CVE-2025-71064

CVE-2025-71064 (Linux kernel, net/hns3) : The issue arises from allocating hdev->htqp and kinfo->tqp with kinfo->num_tqps = min(new_tqps, hdev->num_tqps), which can leave some hdev->htqp[i] uninitialized in hclgevf_knic_setup(). The patch fixes the root cause by allocating both hde...

CVE-2025-71064 net: hns3: using the num_tqps in the vf driver to apply for resources

In the Linux kernel, the following vulnerability has been resolved: net: hns3: using the numtqps in the vf driver to apply for resources Currently, hdev-htqp is allocated using hdev-numtqps, and kinfo-tqp is allocated using kinfo-numtqps. However, kinfo-numtqps is set to minnewtqps, hdev-numtqps;...

CVE-2025-68808

CVE-2025-68808 affects the Linux kernel’s media/vidtv code. In vidtv_channel_si_init(), a temporary list is created and ownership is transferred to PAT/SDT/EIT tables via vidtv_psi_pat_program_assign(), vidtv_psi_sdt_service_assign(), and vidtv_psi_eit_event_assign(). The local pointer used after...

CVE-2025-68808 media: vidtv: initialize local pointers upon transfer of memory ownership

In the Linux kernel, the following vulnerability has been resolved: media: vidtv: initialize local pointers upon transfer of memory ownership vidtvchannelsiinit creates a temporary list program, service, event and ownership of the memory itself is transferred to the PAT/SDT/EIT tables through...

CVE-2025-68807 block: fix race between wbt_enable_default and IO submission

In the Linux kernel, the following vulnerability has been resolved: block: fix race between wbtenabledefault and IO submission When wbtenabledefault is moved out of queue freezing in elevatorchange, it can cause the wbt inflight counter to become negative -1, leading to hung tasks in the writebac...

CVE-2025-68807

CVE-2025-68807 concerns a race in the Linux kernel involving wbt_enable_default and IO submission that could lead to a negative inflight writeback counter and hung tasks. According to Red Hat, SUSE, Ubuntu, Debian, and other sources, the fix splits wbt_enable_default() into three functions (__wbt...

CVE-2025-68807 block: fix race between wbt_enable_default and IO submission

In the Linux kernel, the following vulnerability has been resolved: block: fix race between wbtenabledefault and IO submission When wbtenabledefault is moved out of queue freezing in elevatorchange, it can cause the wbt inflight counter to become negative -1, leading to hung tasks in the writebac...

Jervis has Deterministic AES IV Derivation from Passphrase

Vulnerability https://github.com/samrocketman/jervis/blob/157d2b63ffa5c4bb1d8ee2254950fd2231de2b05/src/main/groovy/net/gleske/jervis/tools/SecurityIO.groovyL866-L874...

PT-2026-2539

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists between wbt enable default and IO submission within the Linux kernel's block subsystem. Moving wbt enable default out of queue freezing can lead to a negative...

Linux Distros Unpatched Vulnerability : CVE-2025-68807

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: block: fix race between wbtenabledefault and IO submission When wbtenabledefault is moved ou...

ROS-20260113-7309

A vulnerability in the manadestroytxq function of the Linux kernel driver is related to incorrect resource initialization. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

PT-2026-2585

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s networking subsystem related to the hns3 driver. The issue stems from inconsistent allocation sizes for hdev-htqp and kinfo-tqp when applying for...

PT-2026-2540

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to memory management within the vidtv driver. Specifically, local pointers are not initialized to NULL after memory ownership is transferred...

Use of NullPointerException Catch to Detect NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to Use of NullPointerException Catch to Detect NULL Pointer Dereference in the MultimodalTokenize function that improperly processes NULL from mtmdhelperbitmapinitfrombuf function of vendored llama.cpp. An attacker can cause the applicatio...

libssh: Invalid return code for chacha20 poly1305 with OpenSSL backend

A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detected and may lead to libssh using a partially initialized cipher context. This occurs because the OpenSSL error code returned aliases with th...

ROS-20260112-7357

A vulnerability in the mlxreg component of the Linux operating system kernel is related to memory initialization errors. Exploitation of the vulnerability could allow an attacker to affect data integrity...

ROS-20260112-7334

A vulnerability in the Linux kernel components vgic-init.c, vgic-mmio-v3.c, vgic.h is related to the dereferencing of an expired pointer. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

EUVD-2025-206268

A memory initialization issue was addressed with improved memory handling. This issue is fixed in tvOS 26.2, Safari 26.2, watchOS 26.2, visionOS 26.2, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2. Processing maliciously crafted web content may disclose internal states of the app...

CVE-2025-46299

A memory initialization issue was addressed with improved memory handling. This issue is fixed in tvOS 26.2, Safari 26.2, watchOS 26.2, visionOS 26.2, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2. Processing maliciously crafted web content may disclose internal states of the app...

CVE-2025-46299

A memory initialization issue was addressed with improved memory handling. This issue is fixed in Safari 26.2, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. Processing maliciously crafted web content may disclose internal states of the app...