle kernel NULL...
The vulnerability of the `local_daif_inherit()` function in the `arch/arm64/include/asm/daifflags.h` header, which is part of the ARM 64-bit kernel support for the Linux operating system, allows a hacker to trigger a service failure.
The vulnerability of the localdaifinherit function in the arch/arm64/include/asm/daifflags.h header, which is part of the ARM 64-bit kernel support for Linux operating systems, is related to incorrect input validation. Exploiting this vulnerability could allow an attacker to trigger a system...
The vulnerability of the secondary_start_kernel() function in the arch/arm64/kernel/smp.c module of the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the secondarystartkernel function in the arch/arm64/kernel/smp.c module of the Linux operating system is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a service failure...
kernel: arm64: mm: fix VA-range sanity check
A logic flaw was found in the Linux kernel's arm64 memory management subsystem. The virtual address range sanity check in createmappingnoalloc and updatemappingprot uses an incorrect condition that only excludes the KASAN shadow region and module region, rather than properly validating addresses...
kernel: arm64: set __exception_irq_entry with __irq_entry as a default
A stack trace handling issue was found in ARM64 kernels. Without CONFIGFUNCTIONGRAPHTRACER, the IRQ entry function is not properly marked, causing filterirqstacks to fail and potentially causing stack depot overflow warnings under KASAN...
SUSE CVE-2023-53043
In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: sc7280: Mark PCIe controller as cache coherent If the controller is not marked as cache coherent, then kernel will try to ensure coherency during dma-ops and that may cause data corruption. So, mark the PCIe nod...
DEBIAN-CVE-2023-53043
In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: sc7280: Mark PCIe controller as cache coherent If the controller is not marked as cache coherent, then kernel will try to ensure coherency during dma-ops and that may cause data corruption. So, mark the PCIe nod...
The vulnerability of the poe_set() function in the arch/arm64/kernel/ptrace.c module, which is part of the ARM 64-bit kernel support in the Linux operating system, allows a attacker to gain access to protected information or cause service interruptions.
The vulnerability of the poeset function in the arch/arm64/kernel/ptrace.c module, which is part of the ARM 64-bit kernel support for the Linux operating system, relates to the use of uninitialized resources. Exploiting this vulnerability could allow an attacker to access protected information or...