4605 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-52880
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: require CAPNETADMIN to attach NGSM0710 ldisc Any unprivileged user can attach...
Google's March 2025 Android Security Update Fixes Two Actively Exploited Vulnerabilities
Google has released its monthly Android Security Bulletin for March 2025 to address a total of 44 vulnerabilities, including two that it said have come under active exploitation in the wild. The two high-severity vulnerabilities are listed below - CVE-2024-43093 - A privilege escalation flaw in...
Linux Distros Unpatched Vulnerability : CVE-2018-7273
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel through 4.15.4, the floppy driver reveals the addresses of kernel functions and global variables using printk calls within the function...
Linux Distros Unpatched Vulnerability : CVE-2016-7916
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Race condition in the environread function in fs/proc/base.c in the Linux kernel before 4.5.4 allows local users to obtain sensitive information from kernel...
Linux Distros Unpatched Vulnerability : CVE-2018-1120
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found affecting the Linux kernel before version 4.17. By mmaping a FUSE-backed file onto a process's memory containing command line arguments or...
Linux Distros Unpatched Vulnerability : CVE-2014-9419
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The switchto function in arch/x86/kernel/process64.c in the Linux kernel through 3.18.1 does not ensure that Thread Local Storage TLS descriptors are loaded...
Linux Distros Unpatched Vulnerability : CVE-2019-10638
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel before 5.1.7, a device can be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols e.g., UDP and...
Linux Distros Unpatched Vulnerability : CVE-2019-11884
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The dohidpsockioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from...
Linux Distros Unpatched Vulnerability : CVE-2013-1796
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The kvmsetmsrcommon function in arch/x86/kvm/x86.c in the Linux kernel through 3.8.4 does not ensure a required timepage alignment during an MSRKVMSYSTEMTIME...
Linux Distros Unpatched Vulnerability : CVE-2011-4127
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Linux kernel before 3.2.2 does not properly restrict SGIO ioctl calls, which allows local users to bypass intended restrictions on disk read and write...
OESA-2025-1204 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: bpf: Prevent tailcall infinite loop caused by freplace There is a potential infinite loop issue that can occur when using a combination of tail calls and freplac...
OESA-2025-1202 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmode should keep reference to parent The altmode device release refers to its parent device, but without keeping a reference to it. When registeri...
CVE-2022-49232
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix a NULL pointer dereference in amdgpudmconnectoraddcommonmodes In amdgpudmconnectoraddcommonmodes, amdgpudmcreatecommonmode is assigned to mode and is passed to drmmodeprobedadd directly after that...
SUSE CVE-2025-21753
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free when attempting to join an aborted transaction When we are trying to join the current transaction and if it's aborted, we read its 'aborted' field after unlocking fsinfo-translock and without holding any...
SUSE CVE-2025-21777
In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Validate the persistent meta data subbuf array The meta data for a mapped ring buffer contains an array of indexes of all the subbuffers. The first entry is the reader page, and the rest of the entries lay out the...
kernel security update
5.14.0-503.26.15.OL9 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...
CVE-2025-21809 rxrpc, afs: Fix peer hash locking vs RCU callback
In the Linux kernel, the following vulnerability has been resolved: rxrpc, afs: Fix peer hash locking vs RCU callback In its address list, afs now retains pointers to and refs on one or more rxrpcpeer objects. The address list is freed under RCU and at this time, it puts the refs on those peers...
CVE-2025-21805 RDMA/rtrs: Add missing deinit() call
In the Linux kernel, the following vulnerability has been resolved: RDMA/rtrs: Add missing deinit call A warning is triggered when repeatedly connecting and disconnecting the rnbd: listadd corruption. prev-next should be next ffff88800b13e480, but was ffff88801ecd1338. prev=ffff88801ecd1340...
CVE-2025-21755
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2025-21787 team: better TEAM_OPTION_TYPE_STRING validation
In the Linux kernel, the following vulnerability has been resolved: team: better TEAMOPTIONTYPESTRING validation syzbot reported following splat 1 Make sure user-provided data contains one nul byte. 1 BUG: KMSAN: uninit-value in stringnocheck lib/vsprintf.c:633 inline BUG: KMSAN: uninit-value in...