CVE-2022-50393 drm/amdgpu: SDMA update use unlocked iterator

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: SDMA update use unlocked iterator SDMA update page table may be called from unlocked context, this generate below warning. Use unlocked iterator to handle this case. WARNING: CPU: 0 PID: 1475 at...

CVE-2022-50393

CVE-2022-50393 affects the Linux kernel in the AMDGPU SDMA update path. The root cause is SDMA updating page tables from an unlocked context, triggering a warning in dma_resv_iter_next and related functions (amdgpu_vm_sdma_update, amdgpu_vm_ptes_update, etc.). The issue is mitigated by using an u...

CVE-2025-39758

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix the sendmsg byte count in siwtcpsendpages Ever since commit c2ff29e99a76 "siw: Inline dotcpsendpages", we have been doing this: static int siwtcpsendpagesstruct socket s, struct page page, int offset, sizet size ......

UBUNTU-CVE-2025-39758

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix the sendmsg byte count in siwtcpsendpages Ever since commit c2ff29e99a76 "siw: Inline dotcpsendpages", we have been doing this: static int siwtcpsendpagesstruct socket s, struct page page, int offset, sizet size ......

DEBIAN-CVE-2025-39732

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix sleeping-in-atomic in ath11kmacopsetbitratemask ath11kmacdisablepeerfixedrate is passed as the iterator to ieee80211iteratestationsatomic. Note in this case the iterator is required to be atomic, however...

proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al

...

An iterator stop condition was missing when handling WASM code in the built-in profiler, potentially leading to invalid memory access and undefined behavior. *Note:* This issue only affects the application when the profiler is running. This vulnerability affects Firefox < 126.

...

The frame iterator could get stuck in a loop when encountering certain wasm frames leading to incorrect stack traces. This vulnerability affects Firefox < 128 and Thunderbird < 128.

...

Linux Distros Unpatched Vulnerability : CVE-2023-48183

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - QuickJS before c4cdd61 has a buildforiniterator NULL pointer dereference because of an erroneous lexical scope of this with eval. CVE-2023-48183 Note that Nessu...

SUSE CVE-2025-38571

In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix client side handling of tls alerts A security exploit was discovered in NFS over TLS in tlsalertrecv due to its assumption that there is valid data in the msghdr's iterator's kvec. Instead, this patch proposes the...

CVE-2025-38571 sunrpc: fix client side handling of tls alerts

In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix client side handling of tls alerts A security exploit was discovered in NFS over TLS in tlsalertrecv due to its assumption that there is valid data in the msghdr's iterator's kvec. Instead, this patch proposes the...

Linux Distros Unpatched Vulnerability : CVE-2017-2647

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The KEYS subsystem in the Linux kernel before 3.18 allows local users to gain privileges or cause a denial of service NULL pointer dereference and system crash...

CVE-2025-38523

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix the smbdresponse slab to allow usercopy The handling of received data in the smbdirect client code involves using copytoiter to copy data from the smbdreponse struct's packet trailer to a folioq buffer provided by...

Huawei HarmonyOS Iterator Failure Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS suffers from an Iterator Failure vulnerability that can be exploited by attackers to affect functional stability...

Huawei HarmonyOS multi-mode input module iterator failure vulnerability Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. The Huawei HarmonyOS multi-mode input module suffers from an Iterator Failure Vulnerability vulnerability that can be exploited by attackers to affect...

Huawei HarmonyOS wantagent module iterator failure vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An iterator failure vulnerability exists in the Huawei HarmonyOS wantagent module, which can be exploited by an attacker to cause a memory release failure...

Huawei HarmonyOS card management module iterator failure vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An iterator failure vulnerability exists in the Huawei HarmonyOS card management module, which can be exploited by attackers to affect functional stability...

CVE-2025-38538 dmaengine: nbpfaxi: Fix memory corruption in probe()

In the Linux kernel, the following vulnerability has been resolved: dmaengine: nbpfaxi: Fix memory corruption in probe The nbpf-chan array is allocated earlier in the nbpfprobe function and it has "numchannels" elements. These three loops iterate one element farther than they should and corrupt...

Linux Distros Unpatched Vulnerability : CVE-2025-22076

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: exfat: fix missing shutdown check xfstests generic/730 test failed because after deleting th...

BIT-LIBPHP-2020-7063 Files added to tar with Phar::buildFromIterator have all-access permissions

In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when creating PHAR archive using PharData::buildFromIterator function, the files are added with default permissions 0666, or all access even if the original files on the filesystem were with more restrictive permissions...