Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: usb: gadget: ffs: The function ffsdataclear is called twice. This is because it is indirectly called from both ffsfskillsb and ffsep0release. As a result, it is called twice when the userland process closes ep0 and then unmoun...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Tracing: kprobe: Fixed a potential nullptrdereference issue in traceeventfile in kprobeeventgentestexit. When tracegeteventfile fails, genkretprobetest will be assigned as the error code. If the kprobeeventgentest module is remov...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002721)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002721 advisory. The KVM subsystem in the Linux kernel through 4.13.3 allows guest OS users to cause a denial of service assertion failure, and hypervisor hang or crash via an out-of...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992918)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992918 advisory. In the Linux kernel, the following vulnerability has been resolved: tracing: kprobe: Fix potential null-ptr-deref on traceeventfile in kprobeeventgentestexit When...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993278)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993278 advisory. In the Linux kernel, the following vulnerability has been resolved: tracing: Have traceeventfile have ref counters The following can crash the kernel: cd...

EUVD-2022-55819

In the Linux kernel, the following vulnerability has been resolved: misc: ocxl: fix possible refcount leak in afuioctl eventfdctxput need to be called to put the refcount that gotten by eventfdctxfdget when ocxlirqsethandler fails...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990761)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990761 advisory. In the Linux kernel, the following vulnerability has been resolved: tracing: kprobe: Fix potential null-ptr-deref on traceeventfile in kprobeeventgentestexit When...

CVE-2025-5005 Shanghai Lingdang Information Technology Lingdang CRM index_event.php server-side request forgery

A vulnerability was detected in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.5.4. This affects an unknown function of the file crm/WeiXinApp/dingtalk/indexevent.php. The manipulation of the argument corpurl results in server-side request forgery. The attack can be launched...

CVE-2025-8908

A vulnerability was determined in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.5.4. Affected by this issue is some unknown functionality of the file crm/WeiXinApp/yunzhijia/event.php. The manipulation of the argument openid leads to sql injection. The attack may be launched...

SUSE CVE-2022-49797

In the Linux kernel, the following vulnerability has been resolved: tracing: kprobe: Fix potential null-ptr-deref on traceeventfile in kprobeeventgentestexit When tracegeteventfile failed, genkretprobetest will be assigned as the error code. If module kprobeeventgentest is removed now, the null...

DEBIAN-CVE-2022-49797

In the Linux kernel, the following vulnerability has been resolved: tracing: kprobe: Fix potential null-ptr-deref on traceeventfile in kprobeeventgentestexit When tracegeteventfile failed, genkretprobetest will be assigned as the error code. If module kprobeeventgentest is removed now, the null...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from a traceeventfile null pointer dereference in the kprobe event test, which could lead to a system crash...

Linux io_uring Use-After-Free Exploit

The Linux kernel suffers from a use-after-free of struct ioevfd because ioeventfddosignal frees an object when the refcount reaches zero without waiting for the required grace period. Summary UAF of struct ioevfd because ioeventfddosignal frees an object when the refcount reaches zero without...

eventfd double close

libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve...

CVE-2024-46803

...

DEBIAN-CVE-2024-46803

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Check debug trap enable before write dbgevfile In interrupt context, write dbgevfile will be run by work queue. It will cause write dbgevfile execution after debugtrapdisable, which will cause NULL pointer access. v2:...

UBUNTU-CVE-2024-46803

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Check debug trap enable before write dbgevfile In interrupt context, write dbgevfile will be run by work queue. It will cause write dbgevfile execution after debugtrapdisable, which will cause NULL pointer access. v2:...

CVE-2024-43891 tracing: Have format file honor EVENT_FILE_FL_FREED

In the Linux kernel, the following vulnerability has been resolved: tracing: Have format file honor EVENTFILEFLFREED When eventfs was introduced, special care had to be done to coordinate the freeing of the file meta data with the files that are exposed to user space. The file meta data would hav...

CVE-2024-43891

In the Linux kernel, the following vulnerability has been resolved: tracing: Have format file honor EVENTFILEFLFREED When eventfs was introduced, special care had to be done to coordinate the freeing of the file meta data with the files that are exposed to user space. The file meta data would hav...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to properly handle the EVENTFILEFLFREED flag when working with format files...