PT-2025-13992 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 13.7.5 macOS Sequoia versions prior to 15.4 macOS Sonoma versions prior to 14.7.5 Description: An out-of-bounds write issue was addressed with improved bounds checking. This issue may allow an app to cause unexpected...

Apple macOS 安全漏洞

Apple macOS is a specialized operating system from Apple Inc. developed for Mac computers. A security vulnerability exists in Apple macOS that originates from an out-of-bounds write that could cause an application to cause an unexpected system termination or corrupt kernel memory...

CVE-2023-52997

A vulnerability was found in the Linux kernel's ipmetricsconvert function, where improper handling of user input can potentially leak kernel memory via side channels. This issue is caused by the use of @type, a user-controlled input, which is an array within this function. If a CPU speculatively...

CVE-2023-53008

In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential memory leaks in session setup Make sure to free cifsses::authkey.response before allocating it as we might end up leaking memory in reconnect or mounting...

SUSE CVE-2023-53000

In the Linux kernel, the following vulnerability has been resolved: netlink: prevent potential spectre v1 gadgets Most netlink attributes are parsed and validated from nlavalidateparse or validatenla u16 type = nlatypenla; if type == 0 || type maxtype / error or continue / @type is then used as a...

DEBIAN-CVE-2023-53000

In the Linux kernel, the following vulnerability has been resolved: netlink: prevent potential spectre v1 gadgets Most netlink attributes are parsed and validated from nlavalidateparse or validatenla u16 type = nlatypenla; if type == 0 || type maxtype / error or continue / @type is then used as a...

CVE-2023-52996

In the Linux kernel, the following vulnerability has been resolved: ipv4: prevent potential spectre v1 gadget in fibmetricsmatch if !type continue; if type RTAXMAX return false; ... fival = fi-fibmetrics-metricstype - 1; @type being used as an array index, we need to prevent cpu speculation or ri...

UBUNTU-CVE-2022-49757

In the Linux kernel, the following vulnerability has been resolved: EDAC/highbank: Fix memory leak in highbankmcprobe When devresopengroup fails, it returns -ENOMEM without freeing memory allocated by edacmcalloc. Call edacmcfree on the error handling path to avoid a memory leak. bp: Massage comm...

CVE-2023-53000

CVE-2023-53000 is a Linux kernel vulnerability affecting the netlink attribute handling. The issue arises when the netlink attribute type (nla_type) is used as an index after validation, enabling a possible Spectre v1 gadget to leak kernel memory to a local attacker. The public description notes ...

CVE-2023-52997

CVE-2023-52997 is a Linux kernel vulnerability affecting ipv4: ip_metrics_convert() where an attacker could exploit speculative execution to leak kernel memory content. The issue arises from using a value as an array index (type) without sufficient protection, allowing a spectre v1 gadget. The de...

CVE-2023-52997 ipv4: prevent potential spectre v1 gadget in ip_metrics_convert()

In the Linux kernel, the following vulnerability has been resolved: ipv4: prevent potential spectre v1 gadget in ipmetricsconvert if !type continue; if type RTAXMAX return -EINVAL; ... metricstype - 1 = val; @type being used as an array index, we need to prevent cpu speculation or risk leaking...

CVE-2023-52936 kernel/irq/irqdomain.c: fix memory leak with using debugfs_lookup()

In the Linux kernel, the following vulnerability has been resolved: kernel/irq/irqdomain.c: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremov...

CVE-2023-52932 mm/swapfile: add cond_resched() in get_swap_pages()

In the Linux kernel, the following vulnerability has been resolved: mm/swapfile: add condresched in getswappages The softlockup still occurs in getswappages under memory pressure. 64 CPU cores, 64GB memory, and 28 zram devices, the disksize of each zram device is 50MB with same priority as si. Us...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from octeontx2-pf's misuse of GFPKERNEL in an atomic context...

PT-2025-27974

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A memory leak issue has been identified in the Linux kernel, specifically in the wifi: ath12k module. The issue occurs due to multiple allocations of rx stats when the same station is...

Imagination GPU Driver 安全漏洞

Imagination GPU Driver is a graphics driver from Imagination. A security vulnerability exists in Imagination GPU Driver that stems from an improper GPU system call that could lead to kernel heap memory corruption...

CVE-2024-44199

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.6. An app may be able to cause unexpected system termination or read kernel memory...

CVE-2024-44199

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.6. An app may be able to cause unexpected system termination or read kernel memory...

CVE-2024-44199

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.6. An app may be able to cause unexpected system termination or read kernel memory...

CVE-2024-44199

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.6. An app may be able to cause unexpected system termination or read kernel memory...