RUSTSEC-2026-0008 Potential undefined behavior when dereferencing Buf struct

if we dereference the Buf struct right after calling new or default on Buf struct, it passes Null Pointer to the unsafe function slice::fromrawparts. Based on the safety section documentation of function, data must be non-null and aligned even for zero-length slices or slices of ZSTs. Thus, passi...

Potential undefined behavior when dereferencing Buf struct

if we dereference the Buf struct right after calling new or default on Buf struct, it passes Null Pointer to the unsafe function slice::fromrawparts. Based on the safety section documentation of function, data must be non-null and aligned even for zero-length slices or slices of ZSTs. Thus, passi...

Azure Linux 3.0 Security Update: kernel (CVE-2024-46852)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-46852 advisory. - In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fix off-by-one in CMA he...

Siemens Ruggedcom ROX Improper Input Validation (CVE-2022-24958)

drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev-buf release. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993046)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993046 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/shmem-helper: Remove another errant put in error path drmgemshmemmmap doesn't own reference i...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992432)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992432 advisory. In the Linux kernel, the following vulnerability has been resolved: tee: add overflow check in registershmhelper With special lengths supplied by user space,...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not checking the value of buf4, which could lead to an underflow...

Linux Distros Unpatched Vulnerability : CVE-2025-68252

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - misc: fastrpc: Fix dmabuf object leak in fastrpcmaplookup In fastrpcmaplookup, dmabufget is called to obtain a reference to the dmabuf for comparison purposes...

GHSA-G754-HX8W-X2G6 vulnerabilities

Vulnerabilities for packages: kargo, kubo, teleport, buf, q, frp, k8sgateway, caddy, spegel, seaweedfs, traefik, ipfs-cluster, kubernetes-dns-node-cache, k3s, dkron...

EUVD-2025-199712

There is a potential OOB Write vulnerability in the genprovstart function in pbadv.c. The full length of the received data is copied into the link.rx.buf receiver buffer without any validation on the data size...

kernel: drm/gem: Acquire references on GEM handles for framebuffers

In the Linux kernel, the following vulnerability has been resolved: drm/gem: Acquire references on GEM handles for framebuffers A GEM handle can be released while the GEM buffer object is attached to a DRM framebuffer. This leads to the release of the dma-buf backing the buffer object, if any. 1...

dma-buf/dma-resv: check if the new fence is really later

...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988990)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988990 advisory. In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fix potential spectre v1 gadget It appears like nr could be a Spectre v1 gadget a...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988987)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988987 advisory. In the Linux kernel, the following vulnerability has been resolved: dma-buf/syncfile: Don't leak fences on merge failure Each addfence call does a dmafenceget on the...

CVE-2025-40106 comedi: fix divide-by-zero in comedi_buf_munge()

In the Linux kernel, the following vulnerability has been resolved: comedi: fix divide-by-zero in comedibufmunge The comedibufmunge function performs a modulo operation async-mungechan %= async-cmd.chanlistlen without first checking if chanlistlen is zero. If a user program submits a command with...

Siemens SIMATIC Devices Improper Locking (CVE-2024-38780)

In the Linux kernel, the following vulnerability has been resolved: dma-buf/sw-sync: don't enable IRQ from syncprintobj. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; ...

EUVD-2025-36476

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix crypto buffers in non-linear memory The crypto API, through the scatterlist API, expects input buffers to be in linear memory. We handle this with the cifssgsetbuf helper that converts vmalloc'd memory to their...

Important: kernel-livepatch-5.10.240-238.955

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: dma-buf/dma-resv: check if the new fence is really later CVE-2022-49935 In the Linux kernel, the following vulnerability has been resolved: netdevsim: fix memory leak in nsimdrvprobe when nsimdevresourcesregister...

kernel: drm/gem: Acquire references on GEM handles for framebuffers

In the Linux kernel, the following vulnerability has been resolved: drm/gem: Acquire references on GEM handles for framebuffers A GEM handle can be released while the GEM buffer object is attached to a DRM framebuffer. This leads to the release of the dma-buf backing the buffer object, if any. 1...

kernel: drm/gem: Acquire references on GEM handles for framebuffers

In the Linux kernel, the following vulnerability has been resolved: drm/gem: Acquire references on GEM handles for framebuffers A GEM handle can be released while the GEM buffer object is attached to a DRM framebuffer. This leads to the release of the dma-buf backing the buffer object, if any. 1...