CVE-2025-68168 jfs: fix uninitialized waitqueue in transaction manager

In the Linux kernel, the following vulnerability has been resolved: jfs: fix uninitialized waitqueue in transaction manager The transaction manager initialization in txInit was not properly initializing TxBlock0.waitor waitqueue, causing a crash when txEnd0 is called on read-only filesystems. Whe...

CVE-2025-68168 jfs: fix uninitialized waitqueue in transaction manager

In the Linux kernel, the following vulnerability has been resolved: jfs: fix uninitialized waitqueue in transaction manager The transaction manager initialization in txInit was not properly initializing TxBlock0.waitor waitqueue, causing a crash when txEnd0 is called on read-only filesystems. Whe...

CVE-2025-68167 gpiolib: fix invalid pointer access in debugfs

In the Linux kernel, the following vulnerability has been resolved: gpiolib: fix invalid pointer access in debugfs If the memory allocation in gpiolibseqstart fails, the s-private field remains uninitialized and is later dereferenced without checking in gpiolibseqstop. Initialize s-private to NUL...

CVE-2025-68167

CVE-2025-68167 affects the Linux kernel gpiolib in debugfs. The root cause is a failure path in gpiolib_seq_start() where s->private is left uninitialized if kzalloc() fails, and is later dereferenced in gpiolib_seq_stop() without a null check. The fix initializes s->private to NULL before ...

CVE-2025-14758 Initialization of a Resource with an Insecure Default in YAOOK

Incorrect configuration of replication security in the MariaDB component of the infra-operator in YAOOK Operator allows an on-path attacker to read database contents, potentially including credentials...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a call to putdevice in most:usb:hdmprobe before device initialization, which may result in a kernel warning...

ROS-20251216-7371

A vulnerability in the Extensions component of Google Chrome and Microsoft Edge browsers is related to incorrect resource initialization. Exploitation of the vulnerability may allow a remote attacker to gain unauthorized access to protected information...

PT-2025-51637

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A regression was introduced in the Linux kernel due to a commit 995412e23bb2 related to SCSI core functionality and tag iterators. This regression is triggered by the scsi host busy...

PT-2025-51638

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue in lib/test kho where a check for Kernel Hardware Observability KHO enablement is missing. Without verifying KHO is enabled before issuing KHO commands...

Linux Distros Unpatched Vulnerability : CVE-2025-68224

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: core: Fix a regression triggered by scsihostbusy Commit 995412e23bb2 blk-mq: Replace tags-lock with SRCU for tag iterators introduced the following...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the s32pinctrldesc memory not being fully initialized, which could lead to an allocation error...

Linux Distros Unpatched Vulnerability : CVE-2025-68192

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: usb: qmiwwan: initialize MAC header offset in qmimuxrxfixup Raw IP packets have no MAC header, leaving skb-macheader uninitialized. This can trigger kernel...

Linux Distros Unpatched Vulnerability : CVE-2025-68292

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/memfd: fix information leak in hugetlb folios When allocating hugetlb folios for memfd, three initialization steps are missing: 1. Folios are not zeroed,...

Linux Distros Unpatched Vulnerability : CVE-2025-68215

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ice: fix PTP cleanup on driver removal in error path Improve the cleanup on releasing PTP resources in error path. The error case might happen either at the...

PT-2025-54489

Name of the Vulnerable Software and Affected Versions Safari versions 26.2 tvOS versions 26.2 watchOS versions 26.2 visionOS versions 26.2 iOS versions 26.2 iPadOS versions 26.2 macOS versions Tahoe 26.2 Description A memory initialization issue exists due to improved memory handling. Processing...

Malicious code in yzip (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 81477965a8a70d1ffef0d388478d3e05ef2eea54ade0a9c00ef923deb41b00cf During initialization of the archive-support class, the package starts code from another file and downloads multi-stage malware --- Category: MALICIOUS - The...

edk2 security update

20250905-4 - Create new 20250905 release for OL9 which includes the following fixed CVEs: - EDK2: EDK2 contains a vulnerability in BIOS where an attacker may cause 'Protection Mechanism Failure' by local access Orabug: 38381983 CVE-2025-3770 - EDK2: EDK2 contains a vulnerability in BIOS where a...

EulerOS 2.0 SP11 : kernel (EulerOS-SA-2025-2483)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : scsi: qla2xxx: Fix warning message due to adisc being flushedCVE-2022-49158 scsi: qla2xxx: Implement ref count for SRBCVE-2022-49159 tcp: add...

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-991174)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991174 advisory. In the Linux kernel, the following vulnerability has been resolved: tracing: Fix potential double free in createvarref In createvarref, initvarref is called to...

EulerOS 2.0 SP11 : kernel (EulerOS-SA-2025-2464)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : scsi: qla2xxx: Fix warning message due to adisc being flushedCVE-2022-49158 scsi: qla2xxx: Implement ref count for SRBCVE-2022-49159 tcp: add...