802 matches found
CVE-2025-68257
CVE-2025-68257 : Linux kernel COMEDI subsystem vulnerability where compat ioctl handlers could dereference a NULL callback when the device was not attached. Root cause: compat ioctls lacked a proper sanity check of device attached status, allowing a NULL dereference in path leading to a crash. Fi...
PT-2025-51670
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to handling device attachment status within compatible IOCTL handlers. Specifically, sanity checks for a device's attached status are missing in...
Linux Distros Unpatched Vulnerability : CVE-2025-68257
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - comedi: check device's attached status in compat ioctls Syzbot identified an issue 1 that crashes kernel, seemingly due to unexistent callback dev-getvalidroute...
apache-airflow-core (>=3.1.0 <=3.1.4), apache-airflow-providers-common-compat (>=1.6.0 <=1.7.3rc1) +6 more potentially affected by CVE-2025-66388 via apache-airflow (>=3.1.0 <=3.1.4)
apache-airflow PYPI version =3.1.0, =3.1.0, =1.6.0, =1.5.3, =1.26.0, =2.0.2, =0.4.0, =1.1.0, =1.1.4 Source cves: CVE-2025-66388 Source advisory: OSV:GHSA-FV47-PQH6-WXGQ...
apache-airflow-core (>=3.1.0 <=3.1.3), apache-airflow-providers-common-compat (>=1.6.0 <=1.7.3rc1) +6 more potentially affected by CVE-2025-66388 via apache-airflow (>=3.1.0 <=3.1.3)
apache-airflow PYPI version =3.1.0, =3.1.0, =1.6.0, =1.5.3, =1.26.0, =2.0.2, =0.4.0, =1.1.0, =1.1.3 Source cves: CVE-2025-66388 Source advisory: OSV:PYSEC-2025-86...
RHEL 6 : kernel (RHSA-2025:17733)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:17733 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: out-of-bounds write in...
CLSA-2025-1765223770 xorg-x11-server: Fix of 4 CVEs
CVE-2025-9632: fix buffer overflow in XkbSetCompatMap - CVE-2025-62229: fix use-after-free condition due improper error handling during notification creation leading to DoS - CVE-2025-62230: fix use-after-free condition due freeing certain data structures without properly detaching related...
Moderate: Red Hat Security Advisory: xorg-x11-server security update
An update for xorg-x11-server is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
RHEL 9 : xorg-x11-server (RHSA-2025:22364)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:22364 advisory. X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical us...
xorg: xmayland: Value overflow in XkbSetCompatMap()
A flaw was identified in the X.Org X server’s X Keyboard Xkb extension where improper bounds checking in the XkbSetCompatMap function can cause an unsigned short overflow. If an attacker sends specially crafted input data, the value calculation may overflow, leading to memory corruption or a cras...
Moderate: Red Hat Security Advisory: xorg-x11-server security update
An update for xorg-x11-server is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this...
xorg: xmayland: Value overflow in XkbSetCompatMap()
A flaw was identified in the X.Org X server’s X Keyboard Xkb extension where improper bounds checking in the XkbSetCompatMap function can cause an unsigned short overflow. If an attacker sends specially crafted input data, the value calculation may overflow, leading to memory corruption or a cras...
OPENSUSE-SU-2025:20099-1 Security update for xwayland
This update for xwayland fixes the following issues: - CVE-2025-62229: Fixed use-after-free in XPresentNotify structures creation bsc1251958. - CVE-2025-62230: Fixed use-after-free in Xkb client resource removal bsc1251959. - CVE-2025-62231: Fixed value overflow in Xkb extension XkbSetCompatMap...
SUSE-SU-2025:21149-1 Security update for xwayland
This update for xwayland fixes the following issues: - CVE-2025-62229: Fixed use-after-free in XPresentNotify structures creation bsc1251958. - CVE-2025-62230: Fixed use-after-free in Xkb client resource removal bsc1251959. - CVE-2025-62231: Fixed value overflow in Xkb extension XkbSetCompatMap...
CLSA-2025-1764081820 xorg-x11-server-Xwayland: Fix of 3 CVEs
CVE-2025-62229: fix use-after-free caused by incorrect error cleanup in present notify handling - CVE-2025-62230: fix use-after-free caused by improper XKB resource cleanup - CVE-2025-62231: fix overflow caused by improper bounds checking in XkbSetCompatMap...
xorg: xmayland: Value overflow in XkbSetCompatMap()
A flaw was identified in the X.Org X server’s X Keyboard Xkb extension where improper bounds checking in the XkbSetCompatMap function can cause an unsigned short overflow. If an attacker sends specially crafted input data, the value calculation may overflow, leading to memory corruption or a cras...
Low: Red Hat Security Advisory: xorg-x11-server security update
An update for xorg-x11-server is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...
xorg: xmayland: Value overflow in XkbSetCompatMap()
A flaw was identified in the X.Org X server’s X Keyboard Xkb extension where improper bounds checking in the XkbSetCompatMap function can cause an unsigned short overflow. If an attacker sends specially crafted input data, the value calculation may overflow, leading to memory corruption or a cras...
AlmaLinux 10 : xorg-x11-server-Xwayland (ALSA-2025:21035)
The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:21035 advisory. xorg: xmayland: Use-after-free in XPresentNotify structure creation CVE-2025-62229 xorg: xwayland: Use-after-free in Xkb client resource removal...
CLSA-2025-1763138343 tigervnc: Fix of CVE-2025-62231
CVE-2025-62231: fix improper bounds checking in XkbSetCompatMap function to prevent unsigned short overflow and potential memory corruption or crash...