10 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed the use of inodes after freeing them in ext4endiorsvwork. In ext4ioenddefercompletion, a check is performed to ensure that ioend-listvec is empty, thereby avoiding adding an ioend that does not require any conversi...
EUVD-2025-27911
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2025-38580
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ext4: fix inode use after free in ext4endiorsvwork In ext4ioenddefercompletion, check if...
SUSE CVE-2025-38580
In the Linux kernel, the following vulnerability has been resolved: ext4: fix inode use after free in ext4endiorsvwork In ext4ioenddefercompletion, check if ioend-listvec is empty to avoid adding an ioend that requires no conversion to the irsvconversionlist, which in turn prevents starting an...
UBUNTU-CVE-2025-38580
In the Linux kernel, the following vulnerability has been resolved: ext4: fix inode use after free in ext4endiorsvwork In ext4ioenddefercompletion, check if ioend-listvec is empty to avoid adding an ioend that requires no conversion to the irsvconversionlist, which in turn prevents starting an...
CVE-2025-38580 ext4: fix inode use after free in ext4_end_io_rsv_work()
In the Linux kernel, the following vulnerability has been resolved: ext4: fix inode use after free in ext4endiorsvwork In ext4ioenddefercompletion, check if ioend-listvec is empty to avoid adding an ioend that requires no conversion to the irsvconversionlist, which in turn prevents starting an...
CVE-2025-38580
In the Linux kernel, the following vulnerability has been resolved: ext4: fix inode use after free in ext4endiorsvwork In ext4ioenddefercompletion, check if ioend-listvec is empty to avoid adding an ioend that requires no conversion to the irsvconversionlist, which in turn prevents starting an...
CVE-2025-38580
The CVE-2025-38580 entry concerns a Linux kernel ext4 use-after-free in ext4_end_io_rsv_work(). The fix adds a check in ext4_io_end_defer_completion() to ensure io_end->list_vec is empty before adding to i_rsv_conversion_list, preventing starting an unnecessary worker. It also adds ext4_emerge...
Pool: The EMERGENCY state cannot be recovered
Lines of code Vulnerability details Impact The owner can call Pool.adminAction to set the Pool contract state to EMERGENCY, and in the EMERGENCY state, no liquidity can be added or transferred, and no swaps can be made. However, the Pool contract does not have a function to recover the EMERGENCY...
Users can lose value in emergency state
Handle cmichel Vulnerability details Imagine the following sequence of events: LaunchEvent.createPair is called which sets wavaxReserve = 0, adds liquidity to the pair and receives lpSupply LP tokens. LaunchEvent.allowEmergencyWithdraw is called which enters emergency / paused mode and disallows...