kernel: KVM: x86/xen: Initialize Xen timer only once

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/xen: Initialize Xen timer only once Add a check for existing xen timers before initializing a new one. Currently kvmxeninittimer is called on every KVMXENVCPUATTRTYPETIMER, which is causing the following ODEBUG crash whe...

kernel: fbdev: defio: fix the pagelist corruption

In the Linux kernel, the following vulnerability has been resolved: fbdev: defio: fix the pagelist corruption Easily hit the below list corruption: == listadd corruption. prev-next should be next ffffffffc0ceb090, but was ffffec604507edc8. prev=ffffec604507edc8. WARNING: CPU: 65 PID: 3959 at...

kernel: gpio: Restrict usage of GPIO chip irq members before initialization

A flaw was found in the GPIO support in the Linux kernel. The GPIO chip IRQ members are exposed before they are completely initialized, potentially causing a NULL pointer dereference, resulting in a system crash and a denial of service...

kernel: remoteproc: imx_rproc: Fix refcount leak in imx_rproc_addr_init

In the Linux kernel, the following vulnerability has been resolved: remoteproc: imxrproc: Fix refcount leak in imxrprocaddrinit ofparsephandle returns a node pointer with refcount incremented, we should use ofnodeput on it when not needed anymore. This function has two paths missing ofnodeput...

kernel: vdpa_sim_blk: set number of address spaces and virtqueue groups

In the Linux kernel, the following vulnerability has been resolved: vdpasimblk: set number of address spaces and virtqueue groups Commit bda324fd037a "vdpasim: control virtqueue support" added two new fields nas, ngroups to vdpasimdevattr, but we forgot to initialize them for vdpasimblk. When...

kernel: drm/i915: fix a possible refcount leak in intel_dp_add_mst_connector()

In the Linux kernel, the following vulnerability has been resolved: drm/i915: fix a possible refcount leak in inteldpaddmstconnector If drmconnectorinit fails, intelconnectorfree will be called to take care of proper free. So it is necessary to drop the refcount of port before intelconnectorfree...

kernel: scsi: sd: Fix potential NULL pointer dereference

A flaw was found in the Linux kernel's SCSI subsystem. A NULL pointer dereference can be triggered when an error occurs before the sdkp-device object is fully initialized, causing a system crash and a denial of service...

PT-2025-26046 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A refcount leak issue has been identified in the Linux kernel, specifically in the imx rproc addr init function. The of parse phandle function returns a node pointer with an incremente...

PT-2025-25984 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved. The issue is related to the vdpa sim blk device, where two new fields nas, ngroups were added to vdpasim dev attr but not...

PT-2025-25958 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A refcount leak bug has been resolved in the Linux kernel. The issue is related to the usbhs rza1 hardware init function, where of find node by name returns a node pointer with an...

PT-2025-18620 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A warning in the ip6 route net exit late function has been fixed. During the initialization of ip6 route net init late, if the ipv6 route or rt6 stats file fails to be created, the...

PT-2025-13366 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, specifically in the l2tp tunnel register function. The issue involved several race conditions, including modifying the tunnel...

CVE-2023-27934

A memory initialization issue was addressed. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4. A remote attacker may be able to cause unexpected app termination or arbitrary code execution...

Memory corruption

A memory initialization issue was addressed. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4. A remote attacker may be able to cause unexpected app termination or arbitrary code execution...

CVE-2023-1660

The AI ChatBot WordPress plugin before 4.4.9 does not have authorisation and CSRF in a function hooked to init, allowing unauthenticated users to update some settings, leading to Stored XSS due to the lack of escaping when outputting them in the admin dashboard...

CVE-2023-27934

CVE-2023-27934 involves a memory initialization issue in macOS components. Exploitation could allow a remote attacker to cause an unexpected app termination or arbitrary code execution. Affected versions include macOS Ventura 13.3 and macOS Monterey 12.6.4 (as fixed). The connected documents conf...

CVE-2023-27934

A memory initialization issue was addressed. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4. A remote attacker may be able to cause unexpected app termination or arbitrary code execution...

CVE-2023-27934

A memory initialization issue was addressed. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4. A remote attacker may be able to cause unexpected app termination or arbitrary code execution...

CLSA-2023-1683146027 kernel: Fix of 23 CVEs

media: rc: Fix use-after-free bugs caused by enetxirqsim CVE-2023-1118 - net: mpls: fix stale pointer if allocation fails during device rename CVE-2023-26545 - net/ulp: prevent ULP without clone op from entering the LISTEN status CVE-2023-0461 - Bluetooth: L2CAP: Fix u8 overflow CVE-2022-45934 -...

CVE-2023-1385

Improper JPAKE implementation allows offline PIN brute-forcing due to the initialization of random values to a known value, which leads to unauthorized authentication to amzn.lightning services. This issue affects: Amazon Fire TV Stick 3rd gen versions prior to 6.2.9.5. Insignia TV with...