138 matches found
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the presence of uninitialized values in the ext4evictinode function, which could lead to memory corruption...
SUSE CVE-2023-53536
In the Linux kernel, the following vulnerability has been resolved: blk-crypto: make blkcryptoevictkey more robust If blkcryptoevictkey sees that the key is still in-use due to a bug or that -keyslotevict failed, it currently just returns while leaving the key linked into the keyslot management...
UBUNTU-CVE-2023-53536
In the Linux kernel, the following vulnerability has been resolved: blk-crypto: make blkcryptoevictkey more robust If blkcryptoevictkey sees that the key is still in-use due to a bug or that -keyslotevict failed, it currently just returns while leaving the key linked into the keyslot management...
CVE-2023-53536
CVE-2023-53536 affects the Linux kernel in the blk-crypto subsystem. The issue stems from blk_crypto_evict_key() sometimes returning early without unlinking the key from the keyslot management structures, while the caller proceeds to free the blk_crypto_key. This mismatch can cause a use-after-fr...
EUVD-2025-28968
Malicious code in bioql PyPI...
EUVD-2025-26099
Malicious code in bioql PyPI...
Oracle Linux 10 / 9 : Unbreakable Enterprise kernel (ELSA-2025-20608)
The remote Oracle Linux 10 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-20608 advisory. - x86/sev: Evict cache lines during SNP memory validation Tom Lendacky Orabug: 38453836 CVE-2025-38560 - xfrm: interface: fix use-after-free afte...
CVE-2022-50377
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2022-50377
In the Linux kernel, the following vulnerability has been resolved: ext4: check and assert if marking an nodelete evicting inode dirty In ext4evictinode, if we evicting an inode in the 'nodelete' path, it cannot be raced by another markinodedirty. If it happens, someone else may accidentally dirt...
CVE-2022-50377
CVE-2022-50377 is rejected by the CVE Numbering Authority and not an active entry.
SUSE CVE-2025-39743
In the Linux kernel, the following vulnerability has been resolved: jfs: truncate good inode pages when hard link is 0 The fileset value of the inode copy from the disk by the reproducer is AGGRRESERVEDI. When executing evict, its hard link number is 0, so its inode pages are not truncated. This...
CVE-2025-39743 jfs: truncate good inode pages when hard link is 0
In the Linux kernel, the following vulnerability has been resolved: jfs: truncate good inode pages when hard link is 0 The fileset value of the inode copy from the disk by the reproducer is AGGRRESERVEDI. When executing evict, its hard link number is 0, so its inode pages are not truncated. This...
CVE-2025-39743
CVE-2025-39743 refers to a Linux kernel vulnerability in the JFS file system where inode pages were not truncated during eviction when the inode’s hard link count was 0. The reproducer observed AGGR_RESERVED_I on the inode copy and eviction with hard link 0, causing clear_inode() to trigger becau...
CVE-2024-36331
Improper initialization of CPU cache memory could allow a privileged attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity...
x86/sev: Evict cache lines during SNP memory validation
...
f2fs: fix to avoid panic in f2fs_evict_inode
...
Linux Distros Unpatched Vulnerability : CVE-2024-36331
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper initialization of CPU cache memory could allow a privileged attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data...
MoEcho: Exploiting Side-Channel Attacks to Compromise User Privacy in Mixture-Of-Experts LLMs
The transformer architecture has become a cornerstone of modern AI, fueling remarkable progress across applications in natural language processing, computer vision, and multimodal learning. As these models continue to scale explosively for performance, implementation efficiency remains a critical...
SUSE CVE-2025-38577
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid panic in f2fsevictinode As syzbot 1 reported as below: R10: 0000000000000100 R11: 0000000000000206 R12: 00007ffe17473450 R13: 00007f28b1c10854 R14: 000000000000dae5 R15: 00007ffe17474520 --- end trace...
CVE-2025-38577
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid panic in f2fsevictinode As syzbot 1 reported as below: R10: 0000000000000100 R11: 0000000000000206 R12: 00007ffe17473450 R13: 00007f28b1c10854 R14: 000000000000dae5 R15: 00007ffe17474520 --- end trace...