191 matches found
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: btrfs: Directly freeing partially initialized fsinfo in btrfscheckleakedroots If fsinfo-supercopy or fsinfo-superforcommit was allocated and failed in btrfsgettreesubvol, then there is no need to call btrfsfreefsinfo. Otherwise,...
CVE-2025-68365 fs/ntfs3: Initialize allocated memory before use
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Initialize allocated memory before use KMSAN reports: Multiple uninitialized values detected: - KMSAN: uninit-value in ntfsreadhdr 3 - KMSAN: uninit-value in bcmp 3 Memory is allocated by getname, which is a wrapper for...
SUSE CVE-2025-68338
In the Linux kernel, the following vulnerability has been resolved: net: dsa: microchip: Don't free uninitialized kszirq If something goes wrong at setup, kszirqfree can be called on uninitialized kszirq for example when kszptpirqsetup fails. It leads to freeing uninitialized IRQ numbers and/or...
CVE-2025-68338
In the Linux kernel, the following vulnerability has been resolved: net: dsa: microchip: Don't free uninitialized kszirq If something goes wrong at setup, kszirqfree can be called on uninitialized kszirq for example when kszptpirqsetup fails. It leads to freeing uninitialized IRQ numbers and/or...
CVE-2025-68338 net: dsa: microchip: Don't free uninitialized ksz_irq
In the Linux kernel, the following vulnerability has been resolved: net: dsa: microchip: Don't free uninitialized kszirq If something goes wrong at setup, kszirqfree can be called on uninitialized kszirq for example when kszptpirqsetup fails. It leads to freeing uninitialized IRQ numbers and/or...
CVE-2025-40235
In the Linux kernel, the following vulnerability has been resolved: btrfs: directly free partially initialized fsinfo in btrfscheckleakedroots If fsinfo-supercopy or fsinfo-superforcommit allocated failed in btrfsgettreesubvol, then no need to call btrfsfreefsinfo. Otherwise btrfscheckleakedroots...
CVE-2025-40235
In the Linux kernel, the following vulnerability has been resolved: btrfs: directly free partially initialized fsinfo in btrfscheckleakedroots If fsinfo-supercopy or fsinfo-superforcommit allocated failed in btrfsgettreesubvol, then no need to call btrfsfreefsinfo. Otherwise btrfscheckleakedroots...
CVE-2025-40235 btrfs: directly free partially initialized fs_info in btrfs_check_leaked_roots()
In the Linux kernel, the following vulnerability has been resolved: btrfs: directly free partially initialized fsinfo in btrfscheckleakedroots If fsinfo-supercopy or fsinfo-superforcommit allocated failed in btrfsgettreesubvol, then no need to call btrfsfreefsinfo. Otherwise btrfscheckleakedroots...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: netfs: Fix for unbuffered write error handling If all the subrequests in an unbuffered write stream fail, the subrequest collector does not update the stream-transferred value, and it retains its initial LONGMAX value...
PT-2025-49062
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.15.8 Description The Linux kernel contains a flaw in the btrfs subsystem where btrfs check leaked roots may access a NULL pointer if fs info-super copy or fs info-super for commit allocation fails during btrfs...
EUVD-2025-34600
In the Linux kernel, the following vulnerability has been resolved: i40e: fix idx validation in i40evalidatequeuemap Ensure idx is within range of active/initialized TCs when iterating over vf-chidx in i40evalidatequeuemap...
CVE-2025-39971
The CVE-2025-39971 entry describes a Linux kernel issue in i40e: idx validation in config_queues_msg() where vf->ch[idx] could be out of range. The connected advisories confirm this CVE is addressed by a kernel fix (idx range validation and related bounds checks) and are associated with variou...
SUSE CVE-2022-50530
In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix null pointer dereference in blkmqclearrqmapping Our syzkaller report a null pointer dereference, root cause is following: blkmqallocmapandrqs set-tagshctxidx = blkmqallocmapandrqs blkmqallocmapandrqs blkmqallocrqs //...
CVE-2023-53678 drm/i915: Fix system suspend without fbdev being initialized
In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix system suspend without fbdev being initialized If fbdev is not initialized for some reason - in practice on platforms without display - suspending fbdev should be skipped during system suspend, fix this up. While at...
EUVD-2025-32830
In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix null pointer dereference in blkmqclearrqmapping Our syzkaller report a null pointer dereference, root cause is following: blkmqallocmapandrqs set-tagshctxidx = blkmqallocmapandrqs blkmqallocmapandrqs blkmqallocrqs //...
EUVD-2021-22839
Malware in sbrugna...
EUVD-2001-1338
Malware in sbrugna...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-392621)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-392621 advisory. In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans During loopback...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986796)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986796 advisory. In the Linux kernel, the following vulnerability has been resolved: rtl818x: Prevent using not initialized queues Using not existing queues can panic the kernel with...
EUVD-2025-26094
Malicious code in bioql PyPI...