CVE-2025-58147

A flaw was found in Xen. Hypercalls using the HVVPSET Sparse format can cause vpmaskset to write out of bounds when converting the bitmap to Xen's format. A buggy or malicious guest can cause Denial of Service DoS affecting the entire host, information leaks, or elevation of privilege...

CVE-2025-58147

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Some Viridian hypercalls can specify a mask of vCPU IDs as an input, in one of three formats. Xen has boundary checking bugs with all three formats, which can cause...

SUSE CVE-2025-58147

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Some Viridian hypercalls can specify a mask of vCPU IDs as an input, in one of three formats. Xen has boundary checking bugs with all three formats, which can cause...

EUVD-2025-31856

A security vulnerability has been detected in Tenda CH22 up to 1.0.0.1. This issue affects the function formWrlsafeset of the file /goform/AdvSetWrlsafeset of the component HTTP Request Handler. The manipulation of the argument mitssidindex leads to stack-based buffer overflow. The attack may be...

AZL-68004 CVE-2025-39895 affecting package kernel for versions less than 6.6.112.1-1

In the Linux kernel, the following vulnerability has been resolved: sched: Fix schednumafindnthcpu if mask offline schednumafindnthcpu uses a bsearch to look for the 'closest' CPU in scheddomainsnumamasks and given cpus mask. However they might not intersect if all CPUs in the cpus mask are...

UBUNTU-CVE-2022-50223

In the Linux kernel, the following vulnerability has been resolved: LoongArch: cpuinfo: Fix a warning for CONFIGCPUMASKOFFSTACK When CONFIGCPUMASKOFFSTACK and CONFIGDEBUGPERCPUMAPS is selected, cpumaxbitswarn generates a runtime warning similar as below while we show /proc/cpuinfo. Fix this by...

CVE-2022-50223

CVE-2022-50223 affects the Linux kernel on LoongArch where, when CONFIG_CPUMASK_OFFSTACK and CONFIG_DEBUG_PER_CPU_MAPS are enabled, cpu_max_bits_warn() could trigger a runtime warning during /proc/cpuinfo display. The issue arises from iterating CPUs using NR_CPUS and is fixed by using nr_cpu_ids...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from improper handling of CPU masks, which may result in a runtime warning...

SUSE CVE-2025-21991

In the Linux kernel, the following vulnerability has been resolved: x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes Currently, loadmicrocodeamd iterates over all NUMA nodes, retrieves their CPU masks and unconditionally accesses per-CPU data for the first CPU of each mask...

CVE-2022-49090 arch/arm64: Fix topology initialization for core scheduling

In the Linux kernel, the following vulnerability has been resolved: arch/arm64: Fix topology initialization for core scheduling Arm64 systems rely on storecputopology to call updatesiblingsmasks to transfer the toplogy to the various cpu masks. This needs to be done before the call to...

kernel: RDMA/irdma: Cap MSIX used to online CPUs + 1

A bounds checking flaw was found in the Intel RDMA irdma driver in the Linux kernel. The driver may request more MSIX vectors than online CPUs allow, then attempt to set CPU affinity hints with an invalid CPU mask. This triggers kernel warnings and could cause instability...