Malicious Package

Overview react-native-webview-forked is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

SUSE CVE-2025-71144

In the Linux kernel, the following vulnerability has been resolved: mptcp: ensure context reset on disconnect After the blamed commit below, if the MPC subflow is already in TCPCLOSE status or has fallback to TCP at mptcpdisconnect time, mptcpdofastclose skips setting the sendfastclose flag and t...

f2fs: fix to avoid potential deadlock

...

SUSE CVE-2025-68812

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2025-71129

In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Sign extend kfunc call arguments The kfunc calls are native calls so they should follow LoongArch calling conventions. Sign extend its arguments properly to avoid kernel panic. This is done by adding a new...

CVE-2025-68756

CVE-2025-68756 affects the Linux kernel block layer where blk_mq_[un]quiesce_tagset() and related tag-set management functions can deadlock when NVMe timeout handling and tagset changes interact on shared tagsets. The vulnerability arises because quiescing tagsets and freezing queues previously-r...

PT-2026-27738

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to the RSI driver. Specifically, the rsi mac80211 config function incorrectly defaults to -EOPNOTSUPP, which causes a warning WARN ON within the...

CVE-2023-54254

In the Linux kernel, the following vulnerability has been resolved: drm/ttm: Don't leak a resource on eviction error On eviction errors other than -EMULTIHOP we were leaking a resource. Fix. v2: - Avoid yet another goto Andi Shyti...

CVE-2023-54182

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to check readonly condition correctly With below case, it can mount multi-device image w/ rw option, however one of secondary device is set as ro, later update will cause panic, so let's introduce f2fsdevisreadonly, and...

CVE-2023-54305

In the Linux kernel, the following vulnerability has been resolved: ext4: refuse to create ea block when umounted The ea block expansion need to access sroot while it is already set as NULL when umount is triggered. Refuse this request to avoid panic...

CVE-2023-54305

CVE-2023-54305 is a Linux kernel/ext4 vulnerability where the ea block expansion could access s_root while it is NULL during unmount, risking a kernel panic. Public descriptions across NVD/Red Hat/SUSE/osv entries confirm the issue and its resolution in the kernel, not in user space. The fix prev...

CVE-2023-54305 ext4: refuse to create ea block when umounted

In the Linux kernel, the following vulnerability has been resolved: ext4: refuse to create ea block when umounted The ea block expansion need to access sroot while it is already set as NULL when umount is triggered. Refuse this request to avoid panic...

CVE-2023-54267

Technical details for CVE-2023-54267 are not publicly available in the provided documents. The initial entry mentions a Linux kernel fix in powerpc/pseries and lppaca_shared_proc() but does not specify affected products/versions or remediation specifics beyond generic description; monitor for upd...

SUSE CVE-2023-54008

In the Linux kernel, the following vulnerability has been resolved: virtiovdpa: build affinity masks conditionally We try to build affinity mask via createaffinitymasks unconditionally which may lead several issues: - the affinity mask is not used for parent without affinity support only VDUSE...

UBUNTU-CVE-2023-54130

In the Linux kernel, the following vulnerability has been resolved: hfs/hfsplus: avoid WARNON for sanity check, use proper error handling Commit 55d1cbbbb29e "hfs/hfsplus: use WARNON for sanity check" fixed a build warning by turning a comment into a WARNON, but it turns out that syzbot then...

CVE-2022-50731

In the Linux kernel, the following vulnerability has been resolved: crypto: akcipher - default implementation for setting a private key Changes from v1: removed the default implementation from setpubkey: it is assumed that an implementation must always have this callback defined as there are no u...

CVE-2022-50743

Summary (CVE-2022-50743): In the Linux kernel’s erofs subsystem, a memleak occurs when a non-inline pcluster has a zero block address during readahead. Syzkaller reproduced a case in z_erofs_register_pcluster() where map->m_pa is zero and ztailpacking is false, causing pcl->obj.index to be ...

UBUNTU-CVE-2023-54013

In the Linux kernel, the following vulnerability has been resolved: interconnect: Fix locking for runpm vs reclaim For cases where iccbwset can be called in callbaths that could deadlock against shrinker/reclaim, such as runpm resume, we need to decouple the icc locking. Introduce a new iccbwlock...

CVE-2023-54008 virtio_vdpa: build affinity masks conditionally

In the Linux kernel, the following vulnerability has been resolved: virtiovdpa: build affinity masks conditionally We try to build affinity mask via createaffinitymasks unconditionally which may lead several issues: - the affinity mask is not used for parent without affinity support only VDUSE...

CVE-2023-53988 fs/ntfs3: Fix slab-out-of-bounds read in hdr_delete_de()

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix slab-out-of-bounds read in hdrdeletede Here is a BUG report from syzbot: BUG: KASAN: slab-out-of-bounds in hdrdeletede+0xe0/0x150 fs/ntfs3/index.c:806 Read of size 16842960 at addr ffff888079cc0600 by task...