2112 matches found
CVE-2025-71105
CVE-2025-71105 documents a Linux kernel issue in f2fs where two slab caches (f2fs_xattr_entry-7:3 and f2fs_xattr_entry-7:7) with identical slab sizes cause kmem_cache_sanity_check warnings during mount operations. The root cause is using per-sb slab caches instead of a single global slab, leading...
CVE-2025-71105 f2fs: use global inline_xattr_slab instead of per-sb slab cache
In the Linux kernel, the following vulnerability has been resolved: f2fs: use global inlinexattrslab instead of per-sb slab cache As Hong Yun reported in mailing list: loop7: detected capacity change from 0 to 131072 ------------ cut here ------------ kmemcache of name 'f2fsxattrentry-7:7' alread...
CVE-2025-71105
In the Linux kernel, the following vulnerability has been resolved: f2fs: use global inlinexattrslab instead of per-sb slab cache As Hong Yun reported in mailing list: loop7: detected capacity change from 0 to 131072 ------------ cut here ------------ kmemcache of name 'f2fsxattrentry-7:7' alread...
CVE-2025-71105
In the Linux kernel, the following vulnerability has been resolved: f2fs: use global inlinexattrslab instead of per-sb slab cache As Hong Yun reported in mailing list: loop7: detected capacity change from 0 to 131072 ------------ cut here ------------ kmemcache of name 'f2fsxattrentry-7:7' alread...
SUSE CVE-2025-71068
In the Linux kernel, the following vulnerability has been resolved: svcrdma: bound check rqpages index in inline path svcrdmacopyinlinerange indexed rqstp-rqpagesrccurpage without verifying rccurpage stays within the allocated page array. Add guards before the first use and after advancing to a n...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the use of a global inlinexattrslab instead of a per-superblock slab cache, which could lead to duplicate...
AZL-74375 CVE-2025-71068 affecting package kernel for versions less than 6.6.121.1-1
In the Linux kernel, the following vulnerability has been resolved: svcrdma: bound check rqpages index in inline path svcrdmacopyinlinerange indexed rqstp-rqpagesrccurpage without verifying rccurpage stays within the allocated page array. Add guards before the first use and after advancing to a n...
CVE-2025-71068
In the Linux kernel, the following vulnerability has been resolved: svcrdma: bound check rqpages index in inline path svcrdmacopyinlinerange indexed rqstp-rqpagesrccurpage without verifying rccurpage stays within the allocated page array. Add guards before the first use and after advancing to a n...
CVE-2025-68811
In the Linux kernel, the following vulnerability has been resolved: svcrdma: use rcpageoff for memcpy byte offset svcrdmacopyinlinerange added rccurpage page index to the page base instead of the byte offset rcpageoff. Use rcpageoff so copies land within the current page. Found by ZeroPath...
UBUNTU-CVE-2025-71068
In the Linux kernel, the following vulnerability has been resolved: svcrdma: bound check rqpages index in inline path svcrdmacopyinlinerange indexed rqstp-rqpagesrccurpage without verifying rccurpage stays within the allocated page array. Add guards before the first use and after advancing to a n...
CVE-2025-71068
In the Linux kernel, the following vulnerability has been resolved: svcrdma: bound check rqpages index in inline path svcrdmacopyinlinerange indexed rqstp-rqpagesrccurpage without verifying rccurpage stays within the allocated page array. Add guards before the first use and after advancing to a n...
CVE-2025-71068 svcrdma: bound check rq_pages index in inline path
In the Linux kernel, the following vulnerability has been resolved: svcrdma: bound check rqpages index in inline path svcrdmacopyinlinerange indexed rqstp-rqpagesrccurpage without verifying rccurpage stays within the allocated page array. Add guards before the first use and after advancing to a n...
CVE-2025-71068
CVE-2025-71068 concerns the Linux kernel: svcrdma path bound-check bug in inline path when indexing rqstp->rq_pages[rc_curpage] without ensuring rc_curpage is within allocated bounds. The description notes that guards were added before first use and after advancing to a new page, addressing th...
CVE-2025-71068 svcrdma: bound check rq_pages index in inline path
In the Linux kernel, the following vulnerability has been resolved: svcrdma: bound check rqpages index in inline path svcrdmacopyinlinerange indexed rqstp-rqpagesrccurpage without verifying rccurpage stays within the allocated page array. Add guards before the first use and after advancing to a n...
CVE-2025-71068
In the Linux kernel, the following vulnerability has been resolved: svcrdma: bound check rqpages index in inline path svcrdmacopyinlinerange indexed rqstp-rqpagesrccurpage without verifying rccurpage stays within the allocated page array. Add guards before the first use and after advancing to a n...
PT-2026-2543
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s svcrdma functionality related to memory copying. Specifically, the svc rdma copy inline range function incorrectly added the page index rc curpage to...
PT-2026-2589
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contained a flaw in the svcrdma component where the index for accessing pages in the rq pages array within the svc rdma copy inline range function was not properly...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the use of incorrect offsets when copying inline ranges, which could result in data being copied in the wron...
CVE-2021-33496
Dutchcoders transfer.sh before 1.2.4 allows XSS via an inline view...
CVE-2019-20435
An issue was discovered in WSO2 API Manager 2.6.0. A reflected XSS attack could be performed in the inline API documentation editor page of the API Publisher by sending an HTTP GET request with a harmful docName request parameter...