151 matches found
CVE-2025-58148
This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Some Viridian hypercalls can specify a mask of vCPU IDs as an input, in one of three formats. Xen has boundary checking bugs with all three formats, which can cause...
CVE-2025-58148
Xen hypervisor vulnerability CVE-2025-58148 arises from Viridian hypercalls accepting vCPU ID masks in any input format. The flaw can cause send_ipi() to read d->vcpu[] out-of-bounds and operate on a wild vCPU pointer, enabling out-of-bounds reads/writes. Connected advisories confirm impact on...
SUSE CVE-2025-58148
This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Some Viridian hypercalls can specify a mask of vCPU IDs as an input, in one of three formats. Xen has boundary checking bugs with all three formats, which can cause...
EUVD-2022-31024
Malicious code in bioql PyPI...
EUVD-2022-31025
Malicious code in bioql PyPI...
EUVD-2022-26953
Malicious code in bioql PyPI...
EUVD-2023-59929
Malicious code in bioql PyPI...
PT-2025-46737
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the mailbox component, specifically within the zynqmp-ipi module. A problem existed in the mailbox cleanup loop where it was initiating at an incorrec...
CVE-2023-53332
In the Linux kernel, the following vulnerability has been resolved: genirq/ipi: Fix NULL pointer deref in irqdatagetaffinitymask If ipisendmask|single is called with an invalid interrupt number, all the local variables there will be NULL. ipisendverify which is invoked from these functions does...
AZL-71888 CVE-2023-53332 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: genirq/ipi: Fix NULL pointer deref in irqdatagetaffinitymask If ipisendmask|single is called with an invalid interrupt number, all the local variables there will be NULL. ipisendverify which is invoked from these functions does...
CVE-2023-53332 genirq/ipi: Fix NULL pointer deref in irq_data_get_affinity_mask()
In the Linux kernel, the following vulnerability has been resolved: genirq/ipi: Fix NULL pointer deref in irqdatagetaffinitymask If ipisendmask|single is called with an invalid interrupt number, all the local variables there will be NULL. ipisendverify which is invoked from these functions does...
CVE-2023-53332
CVE-2023-53332: In the Linux kernel, a missing NULL pointer check in ipi_send_verify() can allow NULL dereference in irq_data_get_affinity_mask() when ipi_send_{mask|single}() is called with an invalid interrupt number, causing a kernel oops. The fix adds the NULL pointer check in ipi_send_verify...
CVE-2023-53332 genirq/ipi: Fix NULL pointer deref in irq_data_get_affinity_mask()
In the Linux kernel, the following vulnerability has been resolved: genirq/ipi: Fix NULL pointer deref in irqdatagetaffinitymask If ipisendmask|single is called with an invalid interrupt number, all the local variables there will be NULL. ipisendverify which is invoked from these functions does...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the lack of null pointer checking in the ipisendverify function, which could lead to null pointer dereferencing...
CLSA-2025-1757961506 kernel: Fix of 26 CVEs
posix-cpu-timers: fix race between handleposixcputimers and posixcputimerdel CVE-2025-38352 - xfrm: state: fix out-of-bounds read during lookup CVE-2024-57982 - nfsd: fix race between laundromat and freestateid CVE-2024-50106 - nfsd: split scstatus out of sctype CVE-2024-50106 - nfsd: avoid race...
Linux Distros Unpatched Vulnerability : CVE-2025-39704
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix stack protector issue in sendipidata Function kvmiobusread is called in...
SUSE CVE-2025-39704
In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix stack protector issue in sendipidata Function kvmiobusread is called in function sendipidata, buffer size of parameter val should be at least 8 bytes. Since some emulation functions like loongarchipireadl and...
DEBIAN-CVE-2025-39704
In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix stack protector issue in sendipidata Function kvmiobusread is called in function sendipidata, buffer size of parameter val should be at least 8 bytes. Since some emulation functions like loongarchipireadl and...
UBUNTU-CVE-2025-39704
In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix stack protector issue in sendipidata Function kvmiobusread is called in function sendipidata, buffer size of parameter val should be at least 8 bytes. Since some emulation functions like loongarchipireadl and...
CVE-2025-39704
CVE-2025-39704 relates to a Linux kernel issue for LoongArch KVM where send_ipi_data() may trigger a stack-protector based panic if kvm_io_bus_read() writes an 8-byte value regardless of the declared length. The root cause is a buffer handling mismatch in certain emulation paths (e.g., loongarch_...