DEBIAN-CVE-2025-40209

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix memory leak of qgrouplist in btrfsaddqgrouprelation When btrfsaddqgrouprelation is called with invalid qgroup levels src = dst, the function returns -EINVAL directly without freeing the preallocated qgrouplist structur...

Apple多款产品 安全漏洞

Apple iOS is an operating system developed for mobile devices. apple macOS is a specialized operating system developed for Mac computers. apple iPadOS is an operating system for iPad tablet computers. A security vulnerability exists in several Apple products that originates from an out-of-bounds...

CVE-2025-63602

A vulnerability was discovered in Awesome Miner thru 11.2.4 that allows arbitrary read and write to kernel memory and MSRs such as LSTAR as an unprivileged user. This is due to the implementation of an insecure version of WinRing0 1.2.0.5, renamed to IntelliBreeze.Maintenance.Service.sys that lac...

CVE-2025-63602

A vulnerability was discovered in Awesome Miner thru 11.2.4 that allows arbitrary read and write to kernel memory and MSRs such as LSTAR as an unprivileged user. This is due to the implementation of an insecure version of WinRing0 1.2.0.5, renamed to IntelliBreeze.Maintenance.Service.sys that lac...

CVE-2025-63602

A vulnerability was discovered in Awesome Miner thru 11.2.4 that allows arbitrary read and write to kernel memory and MSRs such as LSTAR as an unprivileged user. This is due to the implementation of an insecure version of WinRing0 1.2.0.5, renamed to IntelliBreeze.Maintenance.Service.sys that lac...

CVE-2025-63602

A vulnerability was discovered in Awesome Miner thru 11.2.4 that allows arbitrary read and write to kernel memory and MSRs such as LSTAR as an unprivileged user. This is due to the implementation of an insecure version of WinRing0 1.2.0.5, renamed to IntelliBreeze.Maintenance.Service.sys that lac...

CVE-2025-63602

Summary: CVE-2025-63602 affects Awesome Miner up to v11.2.4. The root cause is an insecure WinRing0 driver (1.2.0.5, renamed IntelliBreeze.Maintenance.Service.sys) with an unsecured DACL, allowing unprivileged users to perform arbitrary reads/writes to kernel memory and MSRs (including LSTAR). Th...

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-49878)

resource: Because drivers/dax/kmem.c calls addmemorydrivermanaged during onlining CXL memory, which makes System RAM kmem a descendant of CXL Window X. This confuses regionintersects, which expects all System RAM resources to be at the top level of iomemresource. This plugin only works with...

PT-2025-47330

Name of the Vulnerable Software and Affected Versions Awesome Miner versions through 11.2.4 Description A flaw exists in Awesome Miner that permits unauthorized read and write access to kernel memory and Model Specific Registers MSRs, including LSTAR, even for users without administrative...

Siemens SCALANCE and RUGGEDCOM Devices Access of Uninitialized Pointer (CVE-2024-57874)

arm64: ptrace: vulnerability due to an uninitialized variable in the taggedaddrctrlset function, leading to potential memory leakage from the kernel stack when a zero-length SETREGSET call is made, exposing up to 64 bits of memory. This plugin only works with Tenable.ot. Please visit...

EUVD-2025-198044

A vulnerability was discovered in Awesome Miner thru 11.2.4 that allows arbitrary read and write to kernel memory and MSRs such as LSTAR as an unprivileged user. This is due to the implementation of an insecure version of WinRing0 1.2.0.5, renamed to IntelliBreeze.Maintenance.Service.sys that lac...

OESA-2025-2659 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: misc: tifm: fix possible memory leak in tifm7xx1switchmedia If deviceregister returns error in tifm7xx1switchmedia, name of kobject which is allocated in...

SUSE CVE-2025-40183

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix metadatadst leak bpfredirectneighv4,6 Cilium has a BPF egress gateway feature which forces outgoing K8s Pod traffic to pass through dedicated egress gateways which then SNAT the traffic in order to interact with stable I...

PT-2026-1239

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the s390/fpu component related to false-positive Kernel Memory Sanitizer KMSAN reports within the fpu vstl function. This occurs because the 'vstl'...

EUVD-2025-150369

In the Linux kernel, the following vulnerability has been resolved: btrfs: avoid potential out-of-bounds in btrfsencodefh The function btrfsencodefh does not properly account for the three cases it handles. Before writing to the file handle fh, the function only returns to the user...

EUVD-2025-150391

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix metadatadst leak bpfredirectneighv4,6 Cilium has a BPF egress gateway feature which forces outgoing K8s Pod traffic to pass through dedicated egress gateways which then SNAT the traffic in order to interact with stable I...

DEBIAN-CVE-2025-40189

In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: Fix lost EEPROM read timeout error-ETIMEDOUT in lan78xxreadraweeprom Syzbot reported read of uninitialized variable BUG with following call stack. lan78xx 8-1:1.0 unnamed netdevice uninitialized: EEPROM read...

CVE-2025-40183 bpf: Fix metadata_dst leak __bpf_redirect_neigh_v{4,6}

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix metadatadst leak bpfredirectneighv4,6 Cilium has a BPF egress gateway feature which forces outgoing K8s Pod traffic to pass through dedicated egress gateways which then SNAT the traffic in order to interact with stable I...

kernel: mm: kmem: fix a NULL pointer dereference in obj_stock_flush_required()

A null pointer dereference exists in the linux kernel such that in objstockflushrequired:stock-cachedobjcg can be reset between the check and dereference, resulting in damage to the availability of the system...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990813)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990813 advisory. In the Linux kernel, the following vulnerability has been resolved: siox: fix possible memory leak in sioxdeviceadd If deviceregister returns error in sioxdeviceadd,...