14 matches found
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989816)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989816 advisory. In the Linux kernel, the following vulnerability has been resolved: drbd: Fix five use after free bugs in getinitialstate In getinitialstate, it calls...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987100)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987100 advisory. In the Linux kernel, the following vulnerability has been resolved: drbd: Fix five use after free bugs in getinitialstate In getinitialstate, it calls...
EUVD-2025-32002
Malicious code in bioql PyPI...
CVE-2023-42449
Hydra is the two-layer scalability solution for Cardano. Prior to version 0.13.0, it is possible for a malicious head initializer to extract one or more PTs for the head they are initializing due to incorrect data validation logic in the head token minting policy which then results in an flawed...
SUSE CVE-2022-49085
In the Linux kernel, the following vulnerability has been resolved: drbd: Fix five use after free bugs in getinitialstate In getinitialstate, it calls notifyinitialstatedoneskb,.. if cb-args5==1. If genlmsgput failed in notifyinitialstatedone, the skb will be freed by nlmsgfreeskb. Then...
DEBIAN-CVE-2022-49085
In the Linux kernel, the following vulnerability has been resolved: drbd: Fix five use after free bugs in getinitialstate In getinitialstate, it calls notifyinitialstatedoneskb,.. if cb-args5==1. If genlmsgput failed in notifyinitialstatedone, the skb will be freed by nlmsgfreeskb. Then...
CVE-2022-49085
In the Linux kernel, the following vulnerability has been resolved: drbd: Fix five use after free bugs in getinitialstate In getinitialstate, it calls notifyinitialstatedoneskb,.. if cb-args5==1. If genlmsgput failed in notifyinitialstatedone, the skb will be freed by nlmsgfreeskb. Then...
kernel: x86/fpu: Fix copy_xstate_to_uabi() to copy init states correctly
In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Fix copyxstatetouabi to copy init states correctly When an extended state component is not present in fpstate, but in init state, the function copies from initfpstate via copyfeature. But, dynamic states are not present ...
kernel: x86/fpu: Fix copy_xstate_to_uabi() to copy init states correctly
In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Fix copyxstatetouabi to copy init states correctly When an extended state component is not present in fpstate, but in init state, the function copies from initfpstate via copyfeature. But, dynamic states are not present ...
RISC-V 注入漏洞
RISC-V is an open source instruction set architecture based on the principle of reduced instruction sets, which is easily interpreted as a form of "open source hardware" corresponding to the open source software movement. RISC-V suffers from an injection vulnerability that arises from an ambiguit...
Design/Logic Flaw
Pivotal Operations Manager, versions 2.1 prior to 2.1.6 and 2.0 prior to 2.0.15 and 1.12 prior to 1.12.22, contains a static Linux Random Number Generator LRNG seed file embedded in the appliance image. An attacker with knowledge of the exact version and IaaS of a running OpsManager could get the...
CVE-2018-11045
Pivotal Operations Manager, versions 2.1 prior to 2.1.6 and 2.0 prior to 2.0.15 and 1.12 prior to 1.12.22, contains a static Linux Random Number Generator LRNG seed file embedded in the appliance image. An attacker with knowledge of the exact version and IaaS of a running OpsManager could get the...
CVE-2018-11045
Pivotal Operations Manager, versions 2.1 prior to 2.1.6 and 2.0 prior to 2.0.15 and 1.12 prior to 1.12.22, contains a static Linux Random Number Generator LRNG seed file embedded in the appliance image. An attacker with knowledge of the exact version and IaaS of a running OpsManager could get the...
CVE-2018-11045
Pivotal Operations Manager, versions 2.1 prior to 2.1.6 and 2.0 prior to 2.0.15 and 1.12 prior to 1.12.22, contains a static Linux Random Number Generator LRNG seed file embedded in the appliance image. An attacker with knowledge of the exact version and IaaS of a running OpsManager could get the...