72 matches found
SUSE CVE-2026-45958
In the Linux kernel, the following vulnerability has been resolved: drm/exynos: vidi: fix to avoid directly dereferencing user pointer In vidiconnectionioctl, vidi-ediduser pointer is directly dereferenced in the kernel. This allows arbitrary kernel memory access from the user space, so instead o...
CVE-2026-45958 drm/exynos: vidi: fix to avoid directly dereferencing user pointer
In the Linux kernel, the following vulnerability has been resolved: drm/exynos: vidi: fix to avoid directly dereferencing user pointer In vidiconnectionioctl, vidi-ediduser pointer is directly dereferenced in the kernel. This allows arbitrary kernel memory access from the user space, so instead o...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-012984)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-012984 advisory. In the Linux kernel, the following vulnerability has been resolved: sparc: fix accurate exception reporting in copyfromtouser for UltraSPARC The referenced commit...
CVE-2023-54102
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Prevent lpfcdebugfslockstatwrite buffer overflow A static code analysis tool flagged the possibility of buffer overflow when using copyfromuser for a debugfs entry. Currently, it is possible that copyfromuser copies...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a failure to free memory after a copyfromuser failure in multitransactionnew, which could lead to a memory leak...
CVE-2025-40126
In the Linux kernel, the following vulnerability has been resolved: sparc: fix accurate exception reporting in copyfromtouser for UltraSPARC The referenced commit introduced exception handlers on user-space memory references in copyfromuser and copytouser. These handlers return from the respectiv...
UBUNTU-CVE-2025-40126
In the Linux kernel, the following vulnerability has been resolved: sparc: fix accurate exception reporting in copyfromtouser for UltraSPARC The referenced commit introduced exception handlers on user-space memory references in copyfromuser and copytouser. These handlers return from the respectiv...
CVE-2025-40124
CVE-2025-40124 pertains to the Linux kernel on SPARC, where a BUG_ON in ext4 caused copy_from_user() to report impossible copy sizes when large folios were enabled, leading to faulty __copy_from_iter() results. The root cause involved copy_from_user()/copy_to_user exception handlers that relied o...
Linux Distros Unpatched Vulnerability : CVE-2025-40124
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sparc: fix accurate exception reporting in copyfromtouser for UltraSPARC III Anthony Yznaga tracked down that a BUGON in ext4 code with large folios enabled...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414378)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414378 advisory. An issue was discovered in the Linux kernel before 5.19. In pxa3xxgcuwrite in drivers/video/fbdev/pxa3xx-gcu.c, the count parameter has a type conflict of sizet vers...
EUVD-2025-11814
Malicious code in bioql PyPI...
CVE-2022-50069 BPF: Fix potential bad pointer dereference in bpf_sys_bpf()
In the Linux kernel, the following vulnerability has been resolved: BPF: Fix potential bad pointer dereference in bpfsysbpf The bpfsysbpf helper function allows an eBPF program to load another eBPF program from within the kernel. In this case the argument union bpfattr pointer as well as the insn...
CVE-2025-39989 x86/mce: use is_copy_from_user() to determine copy-from-user context
In the Linux kernel, the following vulnerability has been resolved: x86/mce: use iscopyfromuser to determine copy-from-user context Patch series "mm/hwpoison: Fix regressions in memory failure handling", v4. 1. What am I trying to do: This patchset resolves two critical regressions related to...
CVE-2022-49272
In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix potential AB/BA lock with buffermutex and mmaplock syzbot caught a potential deadlock between the PCM runtime-buffermutex and the mm-mmaplock. It was brought by the recent fix to cover the racy read/write and other...
CVE-2024-50259
In the Linux kernel, the following vulnerability has been resolved: netdevsim: Add trailing zero to terminate the string in nsimnexthopbucketactivitywrite This was found by a static analyzer. We should not forget the trailing zero after copyfromuser if we will further do some string operations,...
AZL-53289 CVE-2024-50259 affecting package kernel for versions less than 6.6.64.2-1
In the Linux kernel, the following vulnerability has been resolved: netdevsim: Add trailing zero to terminate the string in nsimnexthopbucketactivitywrite This was found by a static analyzer. We should not forget the trailing zero after copyfromuser if we will further do some string operations,...
CVE-2024-50259 netdevsim: Add trailing zero to terminate the string in nsim_nexthop_bucket_activity_write()
In the Linux kernel, the following vulnerability has been resolved: netdevsim: Add trailing zero to terminate the string in nsimnexthopbucketactivitywrite This was found by a static analyzer. We should not forget the trailing zero after copyfromuser if we will further do some string operations,...
CVE-2024-50259 netdevsim: Add trailing zero to terminate the string in nsim_nexthop_bucket_activity_write()
In the Linux kernel, the following vulnerability has been resolved: netdevsim: Add trailing zero to terminate the string in nsimnexthopbucketactivitywrite This was found by a static analyzer. We should not forget the trailing zero after copyfromuser if we will further do some string operations,...
CVE-2024-26926 binder: check offset alignment in binder_get_object()
In the Linux kernel, the following vulnerability has been resolved: binder: check offset alignment in bindergetobject Commit 6d98eb95b450 "binder: avoid potential data leakage when copying txn" introduced changes to how binder objects are copied. In doing so, it unintentionally removed an offset...
CVE-2024-26926
CVE-2024-26926 : The Linux kernel vulnerability concerns the binder subsystem. After commit 6d98eb95, an offset alignment check was removed from binder_alloc_copy_from_buffer()/check_buffer(), and answers were copied in binder_get_object() via copy_from_user(), which now requires an explicit offs...