41 matches found
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure of the fsnotifyadd inodemarklocked function in inotifynewwatch, where the monitoring...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: fbdev/ep93xx-fb: Do not assign to struct fbinfo.dev. Do not assign the Linux device to struct fbinfo.dev. The call to registerframebuffer initializes the field to the fbdev device. Drivers should not override its value. Fixed a b...
MiracleLinux 7 : kernel-3.10.0-1160.102.1.el7 (AXSA:2023-6501:28)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6501:28 advisory. kernel: net/sched: clsu32 component reference counter leak if tcfchangeindev fails CVE-2023-3609 kernel: netfilter: use-after-free in nftables when...
EUVD-2023-59883
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2023-53314
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fbdev/ep93xx-fb: Do not assign to struct fbinfo.dev Do not assing the Linux device to struct fbinfo.dev. The call to registerframebuffer initializes the field t...
SUSE CVE-2023-53200
In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: fix percpu counter block leak on error path when creating new netns Here is the stack where we allocate percpu counter block: +- ip6tregistertable +- translatetable allocates percpu counter block +-...
CVE-2023-53314
CVE-2023-53314 affects the Linux kernel fbdev/ep93xx-fb driver. The vulnerability stems from assigning the Linux device to struct fb_info.dev; register_framebuffer() already initializes this field, and drivers must not override it. The bug could cause a leak by incorrectly decreasing the hardware...
DEBIAN-CVE-2023-53200
In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: fix percpu counter block leak on error path when creating new netns Here is the stack where we allocate percpu counter block: +- ip6tregistertable +- translatetable allocates percpu counter block +-...
CVE-2023-53200 netfilter: x_tables: fix percpu counter block leak on error path when creating new netns
In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: fix percpu counter block leak on error path when creating new netns Here is the stack where we allocate percpu counter block: +- ip6tregistertable +- translatetable allocates percpu counter block +-...
CVE-2023-53200 netfilter: x_tables: fix percpu counter block leak on error path when creating new netns
In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: fix percpu counter block leak on error path when creating new netns Here is the stack where we allocate percpu counter block: +- ip6tregistertable +- translatetable allocates percpu counter block +-...
CVE-2025-38565
In the Linux kernel, the following vulnerability has been resolved: perf/core: Exit early on perfmmap fail When perfmmap fails to allocate a buffer, it still invokes the eventmapped callback of the related event. On X86 this might increase the perfrdpmcallowed reference counter. But nothing undoe...
CVE-2025-38565
CVE-2025-38565: In the Linux kernel perf_mmap() path, if buffer allocation fails the code still invokes event_mapped(), which can increment perf_rdpmc_allowed on x86 and leaks references because perf_mmap_close() is not called. The documented fix is to return early on failure to prevent the refer...
CVE-2023-53130
CVE-2023-53130 entry is rejected/not used and does not represent an active vulnerability.
CVE-2023-53130
...
SUSE CVE-2022-49128
In the Linux kernel, the following vulnerability has been resolved: drm/bridge: Add missing pmruntimeputsync pmruntimegetsync will increase the rumtime PM counter even when it returns an error. Thus a pairing decrement is needed to prevent refcount leak. Fix this by replacing this API with...
UBUNTU-CVE-2022-49128
In the Linux kernel, the following vulnerability has been resolved: drm/bridge: Add missing pmruntimeputsync pmruntimegetsync will increase the rumtime PM counter even when it returns an error. Thus a pairing decrement is needed to prevent refcount leak. Fix this by replacing this API with...
Important: Red Hat Security Advisory: kernel live patch module security update
An update for kpatch-patch-5140-70641, kpatch-patch-5140-70701, kpatch-patch-5140-70751, kpatch-patch-5140-70801, and kpatch-patch-5140-70851 is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of...
kernel: net/sched: cls_u32 component reference counter leak if tcf_change_indev() fails
A double-free flaw was found in u32setparms in net/sched/clsu32.c in the Network Scheduler component in the Linux kernel. This flaw allows a local attacker to use a failure event to mishandle the reference counter, leading to a local privilege escalation threat...
Important: Red Hat Security Advisory: kpatch-patch security update
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...
kernel: net/sched: cls_u32 component reference counter leak if tcf_change_indev() fails
A double-free flaw was found in u32setparms in net/sched/clsu32.c in the Network Scheduler component in the Linux kernel. This flaw allows a local attacker to use a failure event to mishandle the reference counter, leading to a local privilege escalation threat...