105 matches found
EUVD-2022-55340
Malicious code in bioql PyPI...
A flaw was found in the filelock_init in fs/locks.c function in the Linux kernel. This issue can lead to host memory exhaustion due to memcg not limiting the number of Portable Operating System Interface (POSIX) file locks.
...
Linux Distros Unpatched Vulnerability : CVE-2025-39886
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Tell memcg to use allowspinning=false path in bpftimerinit Currently, calling bpfmapkmallocnode from bpfasyncinit can cause various locking issues; see the...
SUSE CVE-2025-39886
In the Linux kernel, the following vulnerability has been resolved: bpf: Tell memcg to use allowspinning=false path in bpftimerinit Currently, calling bpfmapkmallocnode from bpfasyncinit can cause various locking issues; see the following stack trace edited for style as one example: ... 10.011566...
AZL-72352 CVE-2025-39886 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: bpf: Tell memcg to use allowspinning=false path in bpftimerinit Currently, calling bpfmapkmallocnode from bpfasyncinit can cause various locking issues; see the following stack trace edited for style as one example: ... 10.011566...
UBUNTU-CVE-2025-39886
In the Linux kernel, the following vulnerability has been resolved: bpf: Tell memcg to use allowspinning=false path in bpftimerinit Currently, calling bpfmapkmallocnode from bpfasyncinit can cause various locking issues; see the following stack trace edited for style as one example: ... 10.011566...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from improper use of memcg in the bpftimerinit function, which could lead to double-acquisition locking and...
CVE-2025-38502
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix oob access in cgroup local storage Lonial reported that an out-of-bounds access in cgroup local storage can be crafted via tail calls. Given two programs each utilizing a cgroup local storage with a different value size,...
Linux Distros Unpatched Vulnerability : CVE-2024-35806
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - soc: fsl: qbman: Always disable interrupts when taking cgrlock smpcallfunctionsingle disables IRQs when executing the callback. To prevent deadlocks, we must...
Linux Distros Unpatched Vulnerability : CVE-2025-38049
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: x86/resctrl: Fix allocation of cleanest CLOSID on platforms with no monitors Commit...
DEBIAN-CVE-2025-38258
In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs-schemes: free old damonsysfsschemefilter-memcgpath on write memcgpathstore assigns a newly allocated memory buffer to filter-memcgpath, without deallocating the previously allocated and assigned memory buffer. As a...
USN-7522-1 linux-azure-nvidia vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - RISC-V architecture; - x86 architecture; - Block layer subsystem; - Compute Acceleration Framework; - ACPI drivers;...
USN-7513-3 linux-azure, linux-azure-6.8, linux-oem-6.8 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - RISC-V architecture; - x86 architecture; - Block layer subsystem; - Compute Acceleration Framework; - ACPI drivers;...
USN-7513-1 linux, linux-aws, linux-aws-6.8, linux-ibm, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-oracle vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - RISC-V architecture; - x86 architecture; - Block layer subsystem; - Compute Acceleration Framework; - ACPI drivers;...
Ubuntu 24.04 LTS : Linux kernel (GKE) vulnerabilities (USN-7515-1)
"The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7515-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws i...
CVE-2025-2527 Improper access control to group information
Mattermost versions 10.5.x = 10.5.2, 9.11.x = 9.11.11 failed to properly verify a user's permissions when accessing groups, which allows an attacker to view group information via an API request...
CVE-2025-38049
In the Linux kernel, the following vulnerability has been resolved: x86/resctrl: Fix allocation of cleanest CLOSID on platforms with no monitors Commit 6eac36bb9eb0 "x86/resctrl: Allocate the cleanest CLOSID by searching closidnumdirtyrmid" added logic that causes resctrl to search for the CLOSID...
DEBIAN-CVE-2025-38049
In the Linux kernel, the following vulnerability has been resolved: x86/resctrl: Fix allocation of cleanest CLOSID on platforms with no monitors Commit 6eac36bb9eb0 "x86/resctrl: Allocate the cleanest CLOSID by searching closidnumdirtyrmid" added logic that causes resctrl to search for the CLOSID...
CVE-2025-38049
CVE-2025-38049 (Linux kernel) : In x86 resctrl, allocation of the cleanest CLOSID could dereference NULL on platforms without LLC occupancy counters, causing a NULL pointer dereference when creating a new control group. The issue arises from code that searched for the CLOSID with the fewest dirty...
CVE-2025-38049 x86/resctrl: Fix allocation of cleanest CLOSID on platforms with no monitors
In the Linux kernel, the following vulnerability has been resolved: x86/resctrl: Fix allocation of cleanest CLOSID on platforms with no monitors Commit 6eac36bb9eb0 "x86/resctrl: Allocate the cleanest CLOSID by searching closidnumdirtyrmid" added logic that causes resctrl to search for the CLOSID...