73 matches found
CVE-2025-39880
In the Linux kernel, the following vulnerability has been resolved: libceph: fix invalid accesses to cephconnectionv1info There is a place where generic code in messenger.c is reading and another place where it is writing to con-v1 union member without checking that the union member is active i.e...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to check if a con-v1 union member is active, which could lead to invalid access...
i40e: Fix potential invalid access when MAC list is empty
...
CVE-2025-39853 i40e: Fix potential invalid access when MAC list is empty
In the Linux kernel, the following vulnerability has been resolved: i40e: Fix potential invalid access when MAC list is empty listfirstentry never returns NULL - if the list is empty, it still returns a pointer to an invalid object, leading to potential invalid memory access when dereferenced. Fi...
CVE-2022-50355
In the Linux kernel, the following vulnerability has been resolved: staging: vt6655: fix some erroneous memory clean-up loops In some initialization functions of this driver, memory is allocated with 'i' acting as an index variable and increasing from 0. The commit in "Fixes" introduces some...
CVE-2022-50355
CVE-2022-50355 affects the Linux kernel staging vt6655 driver. In some initialization paths, memory is allocated with an index variable i, and the subsequent reverse-order cleanup on allocation failure can miss the case i=0 (memory leak) and can start with i=-1 (access to invalid memory). One loo...
DEBIAN-CVE-2025-38591
In the Linux kernel, the following vulnerability has been resolved: bpf: Reject narrower access to pointer ctx fields The following BPF program, simplified from a syzkaller repro, causes a kernel warning: r0 = u8 r1 + 169; exit; With pointer field sk being at offset 168 in skbuff. This access is...
CVE-2025-38591 bpf: Reject narrower access to pointer ctx fields
In the Linux kernel, the following vulnerability has been resolved: bpf: Reject narrower access to pointer ctx fields The following BPF program, simplified from a syzkaller repro, causes a kernel warning: r0 = u8 r1 + 169; exit; With pointer field sk being at offset 168 in skbuff. This access is...
kernel: mm/huge_memory: fix dereferencing invalid pmd migration entry
In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: fix dereferencing invalid pmd migration entry When migrating a THP, concurrent access to the PMD migration entry during a deferred split scan can lead to an invalid address access, as illustrated below. To prevent...
kernel: mm/huge_memory: fix dereferencing invalid pmd migration entry
In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: fix dereferencing invalid pmd migration entry When migrating a THP, concurrent access to the PMD migration entry during a deferred split scan can lead to an invalid address access, as illustrated below. To prevent...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from uninitialized instruction data that could lead to invalid access...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an unchecked state endpoint that could lead to invalid access...
kernel: mm/huge_memory: fix dereferencing invalid pmd migration entry
In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: fix dereferencing invalid pmd migration entry When migrating a THP, concurrent access to the PMD migration entry during a deferred split scan can lead to an invalid address access, as illustrated below. To prevent...
EulerOS 2.0 SP12 : kernel (EulerOS-SA-2025-1827)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : ovl: Use 'buf' flexible array for memcpy destinationCVE-2022-49743 cifs: fix potential memory leaks in session setupCVE-2023-53008 bnxt: Do not re...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an unchecked findecsensorindex return value, which could result in an invalid memory access...
CVE-2025-37958
In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: fix dereferencing invalid pmd migration entry When migrating a THP, concurrent access to the PMD migration entry during a deferred split scan can lead to an invalid address access, as illustrated below. To prevent...
CVE-2025-37958 mm/huge_memory: fix dereferencing invalid pmd migration entry
In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: fix dereferencing invalid pmd migration entry When migrating a THP, concurrent access to the PMD migration entry during a deferred split scan can lead to an invalid address access, as illustrated below. To prevent...
CVE-2025-37958
CVE-2025-37958 affects the Linux kernel THP path. The issue arises when migrating a THP: concurrent access to the PMD migration entry during a deferred split scan could dereference an invalid address. The fix adds a check of the PMD migration entry and returns early, since the PMD migration entry...
wifi: rtlwifi: fix memory leaks and invalid access at probe error path
...
AZL-59136 CVE-2024-58063 affecting package kernel for versions less than 5.15.180.1-1
In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: fix memory leaks and invalid access at probe error path Deinitialize at reverse order when probe fails. When initswvars fails, rtldeinitcore should not be called, specially now that it destroys the rtlwq workqueue...