CVE-2025-40117

In the Linux kernel, the following vulnerability has been resolved: misc: pciendpointtest: Fix array underflow in pciendpointtestioctl Commit eefb83790a0d "misc: pciendpointtest: Add doorbell test case" added NOBAR -1 to the pcibarno enum which, in practical terms, changes the enum from an unsign...

CVE-2025-40118

In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Fix array-index-out-of-of-bounds on rmmod Since commit f7b705c238d1 "scsi: pm80xx: Set phyattached to zero when device is gone" UBSAN reports: UBSAN: array-index-out-of-bounds in drivers/scsi/pm8001/pm8001sas.c:786:...

UBUNTU-CVE-2025-40117

In the Linux kernel, the following vulnerability has been resolved: misc: pciendpointtest: Fix array underflow in pciendpointtestioctl Commit eefb83790a0d "misc: pciendpointtest: Add doorbell test case" added NOBAR -1 to the pcibarno enum which, in practical terms, changes the enum from an unsign...

UBUNTU-CVE-2025-40118

In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Fix array-index-out-of-of-bounds on rmmod Since commit f7b705c238d1 "scsi: pm80xx: Set phyattached to zero when device is gone" UBSAN reports: UBSAN: array-index-out-of-bounds in drivers/scsi/pm8001/pm8001sas.c:786:...

CVE-2025-40150 f2fs: fix to avoid migrating empty section

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid migrating empty section It reports a bug from device w/ zufs: F2FS-fs dm-64: Inconsistent segment 173822 type 1, 0 in SSA and SIT F2FS-fs dm-64: Stopped filesystem due to reason: 4 Thread A Thread B -...

CVE-2025-40118 scsi: pm80xx: Fix array-index-out-of-of-bounds on rmmod

In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Fix array-index-out-of-of-bounds on rmmod Since commit f7b705c238d1 "scsi: pm80xx: Set phyattached to zero when device is gone" UBSAN reports: UBSAN: array-index-out-of-bounds in drivers/scsi/pm8001/pm8001sas.c:786:...

CVE-2025-40118 scsi: pm80xx: Fix array-index-out-of-of-bounds on rmmod

In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Fix array-index-out-of-of-bounds on rmmod Since commit f7b705c238d1 "scsi: pm80xx: Set phyattached to zero when device is gone" UBSAN reports: UBSAN: array-index-out-of-bounds in drivers/scsi/pm8001/pm8001sas.c:786:...

CVE-2025-40118

CVE-2025-40118 is a Linux kernel vulnerability in the SCSI subsystem (pm80xx/pm8001) where rmmod could trigger an UBSAN array-index-out-of-bounds. The issue occurs when a device behind an expander has an attached_phy value that can exceed the local pm8001 PHY count, causing code to index pm8001_h...

CVE-2025-40117

CVE-2025-40117 : In the Linux kernel, the fix addresses an array underflow in pci_endpoint_test_bar() triggered by a negative value passed to pci_endpoint_test_ioctl(). The root cause was adding NO_BAR (-1) to the pci_barno enum, effectively converting it from unsigned to signed, as described in ...

CVE-2025-40117 misc: pci_endpoint_test: Fix array underflow in pci_endpoint_test_ioctl()

In the Linux kernel, the following vulnerability has been resolved: misc: pciendpointtest: Fix array underflow in pciendpointtestioctl Commit eefb83790a0d "misc: pciendpointtest: Add doorbell test case" added NOBAR -1 to the pcibarno enum which, in practical terms, changes the enum from an unsign...

CVE-2025-40117 misc: pci_endpoint_test: Fix array underflow in pci_endpoint_test_ioctl()

In the Linux kernel, the following vulnerability has been resolved: misc: pciendpointtest: Fix array underflow in pciendpointtestioctl Commit eefb83790a0d "misc: pciendpointtest: Add doorbell test case" added NOBAR -1 to the pcibarno enum which, in practical terms, changes the enum from an unsign...

CVE-2025-40117

In the Linux kernel, the following vulnerability has been resolved: misc: pciendpointtest: Fix array underflow in pciendpointtestioctl Commit eefb83790a0d "misc: pciendpointtest: Add doorbell test case" added NOBAR -1 to the pcibarno enum which, in practical terms, changes the enum from an unsign...

Prototype Pollution

toggle-array is vulnerable to Prototype Pollution. The vulnerability is due to improper input validation in the enable and disable functions, which allows an attacker to supply a crafted payload and inject properties into the Object.prototype, potentially leading to denial of service DoS or...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990820)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990820 advisory. In the Linux kernel, the following vulnerability has been resolved: parport: Proper fix for array out-of-bounds access The recent fix for array out-of-bounds accesse...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990738)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990738 advisory. In the Linux kernel, the following vulnerability has been resolved: speakup: Fix sizeof vs ARRAYSIZE bug The buf pointer is an array of u16 values. This code should ...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990752)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990752 advisory. In the Linux kernel, the following vulnerability has been resolved: fs: prevent out-of-bounds array speculation when closing a file descriptor Google-Bug-Id: 1141993...

PT-2025-46592

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the pci endpoint test module. A commit introduced a change that allows for a potential array underflow in the pci endpoint test bar function when ...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990846)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990846 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix array out-of-bound access in SoC stats Currently, the...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990793)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990793 advisory. In the Linux kernel, the following vulnerability has been resolved: tracing: kprobe: Fix potential null-ptr-deref on tracearray in kprobeeventgentestexit When...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from an array underflow that could result in a memory access error...