Lucene search
K

16 matches found

CNNVD
CNNVD
added 2026/01/14 12:0 a.m.6 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from uninitialized arrays and could lead to cleanup logic errors...

5.5CVSS6.2AI score0.00121EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/01/13 2:1 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: can: hi311x: fix null pointer dereference when resuming from sleep before the interface was enabled. This issue is similar to the vulnerability in the mcp251x driver, which was fixed in commit 03c427147b2d “can: mcp251x: fix resu...

5.9AI score0.00183EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/11/20 4:25 p.m.13 views

CVE-2025-13437 Arbitrary node_modules Directory Deletion in Google zx

When zx is invoked with --prefer-local=, the CLI creates a symlink named ./nodemodules pointing to /nodemodules. Due to a logic error in src/cli.ts linkNodeModules / cleanup, the function returns the target path instead of the alias symlink path. The later cleanup routine removes what it received...

8.3CVSS0.0008EPSS
Exploits0References1
NVD
NVD
added 2025/07/28 12:15 p.m.4 views

CVE-2025-38469

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/xen: Fix cleanup logic in emulation of Xen schedop poll hypercalls kvmxenschedoppoll does a kmallocarray when a VM polls the host for more than one event channel potr nrports 1. After the kmallocarray, the error paths ne...

5.5CVSS0.00148EPSS
Exploits0References4
OSV
OSV
added 2025/07/28 12:15 p.m.5 views

UBUNTU-CVE-2025-38469

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/xen: Fix cleanup logic in emulation of Xen schedop poll hypercalls kvmxenschedoppoll does a kmallocarray when a VM polls the host for more than one event channel potr nrports 1. After the kmallocarray, the error paths ne...

5.5CVSS5.9AI score0.00148EPSS
Exploits0References29
Cvelist
Cvelist
added 2025/07/28 11:21 a.m.9 views

CVE-2025-38469 KVM: x86/xen: Fix cleanup logic in emulation of Xen schedop poll hypercalls

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/xen: Fix cleanup logic in emulation of Xen schedop poll hypercalls kvmxenschedoppoll does a kmallocarray when a VM polls the host for more than one event channel potr nrports 1. After the kmallocarray, the error paths ne...

0.00148EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/07/28 12:0 a.m.5 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a cleanup logic error in the Xen schedop poll hypercall simulation...

5.5CVSS8AI score0.00148EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2025/06/19 3:15 a.m.2 views

SUSE CVE-2025-38024

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix slab-use-after-free Read in rxequeuecleanup bug Call Trace: dumpstack lib/dumpstack.c:94 inline dumpstacklvl+0x7d/0xa0 lib/dumpstack.c:120 printaddressdescription mm/kasan/report.c:378 inline printreport+0xcf/0x610...

5.5CVSS7.7AI score0.00175EPSS
Exploits0References20
OSV
OSV
added 2025/03/03 4:21 p.m.10 views

GHSA-VH64-54PX-QGF8 Goroutine Leak in Abacus SSE Implementation

Goroutine Leak in Abacus SSE Implementation Summary A critical goroutine leak vulnerability has been identified in the Abacus server's Server-Sent Events SSE implementation. The issue occurs when clients disconnect from the /stream endpoint, as the server fails to properly clean up resources and...

7.5CVSS6.5AI score0.00381EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2025/03/03 4:21 p.m.30 views

Goroutine Leak in Abacus SSE Implementation

Goroutine Leak in Abacus SSE Implementation Summary A critical goroutine leak vulnerability has been identified in the Abacus server's Server-Sent Events SSE implementation. The issue occurs when clients disconnect from the /stream endpoint, as the server fails to properly clean up resources and...

7.5CVSS6.3AI score0.00381EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.3 views

PT-2025-37964

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A potential inconsistent update of the reference count was identified in the smb2 compound op function. This inconsistency could lead to resource leaks. The issue arises because the...

5.5CVSS6.2AI score0.00137EPSS
Exploits0
OSV
OSV
added 2024/05/20 10:15 a.m.10 views

AZL-67755 CVE-2024-35951 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: drm/panfrost: Fix the error path in panfrostmmumapfaultaddr Subject: PATCH drm/panfrost: Fix the error path in panfrostmmumapfaultaddr If some the pages or sgt allocation failed, we shouldn't release the pages ref we got earlier,...

5.5CVSS5.8AI score0.00237EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/04/30 9:57 a.m.4 views

kernel: perf trace: Really free the evsel->priv area

A memory leak flaw was found in the Linux kernel's perf trace tool in the event selector cleanup logic. A local user can trigger this issue by running perf trace commands, causing the tool to free memory based on an incorrect condition check that inverts the intended logic for non-syscall...

5.5CVSS7.2AI score0.00184EPSS
Exploits0References5
OSV
OSV
added 2023/08/24 10:22 p.m.25 views

GHSA-GCQ9-QQWX-RGJ3 libp2p nodes vulnerable to OOM attack

Summary In go-libp2p, by using signed peer records a malicious actor can store an arbitrary amount of data in a remote node’s memory. This memory does not get garbage collected and so the victim can run out of memory and crash. It is feasible to do this at scale. An attacker would have to transfe...

7.5CVSS7.4AI score0.00772EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2023/08/24 10:22 p.m.48 views

libp2p nodes vulnerable to OOM attack

Summary In go-libp2p, by using signed peer records a malicious actor can store an arbitrary amount of data in a remote node’s memory. This memory does not get garbage collected and so the victim can run out of memory and crash. It is feasible to do this at scale. An attacker would have to transfe...

7.5CVSS6.7AI score0.00772EPSS
Exploits0References6Affected Software1
RedHat Linux
RedHat Linux
added 2012/11/20 10:20 p.m.58 views

Low: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix one security issue and three bugs are now available for Red Hat Enterprise Linux 5.6 Extended Update Support. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives...

1.2CVSS6.5AI score0.00556EPSS
Exploits1References2
Rows per page
Query Builder