Linux Distros Unpatched Vulnerability : CVE-2024-42075

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: bpf: Fix remap of arena. The bpf arena logic didn't account for mremap operation. Add a refc...

Linux Distros Unpatched Vulnerability : CVE-2024-26959

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btnxpuart: Fix btnxpuartclose Fix scheduling while atomic BUG in btnxpuartclose,...

Dell ControlVault3 cv_close arbitrary free vulnerability

Talos Vulnerability Report TALOS-2024-2129 Dell ControlVault3 cvclose arbitrary free vulnerability August 9, 2025 CVE Number CVE-2025-25215 SUMMARY An arbitrary free vulnerability exists in the cvclose functionality of Dell ControlVault3 5.14.3.0. A specially crafted ControlVault API call can lea...

Linux Distros Unpatched Vulnerability : CVE-2023-53045

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: gadget: uaudio: don't let userspace block driver unbind In the unbind callback for fuac1 and fuac2, a call to sndcardfree via gaudiocleanup will disconnect...

Linux Distros Unpatched Vulnerability : CVE-2025-37933

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: octeonep: Fix host hang issue during device reboot When the host loses heartbeat messages fr...

Linux Distros Unpatched Vulnerability : CVE-2019-0231

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Handling of the closenotify SSL/TLS message does not lead to a connection closure, leading the server to retain the socket opened and to have the client...

kernel: serial: core: fix transmit-buffer reset and memleak

In the Linux kernel, the following vulnerability has been resolved: serial: core: fix transmit-buffer reset and memleak Commit 761ed4a94582 "tty: serialcore: convert uartclose to use ttyportclose" converted serial core to use ttyportclose but failed to notice that the transmit buffer still needs ...

UBUNTU-CVE-2023-32256

A flaw was found in the Linux kernel's ksmbd component. A race condition between smb2 close operation and logoff in multichannel connections could result in a use-after-free issue...

CVE-2023-32256 Kernel: ksmbd race issue from smb2 close and logoff with multichannel

A flaw was found in the Linux kernel's ksmbd component. A race condition between smb2 close operation and logoff in multichannel connections could result in a use-after-free issue...

CVE-2023-32256 Kernel: ksmbd race issue from smb2 close and logoff with multichannel

A flaw was found in the Linux kernel's ksmbd component. A race condition between smb2 close operation and logoff in multichannel connections could result in a use-after-free issue...

SUSE CVE-2025-38358

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between async reclaim worker and closectree Syzbot reported an assertion failure due to an attempt to add a delayed iput after we have set BTRFSFSSTATENODELAYEDIPUT in the fsinfo state: WARNING: CPU: 0 PID: 65 at...

PT-2025-33762

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The perf mmap code does not prevent Virtual Memory Area VMA splits caused by resizing or partial unmapping of a mapping. This can lead to reference count leaks in perf mmap open and pe...

tomcat: Apache Tomcat denial of service

A denial of service flaw was found in Apache Tomcat. A race condition during connection closure could trigger a JVM crash when using the APR/Native connector, leading to a denial of service. This issue was particularly noticeable with client-initiated closures of HTTP/2 connections...

AZL-65822 CVE-2025-38459 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: atm: clip: Fix infinite recursive call of clippush. syzbot reported the splat below. 0 This happens if we call ioctlATMARPMKIP more than once. During the first call, clipmkip sets clippush to vcc-push, and the second call copies ...

CVE-2025-38358

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between async reclaim worker and closectree Syzbot reported an assertion failure due to an attempt to add a delayed iput after we have set BTRFSFSSTATENODELAYEDIPUT in the fsinfo state: WARNING: CPU: 0 PID: 65 at...

CVE-2025-38358 btrfs: fix race between async reclaim worker and close_ctree()

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between async reclaim worker and closectree Syzbot reported an assertion failure due to an attempt to add a delayed iput after we have set BTRFSFSSTATENODELAYEDIPUT in the fsinfo state: WARNING: CPU: 0 PID: 65 at...

CLSA-2025-1752922753 nodejs: Fix of CVE-2024-27983

CVE-2024-27983: ensure to close stream when destroying session to prevent memory leak...

Apache Tomcat 9.0.0-M1 < 9.0.107 Multiple Vulnerabilities

The version of Apache Tomcat installed on the remote host is 9.0.0-M1 prior to 9.0.107, 10.1.0-M1 prior to 10.1.43 or 11.0.0-M1 prior to 11.0.9. It is, therefore, affected by multiple vulnerabilities : - A race condition on connection close could trigger a JVM crash when using the APR/Native...

DEBIAN-CVE-2025-38321

In the Linux kernel, the following vulnerability has been resolved: smb: Log an error when closeallcacheddirs fails Under low-memory conditions, closeallcacheddirs can't move the dentries to a separate list to dput them once the locks are dropped. This will result in a "Dentry still in use" error...

AZL-64899 CVE-2025-38321 affecting package kernel for versions less than 6.6.96.1-1

In the Linux kernel, the following vulnerability has been resolved: smb: Log an error when closeallcacheddirs fails Under low-memory conditions, closeallcacheddirs can't move the dentries to a separate list to dput them once the locks are dropped. This will result in a "Dentry still in use" error...