13814 matches found
AZL-68519 CVE-2025-39990 affecting package kernel 6.6.126.1-1
In the Linux kernel, the following vulnerability has been resolved: bpf: Check the helper function is valid in gethelperproto kernel test robot reported verifier bug 1 where the helper func pointer could be NULL due to disabled config option. As Alexei suggested we could check on that in...
UBUNTU-CVE-2025-39990
In the Linux kernel, the following vulnerability has been resolved: bpf: Check the helper function is valid in gethelperproto kernel test robot reported verifier bug 1 where the helper func pointer could be NULL due to disabled config option. As Alexei suggested we could check on that in...
CVE-2025-39990
The CVE-2025-39990 issue affects the Linux kernel’s BPF verifier logic: a NULL helper pointer could arise in get_helper_proto due to a disabled config option. The fix marks the tail_call helper as BPF_PTR_POISON since it is unused by design, mitigating the NULL pointer path. Public advisories (SU...
CVE-2025-39990 bpf: Check the helper function is valid in get_helper_proto
In the Linux kernel, the following vulnerability has been resolved: bpf: Check the helper function is valid in gethelperproto kernel test robot reported verifier bug 1 where the helper func pointer could be NULL due to disabled config option. As Alexei suggested we could check on that in...
CVE-2025-39990 bpf: Check the helper function is valid in get_helper_proto
In the Linux kernel, the following vulnerability has been resolved: bpf: Check the helper function is valid in gethelperproto kernel test robot reported verifier bug 1 where the helper func pointer could be NULL due to disabled config option. As Alexei suggested we could check on that in...
CVE-2025-39966 iommufd: Fix race during abort for file descriptors
In the Linux kernel, the following vulnerability has been resolved: iommufd: Fix race during abort for file descriptors fput doesn't actually call fileoperations release synchronously, it puts the file on a work queue and it will be released eventually. This is normally fine, except for iommufd t...
EUVD-2025-34516
RemoteCall Remote Support Program for Operator versions prior to 5.3.0 contain an uncontrolled search path element vulnerability. If a crafted DLL is placed in the same folder with the affected product, it may cause an arbitrary code execution...
CVE-2025-55080
In Eclipse ThreadX before 6.4.3, when memory protection is enabled, syscall parameters verification wasn't enough, allowing an attacker to obtain an arbitrary memory read/write...
CVE-2025-26861
RemoteCall Remote Support Program for Operator versions prior to 5.3.0 contain an uncontrolled search path element vulnerability. If a crafted DLL is placed in the same folder with the affected product, it may cause an arbitrary code execution...
CVE-2025-26861
RemoteCall Remote Support Program for Operator versions prior to 5.3.0 contain an uncontrolled search path element vulnerability. If a crafted DLL is placed in the same folder with the affected product, it may cause an arbitrary code execution...
CVE-2025-26861
RemoteCall Remote Support Program for Operator versions prior to 5.3.0 contain an uncontrolled search path element vulnerability. If a crafted DLL is placed in the same folder with the affected product, it may cause an arbitrary code execution...
EUVD-2025-34515
RemoteCall Remote Support Program for Operator versions prior to 5.1.0 contain an uncontrolled search path element vulnerability. If a crafted DLL is placed in the same folder with the affected product, it may cause an arbitrary code execution...
CVE-2025-26860
The CVE-2025-26860 entry concerns RemoteCall Remote Support Program (for Operator) prior to version 5.1.0. The vulnerability is an uncontrolled search path element (CWE-427) that can allow arbitrary code execution if a crafted DLL is placed in the application’s folder. Documents confirm the root ...
CVE-2025-26860
RemoteCall Remote Support Program for Operator versions prior to 5.1.0 contain an uncontrolled search path element vulnerability. If a crafted DLL is placed in the same folder with the affected product, it may cause an arbitrary code execution...
CVE-2025-26860
RemoteCall Remote Support Program for Operator versions prior to 5.1.0 contain an uncontrolled search path element vulnerability. If a crafted DLL is placed in the same folder with the affected product, it may cause an arbitrary code execution...
kernel: vsock: Fix transport_* TOCTOU
In the Linux kernel, the following vulnerability has been resolved: vsock: Fix transport TOCTOU Transport assignment may race with module unload. Protect newtransport from becoming a stale pointer. This also takes care of an insecure call in vsockuselocaltransport; add a lockdep assert. BUG: unab...
PT-2025-42233
RemoteCall Remote Support Program for Operator versions prior to 5.3.0 contain an uncontrolled search path element vulnerability. If a crafted DLL is placed in the same folder with the affected product, it may cause an arbitrary code execution...
PT-2025-42264
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the BPF Berkeley Packet Filter subsystem related to helper function validation within the get helper proto function. A kernel test robot identified a...
PT-2025-42232
RemoteCall Remote Support Program for Operator versions prior to 5.1.0 contain an uncontrolled search path element vulnerability. If a crafted DLL is placed in the same folder with the affected product, it may cause an arbitrary code execution...
EUVD-2025-34356
Uncontrolled resource consumption in Windows Remote Procedure Call allows an unauthorized attacker to deny service over a network...