17 matches found
EUVD-2022-54509
In the Linux kernel, the following vulnerability has been resolved: clocksource: hyper-v: unexport init-annotated hvinitclocksource EXPORTSYMBOL and init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols annotated init. The...
EUVD-2022-54883
Malicious code in bioql PyPI...
EUVD-2022-54878
Malicious code in bioql PyPI...
EUVD-2022-54889
Malicious code in bioql PyPI...
DEBIAN-CVE-2025-38396
In the Linux kernel, the following vulnerability has been resolved: fs: export anoninodemakesecureinode and fix secretmem LSM bypass Export anoninodemakesecureinode to allow KVM guestmemfd to create anonymous inodes with proper security context. This replaces the current pattern of calling...
CVE-2022-49675
In the Linux kernel, the following vulnerability has been resolved: tick/nohz: unexport init-annotated ticknohzfullsetup EXPORTSYMBOL and init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols annotated init. The access to ...
CVE-2022-49350
In the Linux kernel, the following vulnerability has been resolved: net: mdio: unexport init-annotated mdiobusinit EXPORTSYMBOL and init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols annotated init. The access to a free...
CVE-2022-49726 clocksource: hyper-v: unexport __init-annotated hv_init_clocksource()
In the Linux kernel, the following vulnerability has been resolved: clocksource: hyper-v: unexport init-annotated hvinitclocksource EXPORTSYMBOL and init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols annotated init. The...
CVE-2022-49350
In the Linux kernel, the following vulnerability has been resolved: net: mdio: unexport init-annotated mdiobusinit EXPORTSYMBOL and init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols annotated init. The access to a free...
CVE-2022-49350 net: mdio: unexport __init-annotated mdio_bus_init()
In the Linux kernel, the following vulnerability has been resolved: net: mdio: unexport init-annotated mdiobusinit EXPORTSYMBOL and init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols annotated init. The access to a free...
CVE-2022-49345
The CVE-2022-49345 issue affects the Linux kernel’s net: xfrm subsystem, where __init-annotated xfrm4_protocol_init() is exported via EXPORT_SYMBOL, causing use-after-free risk when __init and EXPORT_SYMBOL co-exist. The root cause is the .init text is freed after init, so modules could access fr...
CVE-2022-49345
In the Linux kernel, the following vulnerability has been resolved: net: xfrm: unexport init-annotated xfrm4protocolinit EXPORTSYMBOL and init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols annotated init. The access to ...
CVE-2022-49345 net: xfrm: unexport __init-annotated xfrm4_protocol_init()
In the Linux kernel, the following vulnerability has been resolved: net: xfrm: unexport init-annotated xfrm4protocolinit EXPORTSYMBOL and init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols annotated init. The access to ...
CVE-2022-49339 net: ipv6: unexport __init-annotated seg6_hmac_init()
In the Linux kernel, the following vulnerability has been resolved: net: ipv6: unexport init-annotated seg6hmacinit EXPORTSYMBOL and init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols annotated init. The access to a fre...
CVE-2022-49339 net: ipv6: unexport __init-annotated seg6_hmac_init()
In the Linux kernel, the following vulnerability has been resolved: net: ipv6: unexport init-annotated seg6hmacinit EXPORTSYMBOL and init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols annotated init. The access to a fre...
CVE-2022-49339
CVE-2022-49339 affects the Linux kernel’s IPv6 stack, specifically the internal call between seg6.c and seg6_hmac.c. The issue arises from exporting an __init-annotated symbol whose .init.text section can be freed after initialization, creating a potential kernel panic when a module references a ...
CVE-2022-49339
In the Linux kernel, the following vulnerability has been resolved: net: ipv6: unexport init-annotated seg6hmacinit EXPORTSYMBOL and init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols annotated init. The access to a fre...