669 matches found
Exploiting Page Faults for Covert Communication
We present a novel mechanism to construct a covert channel based on page faults. A page fault is an event that occurs when a process or a thread tries to access a page of memory that is not currently mapped to its address space. The kernel typically responds to this event by performing a context...
parisc: Try to fix random segmentation faults in package builds
...
PT-2025-38357
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the DRM/i915/dpt subsystem. The i915 gem object is framebuffer function does not recognize the buffer object BO containing the framebuffer’s DPT a...
SUSE CVE-2025-39739
In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu-qcom: Add SM6115 MDSS compatible Add the SM6115 MDSS compatible to clients compatible list, as it also needs that workaround. Without this workaround, for example, QRB4210 RB2 which is based on SM4250/SM6115...
CVE-2025-39739
In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu-qcom: Add SM6115 MDSS compatible Add the SM6115 MDSS compatible to clients compatible list, as it also needs that workaround. Without this workaround, for example, QRB4210 RB2 which is based on SM4250/SM6115...
AZL-67181 CVE-2025-39739 affecting package kernel for versions less than 6.6.104.2-1
In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu-qcom: Add SM6115 MDSS compatible Add the SM6115 MDSS compatible to clients compatible list, as it also needs that workaround. Without this workaround, for example, QRB4210 RB2 which is based on SM4250/SM6115...
DEBIAN-CVE-2025-39739
In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu-qcom: Add SM6115 MDSS compatible Add the SM6115 MDSS compatible to clients compatible list, as it also needs that workaround. Without this workaround, for example, QRB4210 RB2 which is based on SM4250/SM6115...
CVE-2025-39739 iommu/arm-smmu-qcom: Add SM6115 MDSS compatible
In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu-qcom: Add SM6115 MDSS compatible Add the SM6115 MDSS compatible to clients compatible list, as it also needs that workaround. Without this workaround, for example, QRB4210 RB2 which is based on SM4250/SM6115...
PT-2025-37198
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.15.0-03037-gaacc73ceeb8b Description: A flaw exists in the Linux kernel's IOMMU subsystem, specifically within the ARM SMU Qualcomm component. The vulnerability stems from a missing workaround for the SM6115...
CVE-2025-54588 Envoy: Race condition in Dynamic Forward Proxy leads to use-after-free and segmentation faults
Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. Versions 1.34.0 through 1.34.4 and 1.35.0 contain a use-after-free UAF vulnerability in the DNS cache, causing abnormal process termination. The vulnerability is in Envoy's Dynamic...
CVE-2025-38594
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix UAF on sva unbind with pending IOPFs Commit 17fce9d2336d "iommu/vt-d: Put iopf enablement in domain attach path" disables IOPF on device by removing the device from its IOMMU's IOPF queue when the last IOPF-capabl...
CVE-2025-38594 iommu/vt-d: Fix UAF on sva unbind with pending IOPFs
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix UAF on sva unbind with pending IOPFs Commit 17fce9d2336d "iommu/vt-d: Put iopf enablement in domain attach path" disables IOPF on device by removing the device from its IOMMU's IOPF queue when the last IOPF-capabl...
CVE-2025-38594
CVE-2025-38594 pertains to the Linux kernel (iommu/vt-d) and fixes a use-after-free (UAF) in sva unbind with pending IOPFs. The root cause was a wrong removal of a device from the IOMMU IOPF queue when the last IOPF-capable domain detaches, occurring before intel_pasid_tear_down_entry() completed...
CVE-2025-38594
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix UAF on sva unbind with pending IOPFs Commit 17fce9d2336d "iommu/vt-d: Put iopf enablement in domain attach path" disables IOPF on device by removing the device from its IOMMU's IOPF queue when the last IOPF-capabl...
CVE-2025-38586 bpf, arm64: Fix fp initialization for exception boundary
In the Linux kernel, the following vulnerability has been resolved: bpf, arm64: Fix fp initialization for exception boundary In the ARM64 BPF JIT when prog-aux-exceptionboundary is set for a BPF program, findusedcalleeregs is not called because for a program acting as exception boundary, all call...
PT-2025-33792 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a use-after-free UAF flaw within the iommu/vt-d subsystem, specifically during the unbinding of SVA Second Virtual Address with pending IOPFs I/O Page Faults....
Linux Distros Unpatched Vulnerability : CVE-2014-9090
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The dodoublefault function in arch/x86/kernel/traps.c in the Linux kernel through 3.17.4 does not properly handle faults associated with the Stack Segment SS...
SUSE CVE-2025-24975
Firebird is a relational database. Prior to snapshot versions 4.0.6.3183, 5.0.2.1610, and 6.0.0.609, Firebird is vulnerable if ExtConnPoolSize is not set equal to 0. If connections stored in ExtConnPool are not verified for presence and suitability of the CryptCallback interface is used when...
Linux Distros Unpatched Vulnerability : CVE-2025-22022
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: xhci: Apply the link chain quirk on NEC isoc endpoints Two clearly different specimens of NEC uPD720200 one with start/stop bug, one without were seen to...
Linux Distros Unpatched Vulnerability : CVE-2025-37936
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel: KVM: Mask PEBSENABLE loaded for guest with vCPU's value. When generating the...