2569 matches found
AZL-59760 CVE-2025-21947 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix type confusion via race condition when using ipcmsgsendrequest req-handle is allocated using ksmbdacquireid&ipcida, based on idaalloc. req-handle from ksmbdipcloginrequest and FSCTLPIPETRANSCEIVE ioctl can be same and ...
CVE-2025-21947
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix type confusion via race condition when using ipcmsgsendrequest req-handle is allocated using ksmbdacquireid&ipcida, based on idaalloc. req-handle from ksmbdipcloginrequest and FSCTLPIPETRANSCEIVE ioctl can be same and ...
DEBIAN-CVE-2025-21947
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix type confusion via race condition when using ipcmsgsendrequest req-handle is allocated using ksmbdacquireid&ipcida, based on idaalloc. req-handle from ksmbdipcloginrequest and FSCTLPIPETRANSCEIVE ioctl can be same and ...
CVE-2025-21947
The CVE-2025-21947 issue affects the Linux kernel ksmbd subsystem and is resolved by a fix for a race condition that can cause type confusion in IPC message handling. Root cause: req->handle is allocated via ksmbd_acquire_id(&ipc_ida) (ida_alloc) and can be reused for ksmbd_ipc_login_request a...
CVE-2025-21947 ksmbd: fix type confusion via race condition when using ipc_msg_send_request
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix type confusion via race condition when using ipcmsgsendrequest req-handle is allocated using ksmbdacquireid&ipcida, based on idaalloc. req-handle from ksmbdipcloginrequest and FSCTLPIPETRANSCEIVE ioctl can be same and ...
CVE-2025-21947 ksmbd: fix type confusion via race condition when using ipc_msg_send_request
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix type confusion via race condition when using ipcmsgsendrequest req-handle is allocated using ksmbdacquireid&ipcida, based on idaalloc. req-handle from ksmbdipcloginrequest and FSCTLPIPETRANSCEIVE ioctl can be same and ...
CVE-2025-21947
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix type confusion via race condition when using ipcmsgsendrequest req-handle is allocated using ksmbdacquireid&ipcida, based on idaalloc. req-handle from ksmbdipcloginrequest and FSCTLPIPETRANSCEIVE ioctl can be same and ...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the presence of a race condition in ipcmsgsendrequest leading to type confusion...
SUSE CVE-2023-52987
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-mtrace: prevent underflow in sofipc4prioritymaskdfswrite The "id" comes from the user. Change the type to unsigned to prevent an array underflow...
SUSE CVE-2025-2857
Following the recent Chrome sandbox escape CVE-2025-2783, various Firefox developers identified a similar pattern in our IPC code. A compromised child process could cause the parent process to return an unintentionally powerful handle, leading to a sandbox escape. The original vulnerability was...
SUSE CVE-2025-21870
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-topology: Harden loops for looking up ALH copiers Other, non DAI copier widgets could have the same stream name sname as the ALH copier and in that case the copier-data is NULL, no alhdata is attached, which could...
Mozilla Firefox < 136.0.4
The version of Firefox installed on the remote macOS or Mac OS X host is prior to 136.0.4. It is, therefore, affected by a vulnerability as referenced in the mfsa2025-19 advisory. - Following the recent Chrome sandbox escape CVE-2025-2783, various Firefox developers identified a similar pattern i...
Mozilla Firefox ESR < 128.8.1
The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 128.8.1. It is, therefore, affected by a vulnerability as referenced in the mfsa2025-19 advisory. - Following the recent Chrome sandbox escape CVE-2025-2783, various Firefox developers identified a similar patte...
Mozilla Firefox ESR < 115.21.1
The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 115.21.1. It is, therefore, affected by a vulnerability as referenced in the mfsa2025-19 advisory. - Following the recent Chrome sandbox escape CVE-2025-2783, various Firefox developers identified a similar...
kernel security update
3.10.0-1160.119.1.0.7 - ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices Benot Sevens CVE-2024-53197 Orabug: 37686305 - can: bcm: Fix UAF in bcmprocshow YueHaibing CVE-2023-52922 Orabug: 37686305 - HID: core: zero-initialize the report buffer Benot Sevens...
Mozilla Firefox ESR < 115.21.1
The version of Firefox ESR installed on the remote Windows host is prior to 115.21.1. It is, therefore, affected by a vulnerability as referenced in the mfsa2025-19 advisory. - Following the recent Chrome sandbox escape CVE-2025-2783, various Firefox developers identified a similar pattern in our...
UBUNTU-CVE-2023-52987
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-mtrace: prevent underflow in sofipc4prioritymaskdfswrite The "id" comes from the user. Change the type to unsigned to prevent an array underflow...
CVE-2025-2857
Following the recent Chrome sandbox escape CVE-2025-2783, various Firefox developers identified a similar pattern in our IPC code. A compromised child process could cause the parent process to return an unintentionally powerful handle, leading to a sandbox escape. The original vulnerability was...
CVE-2025-2857
Following the recent Chrome sandbox escape CVE-2025-2783, various Firefox developers identified a similar pattern in our IPC code. A compromised child process could cause the parent process to return an unintentionally powerful handle, leading to a sandbox escape. The original vulnerability was...
CVE-2025-2857
Firefox on Windows was vulnerable to a sandbox-escape in the IPC code where a compromised child process could cause the parent to return an unintentionally powerful handle. This pattern mirrors the Chrome/CVE-2025-2783 lineage and was exploited in the wild. The issue affected Firefox on Windows o...