3975 matches found
OESA-2025-2297 buildah security update
The package provides a command line tool which can be used to create a working container from scratch or create a working container from an image as a starting point mount/umount a working container's root file system for manipulation save container's root file system layer to create a new image...
Denial Of Service (DoS)
ImageMagick is vulnerable to Denial of Service DoS. The vulnerability is due to a function-type-mismatch in the splay tree cloning callback, which allows an attacker to trigger a deterministic abort under UBSan, leading to service disruption in sanitizer builds...
SUSE CVE-2023-53308
In the Linux kernel, the following vulnerability has been resolved: net: fec: Better handle pmruntimeget failing in .remove In the unlikely event that pmruntimeget disguised as pmruntimeresumeandget fails, the remove callback returned an error early. The problem with this is that the driver core...
SUSE CVE-2025-39832
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix lockdep assertion on sync reset unload event Fix lockdep assertion triggered during sync reset unload event. When the sync reset flow is initiated using the devlink reload fwactivate option, the PF already holds the...
CVE-2023-53308
In the Linux kernel, the following vulnerability has been resolved: net: fec: Better handle pmruntimeget failing in .remove In the unlikely event that pmruntimeget disguised as pmruntimeresumeandget fails, the remove callback returned an error early. The problem with this is that the driver core...
UBUNTU-CVE-2023-53308
In the Linux kernel, the following vulnerability has been resolved: net: fec: Better handle pmruntimeget failing in .remove In the unlikely event that pmruntimeget disguised as pmruntimeresumeandget fails, the remove callback returned an error early. The problem with this is that the driver core...
UBUNTU-CVE-2022-50350
In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix a race condition between loginwork and the login thread In case a malicious initiator sends some random data immediately after a login PDU; the iscsitargetskdataready callback will schedule the loginwork...
Malicious code in @thangved/callback-window (npm)
The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ed460a227837fd3f7ae156229624e47d46e10b4bca19f0089a29f75c5ca13e09 Any computer that has this package installed or running should be considered fully compromised. All...
CVE-2023-53308
In the Linux kernel, the following vulnerability has been resolved: net: fec: Better handle pmruntimeget failing in .remove In the unlikely event that pmruntimeget disguised as pmruntimeresumeandget fails, the remove callback returned an error early. The problem with this is that the driver core...
CVE-2023-53308 net: fec: Better handle pm_runtime_get() failing in .remove()
In the Linux kernel, the following vulnerability has been resolved: net: fec: Better handle pmruntimeget failing in .remove In the unlikely event that pmruntimeget disguised as pmruntimeresumeandget fails, the remove callback returned an error early. The problem with this is that the driver core...
CVE-2022-50350 scsi: target: iscsi: Fix a race condition between login_work and the login thread
In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix a race condition between loginwork and the login thread In case a malicious initiator sends some random data immediately after a login PDU; the iscsitargetskdataready callback will schedule the loginwork...
CVE-2025-39832 net/mlx5: Fix lockdep assertion on sync reset unload event
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix lockdep assertion on sync reset unload event Fix lockdep assertion triggered during sync reset unload event. When the sync reset flow is initiated using the devlink reload fwactivate option, the PF already holds the...
CVE-2025-39832 net/mlx5: Fix lockdep assertion on sync reset unload event
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix lockdep assertion on sync reset unload event Fix lockdep assertion triggered during sync reset unload event. When the sync reset flow is initiated using the devlink reload fwactivate option, the PF already holds the...
UBUNTU-CVE-2023-53267
In the Linux kernel, the following vulnerability has been resolved: driver: soc: xilinx: fix memory leak in xlnxaddcbfornotifyevent The kfree should be called when memory fails to be allocated for cbdata in xlnxaddcbfornotifyevent, otherwise there will be a memory leak, so add kfree to fix it...
CVE-2023-53298 nfc: fix memory leak of se_io context in nfc_genl_se_io
In the Linux kernel, the following vulnerability has been resolved: nfc: fix memory leak of seio context in nfcgenlseio The callback context for sending/receiving APDUs to/from the selected secure element is allocated inside nfcgenlseio and supposed to be eventually freed in seiocb callback...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a race condition between the iscsitargetskdataready callback and the login thread, which could result in a...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the possibility that the external power change callback in the aasp288fuelgaugeprobe function may be using a...
PT-2025-38026
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw in the networking subsystem related to the fec driver. Specifically, the issue arises when pm runtime get fails within the .remove function. This failu...
CVE-2023-53180
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Avoid NULL pointer access during management transmit cleanup Currently 'ar' reference is not added in skbcb. Though this is generally not used during transmit completion callbacks, on interface removal the remaining...
DEBIAN-CVE-2023-53180
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Avoid NULL pointer access during management transmit cleanup Currently 'ar' reference is not added in skbcb. Though this is generally not used during transmit completion callbacks, on interface removal the remaining...