Linux Distros Unpatched Vulnerability : CVE-2024-56559

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: combine all TLB flush operations of KASAN shadow virtual address into one...

Linux Distros Unpatched Vulnerability : CVE-2024-53048

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ice: fix crash on probe for DPLL enabled E810 LOM The E810 Lan On Motherboard LOM design is...

Linux Distros Unpatched Vulnerability : CVE-2024-56619

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nilfs2: fix potential out-of-bounds memory access in nilfsfindentry Syzbot reported that when searching for records in a directory where the inode's isize is...

Linux Distros Unpatched Vulnerability : CVE-2023-39176

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found within the parsing of SMB2 requests that have a transform header in the kernel ksmbd module. The issue results from the lack of proper validati...

CVE-2024-13697

The Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.7.4 via the 'nicelinks'. This makes it possible for unauthenticated attackers to make web request...

CVE-2024-13697

CVE-2024-13697 documents an unauthenticated SSRF in Better Messages for WordPress (plugin versions up to 2.7.4) via the nice_links feature. Exploitation requires Enable link previews (default). The connected docs indicate a patch is available and advise upgrading to a fixed version; no further ex...

CVE-2024-54173

IBM MQ (versions 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD) is affected by CVE-2024-54173, which can disclose potentially sensitive information from trace files read by a local user when webconsole trace is enabled. The root cause is improper management of sensitive trace data (CWE-1323). Impact is lo...

DEBIAN-CVE-2025-21803

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Fix warnings during S3 suspend The enablegpewakeup function calls acpienableallwakeupgpes, and the later one may call the preemptschedulecommon function, resulting in a thread switch and causing the CPU to be in an...

CVE-2025-21803

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Fix warnings during S3 suspend The enablegpewakeup function calls acpienableallwakeupgpes, and the later one may call the preemptschedulecommon function, resulting in a thread switch and causing the CPU to be in an...

SUSE CVE-2022-49537

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix call trace observed during I/O with CMF enabled The following was seen with CMF enabled: BUG: using smpprocessorid in preemptible code: systemd-udevd/31711 kernel: caller is lpfcupdatecmfcmd+0x214/0x420 lpfc kerne...

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization via the Reporting API. An attacker can gain unauthorized access to sensitive report data by exploiting the flawed HTTP Basic Authentication implementation. Note: This is only exploitable if the API is enabled and...

DEBIAN-CVE-2022-49643

In the Linux kernel, the following vulnerability has been resolved: ima: Fix a potential integer overflow in imaappraisemeasurement When the ima-modsig is enabled, the rc passed to evmverifyxattr may be negative, which may cause the integer overflow problem...

CVE-2022-49592

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix dma queue left shift overflow issue When queue number is 4, left shift overflows due to 32 bits integer variable. Mask calculation is wrong for MTLRXQDMAMAP1. If CONFIGUBSAN is enabled, kernel dumps below warning...

UBUNTU-CVE-2022-49250

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: rx-macro: fix accessing compander for aux AUX interpolator does not have compander, so check before accessing compander data for this. Without this checkan array of out bounds access will be made in compenabled arra...

CVE-2022-49537 scsi: lpfc: Fix call trace observed during I/O with CMF enabled

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix call trace observed during I/O with CMF enabled The following was seen with CMF enabled: BUG: using smpprocessorid in preemptible code: systemd-udevd/31711 kernel: caller is lpfcupdatecmfcmd+0x214/0x420 lpfc kerne...

CVE-2022-49537

CVE-2022-49537 is related to the Linux kernel SCSI lpfc path with CMF enabled. The issue arises from this_cpu_ptr() using smp_processor_id() in a preemptible context, leading to an invalid call trace (systemd-udevd 31711) and potential preemption-related bugs. The documented fix is to replace thi...

CVE-2022-49537

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix call trace observed during I/O with CMF enabled The following was seen with CMF enabled: BUG: using smpprocessorid in preemptible code: systemd-udevd/31711 kernel: caller is lpfcupdatecmfcmd+0x214/0x420 lpfc kerne...

CVE-2022-49537 scsi: lpfc: Fix call trace observed during I/O with CMF enabled

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix call trace observed during I/O with CMF enabled The following was seen with CMF enabled: BUG: using smpprocessorid in preemptible code: systemd-udevd/31711 kernel: caller is lpfcupdatecmfcmd+0x214/0x420 lpfc kerne...

CVE-2022-49429

CVE-2022-49429 affects the Linux kernel’s RDMA/hfi1 subsystem. When the hfi1 module is loaded with SDMA disabled (HFI1_CAP_SDMA off), a call to hfi1_write_iter() can dereference a NULL pointer, causing a kernel panic through the I/O path (sdma_select_user_engine → hfi1_user_sdma_process_request →...

CVE-2022-49274 ocfs2: fix crash when mount with quota enabled

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix crash when mount with quota enabled There is a reported crash when mounting ocfs2 with quota enabled. RIP: 0010:ocfs2qinfolockresinit+0x44/0x50 ocfs2 Call Trace: ocfs2localreadinfo+0xb9/0x6f0 ocfs2...