CVE-2025-68349

In the Linux kernel, the following vulnerability has been resolved: NFSv4/pNFS: Clear NFSINOLAYOUTCOMMIT in pnfsmarklayoutstateidinvalid Fixes a crash when layout is null during this call stack: writeinode - nfs4writeinode - pnfslayoutcommitinode pnfssetlayoutcommit relies on the lseg refcount to...

CVE-2025-68353

In the Linux kernel, the following vulnerability has been resolved: net: vxlan: prevent NULL deref in vxlanxmitone Neither sock4 nor sock6 pointers are guaranteed to be non-NULL in vxlanxmitone, e.g. if the iface is brought down. This can lead to the following NULL dereference: BUG: kernel NULL...

UBUNTU-CVE-2025-68349

In the Linux kernel, the following vulnerability has been resolved: NFSv4/pNFS: Clear NFSINOLAYOUTCOMMIT in pnfsmarklayoutstateidinvalid Fixes a crash when layout is null during this call stack: writeinode - nfs4writeinode - pnfslayoutcommitinode pnfssetlayoutcommit relies on the lseg refcount to...

CVE-2025-68349

In the Linux kernel, the following vulnerability has been resolved: NFSv4/pNFS: Clear NFSINOLAYOUTCOMMIT in pnfsmarklayoutstateidinvalid Fixes a crash when layout is null during this call stack: writeinode - nfs4writeinode - pnfslayoutcommitinode pnfssetlayoutcommit relies on the lseg refcount to...

CVE-2025-68349

In the Linux kernel, the following vulnerability has been resolved: NFSv4/pNFS: Clear NFSINOLAYOUTCOMMIT in pnfsmarklayoutstateidinvalid Fixes a crash when layout is null during this call stack: writeinode - nfs4writeinode - pnfslayoutcommitinode pnfssetlayoutcommit relies on the lseg refcount to...

CVE-2025-68349 NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid

In the Linux kernel, the following vulnerability has been resolved: NFSv4/pNFS: Clear NFSINOLAYOUTCOMMIT in pnfsmarklayoutstateidinvalid Fixes a crash when layout is null during this call stack: writeinode - nfs4writeinode - pnfslayoutcommitinode pnfssetlayoutcommit relies on the lseg refcount to...

CVE-2025-68349

CVE-2025-68349 is a Linux kernel vulnerability in the NFSv4/pNFS code path. The root cause is failure to clear the NFS_INO_LAYOUTCOMMIT state when invalidating a layout, which could lead to referencing a null layout during pnfs_mark_layout_stateid_invalid and potentially crash (as described in th...

CVE-2025-68349 NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid

In the Linux kernel, the following vulnerability has been resolved: NFSv4/pNFS: Clear NFSINOLAYOUTCOMMIT in pnfsmarklayoutstateidinvalid Fixes a crash when layout is null during this call stack: writeinode - nfs4writeinode - pnfslayoutcommitinode pnfssetlayoutcommit relies on the lseg refcount to...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not clearing the NFSINOLAYOUTCOMMIT flag, which could lead to a null pointer dereference...

Linux Distros Unpatched Vulnerability : CVE-2025-68696

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - httparty is an API tool. In versions 0.23.2 and prior, httparty is vulnerable to SSRF. This issue can pose a risk of leaking API keys, and it can also allow thi...

PT-2025-53011

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the fix included in commit aefed3e5548f Description The Linux kernel contains an issue within the qla2xxx SCSI driver related to command handling after a chip reset. A previous commit aefed3e5548f introduced...

PT-2025-52954

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to thermal zone unregistration, potentially leading to a double-free condition. This issue arises from a copy of the thermal zone parameters...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a lack of REQOPWRITE in the flush bio, which could lead to a failed commit bio...

PT-2025-52869

Name of the Vulnerable Software and Affected Versions OpenXRechnungToolbox versions through 2024-10-05-3.0.0 Description The software contains an XML External Entity XXE issue due to the missing disallow-doctype-decl feature in the visualization/VisualizerImpl.java component. Recommendations Upda...

PT-2025-52958

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the r8712 init xmit priv routine within the r8712 driver. Memory is allocated in multiple steps, and if a later allocation fails after an earlier one succeeds, th...

Linux Distros Unpatched Vulnerability : CVE-2025-68349

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NFSv4/pNFS: Clear NFSINOLAYOUTCOMMIT in pnfsmarklayoutstateidinvalid Fixes a crash when layout is null during this call stack: writeinode - nfs4writeinode -...

PT-2025-53217

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the nilfs2 file system within the Linux kernel where a kernel warning or panic may occur due to the reuse of discarded buffers in the mark buffer dirty function,...

CVE-2024-58335

OpenXRechnungToolbox through 2024-10-05-3.0.0 before 6c50e89 allows XXE because the disallow-doctype-decl feature is not enabled in visualization/VisualizerImpl.java...

DEBIAN-CVE-2025-68696

httparty is an API tool. In versions 0.23.2 and prior, httparty is vulnerable to SSRF. This issue can pose a risk of leaking API keys, and it can also allow third parties to issue requests to internal servers. This issue has been patched via commit 0529bcd...

CVE-2025-68696

httparty is an API tool. In versions 0.23.2 and prior, httparty is vulnerable to SSRF. This issue can pose a risk of leaking API keys, and it can also allow third parties to issue requests to internal servers. This issue has been patched via commit 0529bcd...