CVE-2023-54320 platform/x86/amd: pmc: Fix memory leak in amd_pmc_stb_debugfs_open_v2()

In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd: pmc: Fix memory leak in amdpmcstbdebugfsopenv2 Function amdpmcstbdebugfsopenv2 may be called when the STB debug mechanism enabled. When amdpmcsendcmd fails, the 'buf' needs to be released...

CVE-2023-54278 s390/vmem: split pages when debug pagealloc is enabled

In the Linux kernel, the following vulnerability has been resolved: s390/vmem: split pages when debug pagealloc is enabled Since commit bb1520d581a3 "s390/mm: start kernel with DAT enabled" the kernel crashes early during boot when debug pagealloc is enabled: mem auto-init: stack:off, heap...

CVE-2023-54278 s390/vmem: split pages when debug pagealloc is enabled

In the Linux kernel, the following vulnerability has been resolved: s390/vmem: split pages when debug pagealloc is enabled Since commit bb1520d581a3 "s390/mm: start kernel with DAT enabled" the kernel crashes early during boot when debug pagealloc is enabled: mem auto-init: stack:off, heap...

CVE-2023-54278

CVE-2023-54278 — Linux kernel (s390/vmem): Resolution involves splitting large mappings into 4k pages when debug pagealloc is enabled, to prevent boot-time crash on EDAT1/EDAT2 machines. Root cause: large mappings cause fatal exception during early boot with DEBUG_PAGEALLOC. Affected scenario ari...

CVE-2023-54278

In the Linux kernel, the following vulnerability has been resolved: s390/vmem: split pages when debug pagealloc is enabled Since commit bb1520d581a3 "s390/mm: start kernel with DAT enabled" the kernel crashes early during boot when debug pagealloc is enabled: mem auto-init: stack:off, heap...

CVE-2023-54268

In the Linux kernel, the following vulnerability has been resolved: debugobjects: Don't wake up kswapd from fillpool syzbot is reporting a lockdep warning in fillpool because the allocation from debugobjects is using GFPATOMIC, which is GFPHIGH | GFPKSWAPDRECLAIM and therefore tries to wake up...

CVE-2023-54267

In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Rework lppacasharedproc to avoid DEBUGPREEMPT lppacasharedproc takes a pointer to the lppaca which is typically accessed through getlppaca. With DEBUGPREEMPT enabled, this leads to checking if preemption is...

CVE-2023-54257 net: macb: fix a memory corruption in extended buffer descriptor mode

In the Linux kernel, the following vulnerability has been resolved: net: macb: fix a memory corruption in extended buffer descriptor mode For quite some time we were chasing a bug which looked like a sudden permanent failure of networking and mmc on some of our devices. The bug was very sensitive...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not splitting pages when enabling debug page allocation, which could cause the kernel to crash...

PT-2025-54064

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the PCI/DOE subsystem related to the destroy work on stack function. This issue occurs when destroy work on stack is called after signaling completion in the...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992267)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992267 advisory. In the Linux kernel, the following vulnerability has been resolved: MIPS: cpuinfo: Fix a warning for CONFIGCPUMASKOFFSTACK When CONFIGCPUMASKOFFSTACK and...

PT-2025-54097

In the Linux kernel, the following vulnerability has been resolved: debugobjects: Don't wake up kswapd from fill pool syzbot is reporting a lockdep warning in fill pool because the allocation from debugobjects is using GFP ATOMIC, which is GFP HIGH | GFP KSWAPD RECLAIM and therefore tries to wake...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-992624)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992624 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: core: Remove the /proc/scsi/$procname directory earlier Remove the /proc/scsi/$procname...

Linux Distros Unpatched Vulnerability : CVE-2023-54320

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - platform/x86/amd: pmc: Fix memory leak in amdpmcstbdebugfsopenv2 Function amdpmcstbdebugfsopenv2 may be called when the STB debug mechanism enabled. When...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the presence of a debug file system entry leak at the block level...

CLSA-2025-1767028936 Fix CVE(s): CVE-2025-11839

SECURITY UPDATE: crash in objdump when processing malformed debug data - debian/patches/CVE-2025-11839.patch: remove abort call in DGB debug-format printing code to avoid uncontrolled program termination when handling crafted input files - CVE-2025-11839...

GHSA-9FJQ-45QV-PCM7 ruint affected by unsoundness of safe `reciprocal_mg10`

The function reciprocalmg10 is marked as safe but can trigger undefined behavior out-of-bounds access because it relies on debugassert! for safety checks instead of assert!. When compiled in release mode, the debugassert! is optimized out, potentially allowing invalid inputs to cause memory...

CVE-2025-15083

A vulnerability was determined in TOZED ZLT M30s up to 1.47. The affected element is an unknown function of the component UART Interface. Executing manipulation can lead to on-chip debug and test interface with improper access control. The physical device can be targeted for the attack. Attacks o...

Linux Distros Unpatched Vulnerability : CVE-2022-50779

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - orangefs: Fix kmemleak in orangefspreparedebugfshelpstring When insert and remove the orangefs module, then debughelpstring will be leaked: unreferenced object...

EUVD-2025-205381

A vulnerability was determined in TOZED ZLT M30s up to 1.47. The affected element is an unknown function of the component UART Interface. Executing manipulation can lead to on-chip debug and test interface with improper access control. The physical device can be targeted for the attack. Attacks o...