AZL-69785 CVE-2022-49803 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: netdevsim: Fix memory leak of nsimdev-facookie kmemleak reports this issue: unreferenced object 0xffff8881bac872d0 size 8: comm "sh", pid 58603, jiffies 4481524462 age 68.065s hex dump first 8 bytes: 04 00 00 00 de ad be ef...

UBUNTU-CVE-2022-49803

In the Linux kernel, the following vulnerability has been resolved: netdevsim: Fix memory leak of nsimdev-facookie kmemleak reports this issue: unreferenced object 0xffff8881bac872d0 size 8: comm "sh", pid 58603, jiffies 4481524462 age 68.065s hex dump first 8 bytes: 04 00 00 00 de ad be ef...

UBUNTU-CVE-2022-49860

In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: k3-udma-glue: fix memory leak when register device fail If deviceregister fails, it should call putdevice to give up reference, the name allocated in devsetname can be freed in callback function kobjectcleanup...

UBUNTU-CVE-2022-49849

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix match incorrectly in devargsmatchdevice syzkaller found a failed assertion: assertion failed: args-devid != u64-1 || args-missing, in fs/btrfs/volumes.c:6921 This can be triggered when we set devid to u64-1 by ioctl. I...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an improperly typed vmddev::cfglock, which could lead to interrupt context issues...

PT-2025-18536

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak issue has been identified in the Linux kernel, specifically in the octeon ep module. The problem occurs when unsupported dev and mbox init errors happen, causing the oct-co...

PT-2025-18520

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak issue has been identified in the Linux kernel, specifically in the netdevsim module. The issue occurs when the nsim dev trap fa cookie write function allocates memory for f...

PT-2025-22194

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A host hang issue occurs during device reboot in the Linux kernel when the host loses heartbeat messages from the device. The driver calls the device-specific ndo stop function, which...

GHSA-859W-5945-R5V3 Vite's server.fs.deny bypassed with /. for files under project root

Summary The contents of files in the project root that are denied by a file matching pattern can be returned to the browser. Impact Only apps explicitly exposing the Vite dev server to the network using --host or server.host config option are affected. Only files that are under project root and a...

Directory Traversal

Overview org.webjars.npm:vite is a Native-ESM powered web dev build tool Affected versions of this package are vulnerable to Directory Traversal through the server.fs.deny configuration due to improper input sanitization. An attacker can bypass server.fs.deny with /. for files under project root...

kernel: dev/parport: fix the array out-of-bounds risk

An array out-of-bounds flaw was found in dev/parport in the Linux kernel. This issue may result in a crash...

CVE-2025-22655

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Caio Web Dev CWD – Stealth Links cwd-stealth-links allows SQL Injection.This issue affects CWD – Stealth Links: from n/a through = 1.3...

SUSE-SU-2025:20206-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-27415: netfilter: brnetfilter: skip conntrack input hook for promisc packets bsc1224757. - CVE-2024-50038: netfilter: xtables: fix typo causin...

Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-27415: netfilter: brnetfilter: skip conntrack input hook for promisc packets bsc1224757. CVE-2024-50038: netfilter: xtables: fix typo causing so...

Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-27415: netfilter: brnetfilter: skip conntrack input hook for promisc packets bsc1224757. CVE-2024-50038: netfilter: xtables: fix typo causing so...

SUSE-SU-2025:20283-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-27415: netfilter: brnetfilter: skip conntrack input hook for promisc packets bsc1224757. - CVE-2024-50038: netfilter: xtables: fix typo causin...

PT-2025-17579 · Codemers · Codemers Klims

Name of the Vulnerable Software and Affected Versions: Codemers KLIMS version 1.6.DEV Description: The issue is related to a lack of proper access control mechanism, allowing a normal user to perform actions that are typically restricted to administrators. This includes modifying the configuratio...

The vulnerability of the ipv6_has_hopopt_jumbo() function in the net/core/dev.c module of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the ipv6hashopoptjumbo function in the net/core/dev.c module of the Linux kernel is related to insufficient input validation. Exploiting this vulnerability could allow an attacker to cause a service failure...

SUSE CVE-2025-38240

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: dp: drmerr = deverr in HPD path to avoid NULL ptr The function mtkdpwaithpdasserted may be called before the mtkdp-drmdev pointer is assigned in mtkdpbridgeattach. Specifically it can be called via this callpath: -...

CVE-2025-38240 drm/mediatek: dp: drm_err => dev_err in HPD path to avoid NULL ptr

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: dp: drmerr = deverr in HPD path to avoid NULL ptr The function mtkdpwaithpdasserted may be called before the mtkdp-drmdev pointer is assigned in mtkdpbridgeattach. Specifically it can be called via this callpath: -...