284 matches found
PT-2026-8202
In the Linux kernel, the following vulnerability has been resolved: rust binder: correctly handle FDA objects of length zero Fix a bug where an empty FDA fd array object with 0 fds would cause an out-of-bounds error. The previous implementation used skip == 0 to mean "this is a pointer fixup", bu...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001040)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001040 advisory. The rawcmdcopyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioc...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003640)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003640 advisory. In taskgetunusedfdflags of binder.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no addition...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003831)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003831 advisory. In the Linux kernel before 5.2.9, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peakusb/pcanusbfd.c driver, aka...
CVE-2025-4574 vulnerabilities
Vulnerabilities for packages: oranda, yazi, wasmcloud, samply, cargo-audit, lychee, cargo-c, wadm, deno, yara-x, fd, nushell, zed, oxipng, pixi, ruff, starship, rust-analyzer...
CVE-2025-4574 vulnerabilities
Vulnerabilities for packages: wasmcloud, oxipng, yazi, nushell, yara-x, cargo-audit, wadm, cargo-c, oranda, rust-analyzer, lychee, fd, ruff, samply, starship, pixi, deno, ztunnel-fips, zed, ztunnel...
PT-2026-26128
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An unprivileged local user can potentially gain privileged policy management capabilities within the Linux kernel due to a confused deputy attack. This occurs when an unprivileged user...
SUSE CVE-2023-53795
In the Linux kernel, the following vulnerability has been resolved: iommufd: IOMMUFDDESTROY should not increase the refcount syzkaller found a race where IOMMUFDDESTROY increments the refcount: obj = iommufdgetobjectucmd-ictx, cmd-id, IOMMUFDOBJANY; if ISERRobj return PTRERRobj;...
SUSE CVE-2023-53809
In the Linux kernel, the following vulnerability has been resolved: l2tp: Avoid possible recursive deadlock in l2tptunnelregister When a file descriptor of pppol2tp socket is passed as file descriptor of UDP socket, a recursive deadlock occurs in l2tptunnelregister. This situation is reproduced b...
Linux Distros Unpatched Vulnerability : CVE-2023-53795
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iommufd: IOMMUFDDESTROY should not increase the refcount syzkaller found a race where IOMMUFDDESTROY increments the refcount: obj = iommufdgetobjectucmd-ictx,...
CVE-2023-53795
In the Linux kernel, the following vulnerability has been resolved: iommufd: IOMMUFDDESTROY should not increase the refcount syzkaller found a race where IOMMUFDDESTROY increments the refcount: obj = iommufdgetobjectucmd-ictx, cmd-id, IOMMUFDOBJANY; if ISERRobj return PTRERRobj;...
EUVD-2025-201640
In the Linux kernel, the following vulnerability has been resolved: 9p/transfd: p9fdrequest: kick rx thread if EPOLLIN p9readwork doesn't set Rworksched and doesn't do scheduleworkm-rq if listempty&m-reqlist. However, if the pipe is full, we need to read more data and this used to work prior to...
DEBIAN-CVE-2025-40305
In the Linux kernel, the following vulnerability has been resolved: 9p/transfd: p9fdrequest: kick rx thread if EPOLLIN p9readwork doesn't set Rworksched and doesn't do scheduleworkm-rq if listempty&m-reqlist. However, if the pipe is full, we need to read more data and this used to work prior to...
CVE-2025-40305
In the Linux kernel, the following vulnerability has been resolved: 9p/transfd: p9fdrequest: kick rx thread if EPOLLIN p9readwork doesn't set Rworksched and doesn't do scheduleworkm-rq if listempty&m-reqlist. However, if the pipe is full, we need to read more data and this used to work prior to...
SUSE CVE-2025-40237
In the Linux kernel, the following vulnerability has been resolved: fs/notify: call exportfsencodefid with sumount Calling intotifyshowfdinfo on fd watching an overlayfs inode, while the overlayfs is being unmounted, can lead to dereferencing NULL ptr. This issue was found by syzkaller. Race...
SUSE-SU-2025:4301-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 RT kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-38008: mm/pagealloc: fix race condition in unaccepted memory handling bsc1244939. - CVE-2025-38539: trace/fgraph: Fix the warning caused by missing unregister...
TencentOS Server 4: dpdk (TSSA-2025:0071)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0071 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
SUSE SLED15: cluster-md-kmp-default / dlm-kmp-default / gfs2-kmp-default / etc (SUSE-SU-2025:4057-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4057-1 advisory. The SUSE Linux Enterprise 15 SP7 kernel was updated to fix various security issues The following security issu...
EUVD-2025-147399
Malicious code in tusya-fd-frseaf npm...
EUVD-2025-147398
Malicious code in tusya-fd-rseaf npm...