MiracleLinux 8 : kernel-4.18.0-553.32.1.el8_10 (AXSA:2025-9521:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9521:01 advisory. kernel: selinux,smack: don't bypass permissions check in inodesetsecctx hook CVE-2024-46695 kernel: net: avoid potential underflow in qdiscpktlenini...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a reference to ab-value during xattr repair that could become a dangling pointer, potentially leading to reu...

PT-2026-22020

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.23.0 Description FreeRDP is a free implementation of the Remote Desktop Protocol. A flaw exists where the rail window free function dereferences a freed xfAppWindow pointer during HashTable Free cleanup. This occurs...

Unity Linux 20.1060a Security Update: kernel (UTSA-2025-993142)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993142 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Clean dangling pointer on bind error path mtkdrmbind can fail, in which case...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-992806)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992806 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Clean dangling pointer on bind error path mtkdrmbind can fail, in which case...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992858)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992858 advisory. In the Linux kernel, the following vulnerability has been resolved: hvsock: Initializing vsk-trans to NULL to prevent a dangling pointer When hvs is released, there ...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992528)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992528 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Clean dangling pointer on bind error path mtkdrmbind can fail, in which case...

SUSE CVE-2023-54098

In the Linux kernel, the following vulnerability has been resolved: drm/i915/gvt: fix gvt debugfs destroy When gvt debug fs is destroyed, need to have a sane check if drm minor's debugfs root is still available or not, otherwise in case like device remove through unbinding, drm minor's debugfs...

CVE-2023-54098

CVE-2023-54098 affects the Linux kernel’s DRM/I915/GVT component. The issue occurs when destroying gvt debugfs: if the drm minor’s debugfs root is already removed (e.g., due to device removal/unbinding), intel_gvt_debugfs_clean() may operate on a dangling pointer, leading to a NULL pointer derefe...

CVE-2023-53805

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2025-40251

In the Linux kernel, the following vulnerability has been resolved: devlink: rate: Unset parent pointer in devlratenodesdestroy The function devlratenodesdestroy is documented to "Unset parent for all rate objects". However, it was only calling the driver-specific rateleafparentset or...

UBUNTU-CVE-2025-40251

In the Linux kernel, the following vulnerability has been resolved: devlink: rate: Unset parent pointer in devlratenodesdestroy The function devlratenodesdestroy is documented to "Unset parent for all rate objects". However, it was only calling the driver-specific rateleafparentset or...

CVE-2025-40251 devlink: rate: Unset parent pointer in devl_rate_nodes_destroy

In the Linux kernel, the following vulnerability has been resolved: devlink: rate: Unset parent pointer in devlratenodesdestroy The function devlratenodesdestroy is documented to "Unset parent for all rate objects". However, it was only calling the driver-specific rateleafparentset or...

EUVD-2025-201206

In the Linux kernel, the following vulnerability has been resolved: devlink: rate: Unset parent pointer in devlratenodesdestroy The function devlratenodesdestroy is documented to "Unset parent for all rate objects". However, it was only calling the driver-specific rateleafparentset or...

CVE-2025-40251 devlink: rate: Unset parent pointer in devl_rate_nodes_destroy

In the Linux kernel, the following vulnerability has been resolved: devlink: rate: Unset parent pointer in devlratenodesdestroy The function devlratenodesdestroy is documented to "Unset parent for all rate objects". However, it was only calling the driver-specific rateleafparentset or...

Linux Distros Unpatched Vulnerability : CVE-2025-40251

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - devlink: rate: Unset parent pointer in devlratenodesdestroy The function devlratenodesdestroy is documented to Unset parent for all rate objects. However, it wa...

PT-2025-49081

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.18.0-rc4+ Description The devl rate nodes destroy function in the Linux kernel did not correctly unset the parent pointer for rate objects, leading to a dangling pointer in the devlink rate struct. This issue...

GHSA-Q3HC-J9X5-MP9M Withdrawn Advisory: ImageMagick has a use-after-free/double-free risk in Options::fontFamily when clearing family

Withdrawn Advisory This advisory has been withdrawn because it does not affect the ImageMagick project's NuGet packages. Original Description We believe that we have discovered a potential security vulnerability in ImageMagick’s Magick++ layer that manifests when Options::fontFamily is invoked wi...

CVE-2025-65955

ImageMagick’s Magick++ vulnerability CVE-2025-65955 manifests when Options::fontFamily is invoked with an empty string, causing a use-after-free/dangling font pointer in _drawInfo->font and potentially leading to crashes or heap corruption on cleanup or subsequent updates. The issue arises bec...

TencentOS Server 4: ghostscript (TSSA-2024:0902)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0902 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...