Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a mishandled error in the mbfindextent function, which could lead to kernel warnings and system instability...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from a shift overrun in the exponential backoff calculation in the enacom component, which could lead to system...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the deletion of uninitialized timers, which could lead to debugging warnings and system instability...

PT-2025-38088

Name of the Vulnerable Software and Affected Versions: HPE Aruba Networking EdgeConnect SD-WAN Gateways affected versions not specified Description: A vulnerability in the web API of HPE Aruba Networking EdgeConnect SD-WAN Gateways could allow an authenticated remote attacker to terminate arbitra...

kernel: udmabuf: fix a buf size overflow issue during udmabuf creation

A buffer-overflow vulnerability was found in the Linux kernel's udmabuf driver. The flaw occurs in the udmabufcreate function, which calculates the page count limit pglimit using the variable sizelimitmb. This size variable can be misinterpreted as either 32-bit or 64-bit, resulting in incorrect...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an invalid context call vmunmapram, which could lead to system instability...

The _dwarf_get_abbrev_for_code function in dwarf_util.c in libdwarf 20161001 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) by calling the dwarfdump command on a crafted file.

...

Linux Distros Unpatched Vulnerability : CVE-2023-20898

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Git Providers can read from the wrong environment because they get the same cache directory base name in Salt masters prior to 3005.2 or 3006.2. Anything that...

SUSE CVE-2025-38674

In the Linux kernel, the following vulnerability has been resolved: Revert "drm/prime: Use dmabuf from GEM object instance" This reverts commit f83a9b8c7fd0557b0c50784bfdc1bbe9140c9bf8. The dmabuf field in struct drmgemobject is not stable over the object instance's lifetime. The field becomes NU...

CVE-2025-38673

CVE-2025-38673 impacts the Linux kernel. The issue arises from the stability of the dma_buf field in struct drm_gem_object across a GEM object’s lifetime, which can become NULL after the final GEM handle is released, leading to a NULL-pointer dereference. Public documents indicate that prior work...

Comprehensive MCP Security Checklist: Protecting Your AI-Powered Infrastructure

With innovation comes risk. As organizations race to build AI-first infrastructure, security is struggling to keep pace. Multi-Agentic Systems – those built on Large Language Models LLMs and Multi-Component Protocols MCP - bring immense potential, but also novel vulnerabilities that traditional...

NVIDIA Merlin Transformers4Rec Code Injection Vulnerability

NVIDIA Merlin Transformers4Rec is a software for building serialized and conversational recommender systems from NVIDIA. NVIDIA Merlin Transformers4Rec suffers from a code injection vulnerability, which originates from a Python dependency, that can be exploited by an attacker to perform malicious...

kernel: padata: fix UAF in padata_reorder

A use-after-free vulnerability was found in the Linux kernel's padata subsystem, in the padatareorder function. Caused by improper synchronization controls, this vulnerability can occur when a reference-counted data structure pd is decremented in one thread, freeing it, while another thread still...

CVE-2025-20239

CVE-2025-20239 describes an unauthenticated, remote-execution of a memory-leak/DoS in the IKEv2 processing of Cisco IOS, IOS XE, ASA, and FTD. Exploitation via crafted IKEv2 packets can cause IOS/IOS XE devices to reload; ASA/FTD may partially exhaust memory leading to instability and inability t...

NVIDIA Isaac-GR00T 代码注入漏洞

NVIDIA Isaac-GR00T is an open base modeling platform from NVIDIA. The NVIDIA Isaac-GR00T suffers from a code injection vulnerability, which originates in a Python component, that can be exploited by an attacker to perform malicious operations and compromise system stability by bypassing security...

Linux Distros Unpatched Vulnerability : CVE-2025-21943

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: gpio: aggregator: protect driver attr handlers against module unload Both newdevicestore and...

PT-2025-32120 · Kernel · Kernel

Name of the Vulnerable Software and Affected Versions: affected versions not specified Description: A memory corruption issue exists when submitting blob data to kernel space through an IOCTL Input/Output Control call. This can lead to system instability or potential code execution...

Linux Distros Unpatched Vulnerability : CVE-2021-47187

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - arm64: dts: qcom: msm8998: Fix CPU/L2 idle state latency and residency The entry/exit latency and minimum residency in state for the idle states of MSM8998 wer...

CVE-2025-38439

In the Linux kernel, the following vulnerability has been resolved: bnxten: Set DMA unmap len correctly for XDPREDIRECT When transmitting an XDPREDIRECT packet, call dmaunmaplenset with the proper length instead of 0. This bug triggers this warning on a system with IOMMU enabled: WARNING: CPU: 36...

CVE-2025-38455

CVE-2025-38455: Linux kernel KVM-SEV-ES intra-host migration is rejected when vCPU creation is in-flight to prevent SEV-ES VM with non-SEV-ES vCPU. Root cause: vCPU creation runs largely outside kvm->lock, allowing sev_info.es_active to toggle during svm_vcpu_create(), causing issues when free...