ima: Handle error code returned by ima_filter_rule_match()

...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not properly handling the error code returned by imafilterrulematch, which could result in additional files bein...

EUVD-2022-5058

Malicious code in bioql PyPI...

CVE-2025-38142

In the Linux kernel, the following vulnerability has been resolved: hwmon: asus-ec-sensors check sensor index in readstring Prevent a potential invalid memory access when the requested sensor is not found. findecsensorindex may return a negative value e.g. -ENOENT, but its result was used without...

CVE-2025-38142

The CVE-2025-38142 issue affects the Linux kernel hwmon path (asus-ec-sensors) where read_string() could read a non-existent sensor because find_ec_sensor_index() returned a negative value (for example -ENOENT) and was used without validation. The fix introduces a check to ensure sensor_index is ...

CVE-2025-38142 hwmon: (asus-ec-sensors) check sensor index in read_string()

In the Linux kernel, the following vulnerability has been resolved: hwmon: asus-ec-sensors check sensor index in readstring Prevent a potential invalid memory access when the requested sensor is not found. findecsensorindex may return a negative value e.g. -ENOENT, but its result was used without...

CVE-2025-37930

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: Fix WARNON in nouveaufencecontextkill Nouveau is mostly designed in a way that it's expected that fences only ever get signaled through nouveaufencesignal. However, in at least one other place, nouveaufencedone, can...

CVE-2025-37837 iommu/tegra241-cmdqv: Fix warnings due to dmam_free_coherent()

In the Linux kernel, the following vulnerability has been resolved: iommu/tegra241-cmdqv: Fix warnings due to dmamfreecoherent Two WARNINGs are observed when SMMU driver rolls back upon failure: arm-smmu-v3.9.auto: Failed to register iommu arm-smmu-v3.9.auto: probe with driver arm-smmu-v3 failed...

CVE-2024-49841

Memory corruption during memory assignment to headless peripheral VM due to incorrect error code handling...

CVE-2024-49841

Memory corruption during memory assignment to headless peripheral VM due to incorrect error code handling...

CVE-2024-49841

CVE-2024-49841 describes memory corruption during memory assignment to a headless peripheral VM stemming from incorrect error code handling in Qualcomm components (closed-source). The CVE is tracked in multiple feeds (NVD, Red Hat), with a CVSS v3.1 base score of 7.8 (HIGH), local attack vector, ...

CVE-2025-22096

In the Linux kernel, the following vulnerability has been resolved: drm/msm/gem: Fix error code msmparsedeps The SUBMITERROR macro turns the error code negative. This extra '-' operation turns it back to positive EINVAL again. The error code is passed to ERRPTR and since positive values are not a...

DEBIAN-CVE-2025-22096

In the Linux kernel, the following vulnerability has been resolved: drm/msm/gem: Fix error code msmparsedeps The SUBMITERROR macro turns the error code negative. This extra '-' operation turns it back to positive EINVAL again. The error code is passed to ERRPTR and since positive values are not a...

CVE-2023-52929

In the Linux kernel, the following vulnerability has been resolved: nvmem: core: fix cleanup after devsetname If devsetname fails, we leak nvmem-wpgpio as the cleanup does not put this. While a minimal fix for this would be to add the gpiodput call, we can do better if we split deviceregister, an...

CLSA-2025-1742472067 Fix CVE(s): CVE-2025-26465

SECURITY UPDATE: it's possible machine-in-the-middle attack vulnerability caused by a malicious machine impersonating a legitimate server - debian/patches/CVE-2025-26465.patch: Correct error code handling - CVE-2025-26465...

CLSA-2025-1742471910 Fix CVE(s): CVE-2025-26465

SECURITY UPDATE: it's possible machine-in-the-middle attack vulnerability caused by a malicious machine impersonating a legitimate server - debian/patches/CVE-2025-26465.patch: Correct error code handling - CVE-2025-26465...

Amazon Linux 2 : openssh (ALAS-2025-2769)

The version of openssh installed on the remote host is prior to 7.4p1-22. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2769 advisory. A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed ...

CVE-2025-21672

In the Linux kernel, the following vulnerability has been resolved: afs: Fix merge preference rule failure condition syzbot reported a lock held when returning to userspace1. This is because if argc is less than 0 and the function returns directly, the held inode lock is not released. Fix this by...

CVE-2025-21656

In the Linux kernel, the following vulnerability has been resolved: hwmon: drivetemp Fix driver producing garbage data when SCSI errors occur scsiexecutecmd function can return both negative linux codes and positive scsicmnd result field error codes. Currently the driver just passes error codes o...

CVE-2025-21656 hwmon: (drivetemp) Fix driver producing garbage data when SCSI errors occur

In the Linux kernel, the following vulnerability has been resolved: hwmon: drivetemp Fix driver producing garbage data when SCSI errors occur scsiexecutecmd function can return both negative linux codes and positive scsicmnd result field error codes. Currently the driver just passes error codes o...