Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from bootmem not removing the vmemmap page from kmemleak, which could cause memory leak detection to stop...

PT-2025-26112 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A memory leak issue has been identified in the Linux kernel, specifically in the ath11k module. When an error occurs during htc tx completion, the skb is not properly dropped, leading ...

kernel: wifi: ath12k: Fix invalid data access in ath12k_dp_rx_h_undecap_nwifi

A flaw was discovered in the Linux kernel's driver for Qualcomm Atheros Wi-fi 7 driver ath12k. An attacker with the ability to generate real or simulated network traffic could exploit this vulnerability to modify kernel memory, leading to a denial of service, compromised system integrity, or an...

kernel: wifi: ath12k: Fix invalid data access in ath12k_dp_rx_h_undecap_nwifi

A flaw was discovered in the Linux kernel's driver for Qualcomm Atheros Wi-fi 7 driver ath12k. An attacker with the ability to generate real or simulated network traffic could exploit this vulnerability to modify kernel memory, leading to a denial of service, compromised system integrity, or an...

AZL-63687 CVE-2025-38004 affecting package kernel for versions less than 6.6.96.1-1

In the Linux kernel, the following vulnerability has been resolved: can: bcm: add locking for bcmop runtime updates The CAN broadcast manager CAN BCM can send a sequence of CAN frames via hrtimer. The content and also the length of the sequence can be changed resp reduced at runtime where the...

VulnCheck KEV: CVE-2025-0288

Various Paragon Software products contain an arbitrary kernel memory vulnerability within biontdrv.sys, facilitated by the memmove function, which does not validate or sanitize user controlled input, allowing an attacker the ability to write arbitrary kernel memory and perform privilege escalatio...

VulnCheck KEV: CVE-2025-0285

Various Paragon Software products contain an arbitrary kernel memory mapping vulnerability within biontdrv.sys that is caused by a failure to properly validate the length of user supplied data, which can allow an attacker to perform privilege escalation exploits...

VulnCheck KEV: CVE-2025-0286

Various Paragon Software products contain an arbitrary kernel memory write vulnerability within biontdrv.sys that is caused by a failure to properly validate the length of user supplied data, which can allow an attacker to execute arbitrary code on the victim machine...

Vulnerabilities of the kfree(), ucsi_resume_work(), and ucsi_unregister() functions in the Linux operating system, allowing a hacker to cause a service failure

The vulnerability of the kfree, ucsiresumework, and ucsiunregister functions in the Linux operating system is related to the assignment of pointers. Exploiting this vulnerability could allow an attacker to cause a service failure...

CLSA-2025-1748365686 kernel: Fix of 12 CVEs

ext4: fix OOB read when checking dotdot dir CVE-2025-37785 - iscsiibft: Fix UBSAN shift-out-of-bounds warning in ibftattrshownic CVE-2025-21993 - media: uvcvideo: Fix double free in error path CVE-2024-57980 - jffs2: Prevent rtime decompress memory corruption CVE-2024-57850 - wifi: iwlegacy:...

ABB M2M Gateway Memory Corruption in embedded Linux Kernel (CVE-2022-43750)

drivers/usb/mon/monbin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-space client to corrupt the monitor's internal memory. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 8090...

CVE-2025-24151

The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. An app may be able to cause unexpected system termination or corrupt kernel memory...

CVE-2025-24152

The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.3. An app may be able to cause unexpected system termination or corrupt kernel memory...

CVE-2025-24154

An out-of-bounds write was addressed with improved input validation. This issue is fixed in iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3, visionOS 2.3. An attacker may be able to cause unexpected system termination or corrupt kernel memory...

CVE-2024-45181

An issue was discovered in WibuKey64.sys in WIBU-SYSTEMS WibuKey before v6.70 and fixed in v.6.70. An improper bounds check allows crafted packets to cause an arbitrary address write, resulting in kernel memory corruption...

CVE-2024-27863

An information disclosure issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, watchOS 10.6. A local attacker may be able to determine kernel memory layout...

CVE-2024-27841

The issue was addressed with improved memory handling. This issue is fixed in iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5. An app may be able to disclose kernel memory...

CVE-2024-54509

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Sonoma 14.7.3. An app may be able to cause unexpected system termination or write kernel memory...

CVE-2024-54507

A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2. An attacker with user privileges may be able to read kernel memory...

CVE-2024-27840

The issue was addressed with improved memory handling. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Monterey 12.7.5, macOS Ventura 13.6.7, tvOS 17.5, visionOS 1.2, watchOS 10.5. An attacker that has already achieved kernel code execution may be able to bypa...