61 matches found
EUVD-2025-22846
Malicious code in bioql PyPI...
EUVD-2025-13161
Malicious code in bioql PyPI...
EUVD-2025-8487
Malicious code in bioql PyPI...
EUVD-2021-34679
Malicious code in bioql PyPI...
EUVD-2024-53267
Malicious code in bioql PyPI...
CVE-2025-38377 rose: fix dangling neighbour pointers in rose_rt_device_down()
In the Linux kernel, the following vulnerability has been resolved: rose: fix dangling neighbour pointers in rosertdevicedown There are two bugs in rosertdevicedown that can cause use-after-free: 1. The loop bound t-count is modified within the loop, which can cause the loop to terminate early an...
Updated rootcerts, nss & firefox packages fix security vulnerabilities
CVE-2025-6424: A use-after-free in FontFaceSet resulted in a potentially exploitable crash. CVE-2025-6425: An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser, and persisted between containers and normal/private...
CVE-2022-50212 netfilter: nf_tables: do not allow CHAIN_ID to refer to another table
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: do not allow CHAINID to refer to another table When doing lookups for chains on the same batch by using its ID, a chain from a different table can be used. If a rule is added to a table but refers to a chain ...
CVE-2022-49968 ieee802154/adf7242: defer destroy_workqueue call
In the Linux kernel, the following vulnerability has been resolved: ieee802154/adf7242: defer destroyworkqueue call There is a possible race condition use-after-free like below FREE | USE adf7242remove | adf7242channel canceldelayedworksync | destroyworkqueue 1 | adf7242cmdrx | moddelayedwork 2 |...
CVE-2023-53111
In the Linux kernel, the following vulnerability has been resolved: loop: Fix use-after-free issues doreqfilebacked calls blkmqcompleterequest synchronously or asynchronously when using asynchronous I/O unless memory allocation fails. Hence, modify loophandlecmd such that it does not dereference...
CVE-2022-49921 net: sched: Fix use after free in red_enqueue()
In the Linux kernel, the following vulnerability has been resolved: net: sched: Fix use after free in redenqueue We can't use "skb" again after passing it to qdiscenqueue. This is basically identical to commit 2f09707d0c97 "schsfb: Also store skb len before calling child enqueue"...
CVE-2025-37776 ksmbd: fix use-after-free in smb_break_all_levII_oplock()
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in smbbreakalllevIIoplock There is a room in smbbreakalllevIIoplock that can cause racy issues when unlocking in the middle of the loop. This patch use read lock to protect whole loop...
CVE-2025-22121 ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all()
In the Linux kernel, the following vulnerability has been resolved: ext4: fix out-of-bound read in ext4xattrinodedecrefall There's issue as follows: BUG: KASAN: use-after-free in ext4xattrinodedecrefall+0x6ff/0x790 Read of size 4 at addr ffff88807b003000 by task syz-executor.0/15172 CPU: 3 PID:...
SUSE-SU-2025:1262-1 Security update for the Linux Kernel (Live Patch 45 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059164 fixes several issues. The following security issues were fixed: - CVE-2022-49014: net: tun: Fix use-after-free in tundetach bsc1232818. - CVE-2022-49563: crypto: qat - add param check for RSA bsc1238788. - CVE-2022-49564: crypto: qat - add param...
CVE-2025-21967
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in ksmbdfreeworkstruct -interimentry of ksmbdwork could be deleted after oplock is freed. We don't need to manage it with linked list. The interim request could be immediately sent whenever a oplock brea...
CVE-2023-53025
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2023-53025
...
MGASA-2025-0118 Updated chromium-browser-stable packages fix security vulnerability
Use after free in Lens. CVE-2025-2476...
CVE-2022-49416
CVE-2022-49416 is present in the Linux kernel, tied to a use-after-free bug in wifi/mac80211 chanctx handling. The issue occurs in ieee80211_vif_use_reserved_context() when the new context’s replace_state is REPLACE_NONE and the old context is freed in ieee80211_vif_use_reserved_reassign(), after...
CVE-2022-49349
CVE-2022-49349 is a Linux kernel vulnerability in the ext4 filesystem where a use-after-free occurs in ext4_rename_dir_prepare. The issue arises during ext4 directory block reads when a directory entry with an invalid rec_len can lead to a stale parent reference being used, enabling a use-after-f...