Radare2 安全漏洞

Radare2 is a Libre reverse framework for Unix geeks open-sourced by Radare. A security vulnerability exists in radare2 version 5.9.8 and earlier, which stems from a memory leak in the r2rsubprocessinit function...

SUSE CVE-2025-39979

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fs, fix UAF in flow counter release Fix a kernel trace 1 caused by releasing an HWS action of a local flow counter in mlx5cmdhwsdeletefte, where the HWS action refcount and mutex were not initialized and the counter...

CVE-2025-60013

When a user attempts to initialize the rSeries FIPS module using a password with special shell metacharacters, the FIPS hardware security module HSM may fail to initialize. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-39979

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fs, fix UAF in flow counter release Fix a kernel trace 1 caused by releasing an HWS action of a local flow counter in mlx5cmdhwsdeletefte, where the HWS action refcount and mutex were not initialized and the counter...

USN-7826-1: Samba vulnerabilities

Andrew Walker discovered that Samba incorrectly initialized memory in the vfsstreamsxattr module. An authenticated attacker could possibly use this issue to obtain sensitive information. CVE-2025-9640 Igor Morgenstern discovered that Samba incorrectly handled names passed to the WINS hook program...

USN-7826-1 samba vulnerabilities

Andrew Walker discovered that Samba incorrectly initialized memory in the vfsstreamsxattr module. An authenticated attacker could possibly use this issue to obtain sensitive information. CVE-2025-9640 Igor Morgenstern discovered that Samba incorrectly handled names passed to the WINS hook program...

Ubuntu 22.04 LTS / 24.04 LTS / 25.04 / 25.10 : Samba vulnerabilities (USN-7826-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.04 / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7826-1 advisory. Andrew Walker discovered that Samba incorrectly initialized memory in the vfsstreamsxattr module. An authenticated attacker...

CVE-2025-60013

When a highly-privileged, authenticated attacker attempts to initialize the rSeries FIPS module using a password with special shell metacharacters, arbitrary system commands may be executed, and the FIPS hardware security module HSM may fail to initialize. A successful exploit can allow the...

CVE-2025-60013

CVE-2025-60013 affects F5OS-A FIPS HSM password initialization. A highly privileged, authenticated attacker could use a password with special shell metacharacters to initialise the rSeries FIPS module, potentially executing arbitrary system commands and crossing a security boundary. Affected hard...

CVE-2025-60013 F5OS-A FIPS HSM password vulnerability

When a highly-privileged, authenticated attacker attempts to initialize the rSeries FIPS module using a password with special shell metacharacters, arbitrary system commands may be executed, and the FIPS hardware security module HSM may fail to initialize. A successful exploit can allow the...

CVE-2025-60013 F5OS-A FIPS HSM password vulnerability

When a highly-privileged, authenticated attacker attempts to initialize the rSeries FIPS module using a password with special shell metacharacters, arbitrary system commands may be executed, and the FIPS hardware security module HSM may fail to initialize. A successful exploit can allow the...

EUVD-2025-34593

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fs, fix UAF in flow counter release Fix a kernel trace 1 caused by releasing an HWS action of a local flow counter in mlx5cmdhwsdeletefte, where the HWS action refcount and mutex were not initialized and the counter...

CVE-2025-39979

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fs, fix UAF in flow counter release Fix a kernel trace 1 caused by releasing an HWS action of a local flow counter in mlx5cmdhwsdeletefte, where the HWS action refcount and mutex were not initialized and the counter...

UBUNTU-CVE-2025-39979

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fs, fix UAF in flow counter release Fix a kernel trace 1 caused by releasing an HWS action of a local flow counter in mlx5cmdhwsdeletefte, where the HWS action refcount and mutex were not initialized and the counter...

CVE-2025-39979 net/mlx5: fs, fix UAF in flow counter release

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fs, fix UAF in flow counter release Fix a kernel trace 1 caused by releasing an HWS action of a local flow counter in mlx5cmdhwsdeletefte, where the HWS action refcount and mutex were not initialized and the counter...

CVE-2025-39979 net/mlx5: fs, fix UAF in flow counter release

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fs, fix UAF in flow counter release Fix a kernel trace 1 caused by releasing an HWS action of a local flow counter in mlx5cmdhwsdeletefte, where the HWS action refcount and mutex were not initialized and the counter...

CVE-2025-39979

CVE-2025-39979 affects the Linux kernel component involving net/mlx5 fs flow actions. The issue arises in releasing a local flow counter (mlx5_cmd_hws_delete_fte) where the HWS action refcount and mutex were not initialized, allowing a potential use-after-free of the counter struct when deleting ...

kernel: drm/vkms: Fix use after free and double free on init error

In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix use after free and double free on init error If the driver initialization fails, the vkmsexit function might access an uninitialized or freed defaultconfig pointer and it might double free it. Fix both possible erro...

PT-2025-42349

Name of the Vulnerable Software and Affected Versions rSeries FIPS module affected versions not specified Description The rSeries FIPS module may fail to initialize when a user attempts initialization with a password containing special shell metacharacters. This issue affects the FIPS hardware...

EUVD-2022-55105

In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Fix initialization of device object in vmbusdeviceregister Initialize the device's dmamask,parms pointers and the device's dmamask value before invoking deviceregister. Address the following trace with 5.17-rc...