Lucene search
K

164 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/11 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-38234

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sched/rt: Fix race in pushrttask Overview ======== When a CPU chooses to call pushrttask and picks a task to push to another CPU's runqueue then it will call...

4.7CVSS6.1AI score0.0013EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/07/28 11:21 a.m.8 views

CVE-2025-38488 smb: client: fix use-after-free in crypt_message when using async crypto

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in cryptmessage when using async crypto The CVE-2024-50047 fix removed asynchronous crypto handling from cryptmessage, assuming all crypto operations are synchronous. However, when hardware crypto...

0.00278EPSS
Exploits0References7
CVE
CVE
added 2025/07/28 11:21 a.m.89 views

CVE-2025-38488

CVE-2025-38488 affects the Linux kernel SMB client path (crypt_message) where async crypto could lead to use-after-free when hardware accelerators return -EINPROGRESS. The issue arose after CVE-2024-50047 fixed async handling for all operations but hardware offload could still complete asynchrono...

7.8CVSS7.7AI score0.00278EPSS
Exploits0References9Affected Software1
OSV
OSV
added 2025/07/28 11:21 a.m.4 views

CVE-2025-38488 smb: client: fix use-after-free in crypt_message when using async crypto

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in cryptmessage when using async crypto The CVE-2024-50047 fix removed asynchronous crypto handling from cryptmessage, assuming all crypto operations are synchronous. However, when hardware crypto...

7.8CVSS6.5AI score0.00278EPSS
Exploits0References12
Debian CVE
Debian CVE
added 2025/07/28 11:21 a.m.3 views

CVE-2025-38488

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in cryptmessage when using async crypto The CVE-2024-50047 fix removed asynchronous crypto handling from cryptmessage, assuming all crypto operations are synchronous. However, when hardware crypto...

7.8CVSS6.4AI score0.00278EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/07/25 12:0 a.m.5 views

PT-2025-30755 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel’s DRM/XE subsystem related to the handling of GGTT node removals during device unwinding. Specifically, the issue arises when deferred GGTT node...

6.5CVSS6AI score0.03133EPSS
Exploits11References580
NVD
NVD
added 2025/07/10 8:15 a.m.4 views

CVE-2025-38277

In the Linux kernel, the following vulnerability has been resolved: mtd: nand: ecc-mxic: Fix use of uninitialized variable ret If ctx-steps is zero, the loop processing ECC steps is skipped, and the variable ret remains uninitialized. It is later checked and returned, which leads to undefined...

5.5CVSS0.00156EPSS
Exploits0References6
OSV
OSV
added 2025/07/04 2:15 p.m.15 views

AZL-70430 CVE-2025-38234 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: sched/rt: Fix race in pushrttask Overview ======== When a CPU chooses to call pushrttask and picks a task to push to another CPU's runqueue then it will call findlocklowestrq method which would take a double lock on both CPUs'...

4.7CVSS5.8AI score0.0013EPSS
Exploits0References1
NVD
NVD
added 2025/07/03 9:15 a.m.3 views

CVE-2025-38118

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix UAF on mgmtremoveadvmonitorcomplete This reworks MGMTOPREMOVEADVMONITOR to not use mgmtpendingadd to avoid crashes like bellow: ================================================================== BUG: KASAN:...

7.8CVSS0.0016EPSS
Exploits0References6
OSV
OSV
added 2025/06/18 11:0 a.m.8 views

CVE-2022-49955 powerpc/rtas: Fix RTAS MSR[HV] handling for Cell

In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: Fix RTAS MSRHV handling for Cell The semi-recent changes to MSR handling when entering RTAS firmware cause crashes on IBM Cell machines. An example trace: kernel tried to execute user page 2fff01a8 - exploit attempt...

5.5CVSS6.2AI score0.00179EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/06/18 12:0 a.m.7 views

PT-2025-26070 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel's SoundWire driver has been resolved. The issue arises when the driver's bind and unbind operations are not properly handled, leading to potential...

7.8CVSS5.8AI score0.12746EPSS
Exploits16References563
NVD
NVD
added 2025/05/09 7:16 a.m.17 views

CVE-2025-37886

In the Linux kernel, the following vulnerability has been resolved: pdscore: make waitcontext part of qinfo Make the waitcontext a full part of the qinfo struct rather than a stack variable that goes away after pdscadminqpost is done so that the context is still available after the wait loop has...

5.5CVSS0.0022EPSS
Exploits0References4
NVD
NVD
added 2025/05/09 7:16 a.m.8 views

CVE-2025-37858

In the Linux kernel, the following vulnerability has been resolved: fs/jfs: Prevent integer overflow in AG size calculation The JFS filesystem calculates allocation group AG size using 1 2TB aggregates on 32-bit systems, this 32-bit shift operation causes undefined behavior and improper AG sizing...

5.5CVSS0.00244EPSS
Exploits0References11
OSV
OSV
added 2025/05/09 6:45 a.m.16 views

CVE-2025-37886 pds_core: make wait_context part of q_info

In the Linux kernel, the following vulnerability has been resolved: pdscore: make waitcontext part of qinfo Make the waitcontext a full part of the qinfo struct rather than a stack variable that goes away after pdscadminqpost is done so that the context is still available after the wait loop has...

5.5CVSS6AI score0.0022EPSS
Exploits0References7
Cvelist
Cvelist
added 2025/05/09 6:42 a.m.14 views

CVE-2025-37858 fs/jfs: Prevent integer overflow in AG size calculation

In the Linux kernel, the following vulnerability has been resolved: fs/jfs: Prevent integer overflow in AG size calculation The JFS filesystem calculates allocation group AG size using 1 2TB aggregates on 32-bit systems, this 32-bit shift operation causes undefined behavior and improper AG sizing...

0.00244EPSS
Exploits0References9
CVE
CVE
added 2025/05/09 6:42 a.m.136 views

CVE-2025-37858

The CVE-2025-37858 issue affects the Linux kernel’s JFS filesystem. Root cause: AG size calculation in dbExtendFS() uses a 1 < 31 on 32-bit systems, this causes undefined behavior and invalid AG sizes (sbi->bmap->db_agsize). Impact: potential filesystem corruption during extend operation...

5.5CVSS7.6AI score0.00244EPSS
Exploits0References11Affected Software1
OSV
OSV
added 2025/05/08 7:15 a.m.1 views

DEBIAN-CVE-2025-37818

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Return NULL from hugepteoffset for invalid PMD LoongArch's hugepteoffset currently returns a pointer to a PMD slot even if the underlying entry points to invalidptetable indicating no mapping. Callers like...

5.5CVSS5.6AI score0.00155EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/26 12:0 a.m.6 views

PT-2025-20347

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, specifically in the LoongArch architecture. The issue arises when the huge pte offset function returns a pointer to a PMD slot even...

5.5CVSS7.5AI score0.00155EPSS
Exploits0References58
RedHat Linux
RedHat Linux
added 2025/03/19 12:52 a.m.3 views

kernel: memcg: protect concurrent access to mem_cgroup_idr

memcg in linux kernel permit concurrent access to memcgroupidr which can lead to kernel crashes...

4.7CVSS6.7AI score0.00229EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2024-56659

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: lapb: increase LAPBHEADERLEN It is unclear if net/lapb code is supposed to be ready for 8021q. We can at least avoid crashes like the following : skbuff:...

5.5CVSS6.8AI score0.0022EPSS
Exploits0References3
Rows per page
Query Builder