41 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: fbdev/ep93xx-fb: Do not assign to struct fbinfo.dev. Do not assign the Linux device to struct fbinfo.dev. The call to registerframebuffer initializes the field to the fbdev device; drivers should not override this value. Fixed a...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure of the fsnotifyadd inodemarklocked function in inotifynewwatch, where the monitoring...
MiracleLinux 7 : kernel-3.10.0-1160.102.1.el7 (AXSA:2023-6501:28)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6501:28 advisory. kernel: net/sched: clsu32 component reference counter leak if tcfchangeindev fails CVE-2023-3609 kernel: netfilter: use-after-free in nftables when...
EUVD-2023-59883
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2023-53314
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fbdev/ep93xx-fb: Do not assign to struct fbinfo.dev Do not assing the Linux device to struct fbinfo.dev. The call to registerframebuffer initializes the field t...
SUSE CVE-2023-53200
In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: fix percpu counter block leak on error path when creating new netns Here is the stack where we allocate percpu counter block: +- ip6tregistertable +- translatetable allocates percpu counter block +-...
CVE-2023-53314
CVE-2023-53314 affects the Linux kernel fbdev/ep93xx-fb driver. The vulnerability stems from assigning the Linux device to struct fb_info.dev; register_framebuffer() already initializes this field, and drivers must not override it. The bug could cause a leak by incorrectly decreasing the hardware...
DEBIAN-CVE-2023-53200
In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: fix percpu counter block leak on error path when creating new netns Here is the stack where we allocate percpu counter block: +- ip6tregistertable +- translatetable allocates percpu counter block +-...
CVE-2023-53200 netfilter: x_tables: fix percpu counter block leak on error path when creating new netns
In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: fix percpu counter block leak on error path when creating new netns Here is the stack where we allocate percpu counter block: +- ip6tregistertable +- translatetable allocates percpu counter block +-...
CVE-2023-53200 netfilter: x_tables: fix percpu counter block leak on error path when creating new netns
In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: fix percpu counter block leak on error path when creating new netns Here is the stack where we allocate percpu counter block: +- ip6tregistertable +- translatetable allocates percpu counter block +-...
CVE-2025-38565
CVE-2025-38565: In the Linux kernel perf_mmap() path, if buffer allocation fails the code still invokes event_mapped(), which can increment perf_rdpmc_allowed on x86 and leaks references because perf_mmap_close() is not called. The documented fix is to return early on failure to prevent the refer...
CVE-2025-38565
In the Linux kernel, the following vulnerability has been resolved: perf/core: Exit early on perfmmap fail When perfmmap fails to allocate a buffer, it still invokes the eventmapped callback of the related event. On X86 this might increase the perfrdpmcallowed reference counter. But nothing undoe...
CVE-2023-53130
...
CVE-2023-53130
CVE-2023-53130 entry is rejected/not used and does not represent an active vulnerability.
SUSE CVE-2022-49128
In the Linux kernel, the following vulnerability has been resolved: drm/bridge: Add missing pmruntimeputsync pmruntimegetsync will increase the rumtime PM counter even when it returns an error. Thus a pairing decrement is needed to prevent refcount leak. Fix this by replacing this API with...
UBUNTU-CVE-2022-49128
In the Linux kernel, the following vulnerability has been resolved: drm/bridge: Add missing pmruntimeputsync pmruntimegetsync will increase the rumtime PM counter even when it returns an error. Thus a pairing decrement is needed to prevent refcount leak. Fix this by replacing this API with...
Important: Red Hat Security Advisory: kernel live patch module security update
An update for kpatch-patch-5140-70641, kpatch-patch-5140-70701, kpatch-patch-5140-70751, kpatch-patch-5140-70801, and kpatch-patch-5140-70851 is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of...
kernel: net/sched: cls_u32 component reference counter leak if tcf_change_indev() fails
A double-free flaw was found in u32setparms in net/sched/clsu32.c in the Network Scheduler component in the Linux kernel. This flaw allows a local attacker to use a failure event to mishandle the reference counter, leading to a local privilege escalation threat...
Important: Red Hat Security Advisory: kpatch-patch security update
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...
kernel: net/sched: cls_u32 component reference counter leak if tcf_change_indev() fails
A double-free flaw was found in u32setparms in net/sched/clsu32.c in the Network Scheduler component in the Linux kernel. This flaw allows a local attacker to use a failure event to mishandle the reference counter, leading to a local privilege escalation threat...