38 matches found
SUSE CVE-2026-53187
In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Validate cpuid against nrcpuids in DMAH alloc The cpuid attribute supplied by user space through UVERBSATTRALLOCDMAHCPUID is passed directly to cpumasktestcpu without first verifying that the value is within the valid...
PT-2026-52283
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the RDMA/core component where the cpu id attribute, provided by user space via UVERBS ATTR ALLOC DMAH CPU ID, is passed to the cpumask test cpu function without...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: rcu-tasks: Fixed an issue where the non-existent percpu rtpcp variable was accessed in rcutasksneedgpcb. For kernels built with CONFIGFORCENRCPUS=y, nrcpuids is defined as NRCPUS instead of the number of possible CPUs. This can...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: bounds: Use the correct number of bits for CONFIGNRCPUS that is a power of two. The bitsper function rounds up to the next power of two when a power of two is passed as an argument. This can cause crashes on some machines and...
CVE-2026-29787
mcp-memory-service is an open-source memory backend for multi-agent systems. Prior to version 10.21.0, the /api/health/detailed endpoint returns detailed system information including OS version, Python version, CPU count, memory totals, disk usage, and the full database filesystem path. When...
mcp-memory-service Vulnerable to System Information Disclosure via Health Endpoint
Summary The /api/health/detailed endpoint returns detailed system information including OS version, Python version, CPU count, memory totals, disk usage, and the full database filesystem path. When MCPALLOWANONYMOUSACCESS=true is set required for the HTTP server to function without OAuth/API key,...
PT-2026-23609
Name of the Vulnerable Software and Affected Versions mcp-memory-service versions prior to 10.21.0 Description The /api/health/detailed endpoint in mcp-memory-service exposes sensitive system information, including OS version, Python version, CPU count, memory details, disk usage, and the full...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992928)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992928 advisory. In the Linux kernel, the following vulnerability has been resolved: bounds: Use the right number of bits for power-of-two CONFIGNRCPUS bitsper rounds up to the next...
EUVD-2023-60095
In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Cap MSIX used to online CPUs + 1 The irdma driver can use a maximum number of msix vectors equal to numonlinecpus + 1 and the kernel warning stack below is shown if that number is exceeded. The kernel throws a warning...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989721)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989721 advisory. In the Linux kernel, the following vulnerability has been resolved: ixgbe: Fix NULL pointer dereference in ixgbexdpsetup The ixgbe driver currently generates a NULL...
EUVD-2013-4079
Malware in sbrugna...
EUVD-2022-55559
Malicious code in bioql PyPI...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from traversing the CPU using NRCPUS instead of nrcpuids under the CONFIGCPUMASKOFFSTACK and CONFIGDEBUGPERCPUMAP...
CVE-2025-38366 LoongArch: KVM: Check validity of "num_cpu" from user space
In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Check validity of "numcpu" from user space The maximum supported cpu number is EIOINTCROUTEMAXVCPUS about irqchip EIOINTC, here add validation about cpu number to avoid array pointer overflow...
UBUNTU-CVE-2022-49889
In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Check for NULL cpubuffer in ringbufferwakewaiters On some machines the number of listed CPUs may be bigger than the actual CPUs that exist. The tracing subsystem allocates a percpu directory with access to the per CP...
OESA-2025-1034 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: sh: cpuinfo: Fix a warning for CONFIGCPUMASKOFFSTACK When CONFIGCPUMASKOFFSTACK and CONFIGDEBUGPERCPUMAPS are selected, cpumaxbitswarn generates a runtime warnin...
UBUNTU-CVE-2022-49034
In the Linux kernel, the following vulnerability has been resolved: sh: cpuinfo: Fix a warning for CONFIGCPUMASKOFFSTACK When CONFIGCPUMASKOFFSTACK and CONFIGDEBUGPERCPUMAPS are selected, cpumaxbitswarn generates a runtime warning similar as below when showing /proc/cpuinfo. Fix this by using...
AZL-52959 CVE-2024-49926 affecting package kernel for versions less than 6.6.64.2-9
In the Linux kernel, the following vulnerability has been resolved: rcu-tasks: Fix access non-existent percpu rtpcp variable in rcutasksneedgpcb For kernels built with CONFIGFORCENRCPUS=y, the nrcpuids is defined as NRCPUS instead of the number of possible cpus, this will cause the following syst...
UBUNTU-CVE-2024-49926
In the Linux kernel, the following vulnerability has been resolved: rcu-tasks: Fix access non-existent percpu rtpcp variable in rcutasksneedgpcb For kernels built with CONFIGFORCENRCPUS=y, the nrcpuids is defined as NRCPUS instead of the number of possible cpus, this will cause the following syst...
kernel: pstore/ram: Fix crash when setting number of cpus to an odd number
A vulnerability was found in the pstore/ram component of the Linux kernel, which caused crashes when the number of CPU cores was set to an odd number. This issue occurs because the odd-numbered zones became misaligned. This flaw allows a local, authenticated attacker to cause a denial of service...