Astra Linux - уязвимость в linux, linux-5.10

A use-after-free exists in the drivers/tee/teeshm.c file within the TEE subsystem of the Linux kernel, as of version 5.15.11. This issue arises due to a race condition during the teeshmgetfromid function, when attempting to free a shared memory object...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: landlock: Fixed the warning from KUnit tests getidrange expects a positive value as its first argument, but getrandomu8 can return 0. This issue was fixed by clamping the value. This was validated by running the test 1000 time...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-403670)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-403670 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: use helper function to calculate expect ID Delete expectation path is missi...

SUSE CVE-2025-38651

In the Linux kernel, the following vulnerability has been resolved: landlock: Fix warning from KUnit tests getidrange expects a positive value as first argument but getrandomu8 can return 0. Fix this by clamping it. Validated by running the test in a for loop for 1000 times. Note that MAX is wron...

CVE-2025-38651

In the Linux kernel, the following vulnerability has been resolved: landlock: Fix warning from KUnit tests getidrange expects a positive value as first argument but getrandomu8 can return 0. Fix this by clamping it. Validated by running the test in a for loop for 1000 times. Note that MAX is wron...

CVE-2025-38651

Summary: CVE-2025-38651 concerns the Linux kernel landlock component. A bug in get_id_range() could receive a non-positive value because get_random_u8() may return 0, triggering an unsafe first argument. The fix clamps the value to ensure positivity. The vulnerability was discussed in kernel-land...

CVE-2025-38651

In the Linux kernel, the following vulnerability has been resolved: landlock: Fix warning from KUnit tests getidrange expects a positive value as first argument but getrandomu8 can return 0. Fix this by clamping it. Validated by running the test in a for loop for 1000 times. Note that MAX is wron...

CVE-2025-38651 landlock: Fix warning from KUnit tests

In the Linux kernel, the following vulnerability has been resolved: landlock: Fix warning from KUnit tests getidrange expects a positive value as first argument but getrandomu8 can return 0. Fix this by clamping it. Validated by running the test in a for loop for 1000 times. Note that MAX is wron...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the landlock KUnit test where getidrange may receive a value of 0, resulting in a warning...

PT-2025-34412 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions 6.16.0-rc1-dev-00001-g314a2f98b65f and earlier Description: A flaw was identified in the Linux kernel related to landlock functionality. Specifically, the get id range function was susceptible to receiving a zero value a...

DEBIAN-CVE-2022-48638

In the Linux kernel, the following vulnerability has been resolved: cgroup: cgroupgetfromid must check the looked-up kn is a directory cgroup has to be one kernfs dir, otherwise kernel panic is caused, especially cgroup id is provide from userspace...

CVE-2017-11412

Fiyo CMS 2.0.7 has SQL injection in dapur/apps/appcomment/controller/commentstatus.php via $GET'id'...

xserver XC-MISC integer overflow

Integer overflow in ALLOCATELOCAL in the ProcXCMiscGetXIDList function in the XC-MISC extension in the X.Org X11 server xserver 7.1-1.1.0, and other versions before 20070403, allows remote authenticated users to execute arbitrary code via a large expression, which results in memory corruption...