UBUNTU-CVE-2022-50265

In the Linux kernel, the following vulnerability has been resolved: kcm: annotate data-races around kcm-rxwait kcm-rxpsock can be read locklessly in kcmrfree. Annotate the read and writes accordingly. syzbot reported: BUG: KCSAN: data-race in kcmrcvstrparser / kcmrfree write to 0xffff88810784e3d0...

CVE-2022-50291

CVE-2022-50291 pertains to the Linux kernel KCM subsystem. Connected advisories describe a data-race in kcm_rfree() related to kcm->rx_psock and an analogous race for kcm->rx_wait, fixed by annotating reads/writes around these fields. The patches address lockless reads in kcm_rfree and ensu...

CVE-2022-50265 kcm: annotate data-races around kcm->rx_wait

In the Linux kernel, the following vulnerability has been resolved: kcm: annotate data-races around kcm-rxwait kcm-rxpsock can be read locklessly in kcmrfree. Annotate the read and writes accordingly. syzbot reported: BUG: KCSAN: data-race in kcmrcvstrparser / kcmrfree write to 0xffff88810784e3d0...

PT-2025-37593

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.0.0-syzkaller-12189-g19d17ab7c68b-dirty Description: The Linux kernel contained a data race condition related to kcm-rx psock. Specifically, kcm-rx psock could be read without a lock in the kcm rfree function...

Linux Distros Unpatched Vulnerability : CVE-2025-38611

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vmci: Prevent the dispatching of uninitialized payloads The reproducer executes the host's unlockedioctl call in two different tasks. When initcontext fails, th...

CVE-2025-38636 rv: Use strings in da monitors tracepoints

In the Linux kernel, the following vulnerability has been resolved: rv: Use strings in da monitors tracepoints Using DA monitors tracepoints with KASAN enabled triggers the following warning: BUG: KASAN: global-out-of-bounds in dotraceeventraweventeventdamonitor+0xd6/0x1a0 Read of size 32 at addr...

PT-2025-33809

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw in the vmci subsystem where uninitialized payloads can be dispatched. This occurs when the init context function fails, leading to incomplete...

Linux Distros Unpatched Vulnerability : CVE-2021-39636

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In doiptgetctl and doiptsetctl of iptables.c, there is a possible way to leak kernel information due to uninitialized data. This could lead to local information...

Linux Distros Unpatched Vulnerability : CVE-2020-35519

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds OOB memory access flaw was found in x25bind in net/x25/afx25.c in the Linux kernel version v5.12-rc5. A bounds check failure allows a local...

CVE-2025-6573 GPU DDK - RGXFW_CTL.pui8FWScratchBuf Leak/Overwrite

Kernel software installed and running inside an untrusted/rich execution environment REE could leak information from the trusted execution environment TEE...

CVE-2021-21792

An information disclosure vulnerability exists in the the way IOBit Advanced SystemCare Ultimate 14.2.0.220 driver handles Privileged I/O read requests. A specially crafted I/O request packet IRP can lead to privileged reads in the context of a driver which can result in sensitive information...

CVE-2020-3674

Information can leak into userspace due to improper transfer of data from kernel to userspace in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in Nicobar, QCS405, Saipan, SC8180X, SDX55,...

CVE-2019-15875

In FreeBSD 12.1-STABLE before r354734, 12.1-RELEASE before 12.1-RELEASE-p2, 12.0-RELEASE before 12.0-RELEASE-p13, 11.3-STABLE before r354735, and 11.3-RELEASE before 11.3-RELEASE-p6, due to incorrect initialization of a stack data structure, core dump files may contain up to 20 bytes of kernel da...

CVE-2018-9407

In emmcrpmbioctl of emmcrpmb.c, there is an Information Disclosure due to a Missing Bounds Check. This could lead to Information Disclosure of kernel data...

CVE-2025-37799 vmxnet3: Fix malformed packet sizing in vmxnet3_process_xdp

In the Linux kernel, the following vulnerability has been resolved: vmxnet3: Fix malformed packet sizing in vmxnet3processxdp vmxnet3 driver's XDP handling is buggy for packet sizes using ring0 that is, packet sizes between 128 - 3k bytes. We noticed MTU-related connectivity issues with Cilium's...

CVE-2025-37799

CVE-2025-37799 : Linux kernel vmxnet3 driver XDP handling is fixed for malformed packet sizing in vmxnet3_process_xdp. The issue caused MTU-related connectivity problems when using XDP load balancing with IPIP encapsulation, where some packets (e.g., HTTP GET) could be oversized and, in rare case...

CVE-2023-53059

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosecchardev: fix kernel data leak from ioctl It is possible to peep kernel page's data by providing larger insize in struct croseccommand1 when invoking EC host commands. Fix it by using zeroed memory. 1:...

UBUNTU-CVE-2023-53059

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosecchardev: fix kernel data leak from ioctl It is possible to peep kernel page's data by providing larger insize in struct croseccommand1 when invoking EC host commands. Fix it by using zeroed memory. 1:...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from crosecchardev not clearing ioctl memory, which could lead to a kernel data leak...

PT-2025-18943

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue concerns the vmxnet3 driver's XDP handling, which is buggy for packet sizes between 128 and 3k bytes. This bug can cause MTU-related connectivity issues, and in some cases, it...