78 matches found
EUVD-2023-50935
Malicious code in bioql PyPI...
GHSA-QQ4C-HM99-979M IdMap from_iter may lead to uninitialized memory being freed on drop
Due to a flaw in the constructor idmap::IdMap::fromiter, ill-formed objects may be created in which the amount of actually initialized memory is less than what is expected by the fields of IdMap. Specifically, the field ids is initialized based on the capacity of the vector values, which is...
Linux Distros Unpatched Vulnerability : CVE-2025-38247
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: userns and mntidmap leak in opentreeattr2 Once wantmountsetattr has returned a positive, it...
RUSTSEC-2025-0050 IdMap::from_iter may lead to uninitialized memory being freed on drop
Due to a flaw in the constructor idmap::IdMap::fromiter, ill-formed objects may be created in which the amount of actually initialized memory is less than what is expected by the fields of IdMap. Specifically, the field ids is initialized based on the capacity of the vector values, which is...
SUSE CVE-2025-38247
In the Linux kernel, the following vulnerability has been resolved: userns and mntidmap leak in opentreeattr2 Once wantmountsetattr has returned a positive, it does require finishmountkattr to release -mntuserns. Failing domountsetattr does not change that. As the result, we can end up leaking...
UBUNTU-CVE-2025-38247
In the Linux kernel, the following vulnerability has been resolved: userns and mntidmap leak in opentreeattr2 Once wantmountsetattr has returned a positive, it does require finishmountkattr to release -mntuserns. Failing domountsetattr does not change that. As the result, we can end up leaking...
CVE-2025-38247 userns and mnt_idmap leak in open_tree_attr(2)
In the Linux kernel, the following vulnerability has been resolved: userns and mntidmap leak in opentreeattr2 Once wantmountsetattr has returned a positive, it does require finishmountkattr to release -mntuserns. Failing domountsetattr does not change that. As the result, we can end up leaking...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from userns and mntidmap leaks in opentreeattr...
PT-2025-28875 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel related to userns and mnt idmap leaks within the open tree attr2 function. Specifically, a failure in do mount setattr does not release the mnt userns...
SUSE CVE-2022-50232
In the Linux kernel, the following vulnerability has been resolved: arm64: set UXN on swapper page tables This issue was fixed upstream by accident in c3cee924bd85 "arm64: head: cover entire kernel image in initial ID map" as part of a large refactoring of the arm64 boot flow. This simple fix is...
CVE-2022-50232
In the Linux kernel, the following vulnerability has been resolved: arm64: set UXN on swapper page tables This issue was fixed upstream by accident in c3cee924bd85 "arm64: head: cover entire kernel image in initial ID map" as part of a large refactoring of the arm64 boot flow. This simple fix is...
DEBIAN-CVE-2022-50230
In the Linux kernel, the following vulnerability has been resolved: arm64: set UXN on swapper page tables This issue was fixed upstream by accident in c3cee924bd85 "arm64: head: cover entire kernel image in initial ID map" as part of a large refactoring of the arm64 boot flow. This simple fix is...
AZL-70471 CVE-2022-50230 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: arm64: set UXN on swapper page tables This issue was fixed upstream by accident in c3cee924bd85 "arm64: head: cover entire kernel image in initial ID map" as part of a large refactoring of the arm64 boot flow. This simple fix is...
DEBIAN-CVE-2022-50232
In the Linux kernel, the following vulnerability has been resolved: arm64: set UXN on swapper page tables This issue was fixed upstream by accident in c3cee924bd85 "arm64: head: cover entire kernel image in initial ID map" as part of a large refactoring of the arm64 boot flow. This simple fix is...
UBUNTU-CVE-2022-50232
In the Linux kernel, the following vulnerability has been resolved: arm64: set UXN on swapper page tables This issue was fixed upstream by accident in c3cee924bd85 "arm64: head: cover entire kernel image in initial ID map" as part of a large refactoring of the arm64 boot flow. This simple fix is...
UBUNTU-CVE-2022-50230
In the Linux kernel, the following vulnerability has been resolved: arm64: set UXN on swapper page tables This issue was fixed upstream by accident in c3cee924bd85 "arm64: head: cover entire kernel image in initial ID map" as part of a large refactoring of the arm64 boot flow. This simple fix is...
CVE-2022-50232
CVE-2022-50232 affects the Linux kernel on arm64 with FEAT_EPAN: UXN was not set on swapper PTEs, causing idmap_kpti_install_ng_mappings to panic when accessing __idmap_kpti_flag. Upstream fix sets UXN on swapper page tables; originated from a boot-flow refactor (commit c3cee924bd85) and a simple...
CVE-2023-46768
Multi-thread vulnerability in the idmap module. Successful exploitation of this vulnerability may cause features to perform abnormally...
kernel: nfsd: call cache_put if xdr_reserve_space returns NULL
In the Linux kernel, the following vulnerability has been resolved: nfsd: call cacheput if xdrreservespace returns NULL If not enough buffer space available, but idmaplookup has triggered lookupfn which calls cacheget and returns successfully. Then we missed to call cacheput here which pairs with...
DEBIAN-CVE-2024-47737
In the Linux kernel, the following vulnerability has been resolved: nfsd: call cacheput if xdrreservespace returns NULL If not enough buffer space available, but idmaplookup has triggered lookupfn which calls cacheget and returns successfully. Then we missed to call cacheput here which pairs with...