16 matches found
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from uninitialized arrays and could lead to cleanup logic errors...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: can: hi311x: fix null pointer dereference when resuming from sleep before the interface was enabled. This issue is similar to the vulnerability in the mcp251x driver, which was fixed in commit 03c427147b2d “can: mcp251x: fix resu...
CVE-2025-13437 Arbitrary node_modules Directory Deletion in Google zx
When zx is invoked with --prefer-local=, the CLI creates a symlink named ./nodemodules pointing to /nodemodules. Due to a logic error in src/cli.ts linkNodeModules / cleanup, the function returns the target path instead of the alias symlink path. The later cleanup routine removes what it received...
CVE-2025-38469
In the Linux kernel, the following vulnerability has been resolved: KVM: x86/xen: Fix cleanup logic in emulation of Xen schedop poll hypercalls kvmxenschedoppoll does a kmallocarray when a VM polls the host for more than one event channel potr nrports 1. After the kmallocarray, the error paths ne...
UBUNTU-CVE-2025-38469
In the Linux kernel, the following vulnerability has been resolved: KVM: x86/xen: Fix cleanup logic in emulation of Xen schedop poll hypercalls kvmxenschedoppoll does a kmallocarray when a VM polls the host for more than one event channel potr nrports 1. After the kmallocarray, the error paths ne...
CVE-2025-38469 KVM: x86/xen: Fix cleanup logic in emulation of Xen schedop poll hypercalls
In the Linux kernel, the following vulnerability has been resolved: KVM: x86/xen: Fix cleanup logic in emulation of Xen schedop poll hypercalls kvmxenschedoppoll does a kmallocarray when a VM polls the host for more than one event channel potr nrports 1. After the kmallocarray, the error paths ne...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a cleanup logic error in the Xen schedop poll hypercall simulation...
SUSE CVE-2025-38024
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix slab-use-after-free Read in rxequeuecleanup bug Call Trace: dumpstack lib/dumpstack.c:94 inline dumpstacklvl+0x7d/0xa0 lib/dumpstack.c:120 printaddressdescription mm/kasan/report.c:378 inline printreport+0xcf/0x610...
GHSA-VH64-54PX-QGF8 Goroutine Leak in Abacus SSE Implementation
Goroutine Leak in Abacus SSE Implementation Summary A critical goroutine leak vulnerability has been identified in the Abacus server's Server-Sent Events SSE implementation. The issue occurs when clients disconnect from the /stream endpoint, as the server fails to properly clean up resources and...
Goroutine Leak in Abacus SSE Implementation
Goroutine Leak in Abacus SSE Implementation Summary A critical goroutine leak vulnerability has been identified in the Abacus server's Server-Sent Events SSE implementation. The issue occurs when clients disconnect from the /stream endpoint, as the server fails to properly clean up resources and...
PT-2025-37964
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A potential inconsistent update of the reference count was identified in the smb2 compound op function. This inconsistency could lead to resource leaks. The issue arises because the...
AZL-67755 CVE-2024-35951 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: drm/panfrost: Fix the error path in panfrostmmumapfaultaddr Subject: PATCH drm/panfrost: Fix the error path in panfrostmmumapfaultaddr If some the pages or sgt allocation failed, we shouldn't release the pages ref we got earlier,...
kernel: perf trace: Really free the evsel->priv area
A memory leak flaw was found in the Linux kernel's perf trace tool in the event selector cleanup logic. A local user can trigger this issue by running perf trace commands, causing the tool to free memory based on an incorrect condition check that inverts the intended logic for non-syscall...
GHSA-GCQ9-QQWX-RGJ3 libp2p nodes vulnerable to OOM attack
Summary In go-libp2p, by using signed peer records a malicious actor can store an arbitrary amount of data in a remote node’s memory. This memory does not get garbage collected and so the victim can run out of memory and crash. It is feasible to do this at scale. An attacker would have to transfe...
libp2p nodes vulnerable to OOM attack
Summary In go-libp2p, by using signed peer records a malicious actor can store an arbitrary amount of data in a remote node’s memory. This memory does not get garbage collected and so the victim can run out of memory and crash. It is feasible to do this at scale. An attacker would have to transfe...
Low: Red Hat Security Advisory: kernel security and bug fix update
Updated kernel packages that fix one security issue and three bugs are now available for Red Hat Enterprise Linux 5.6 Extended Update Support. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives...