PT-2025-41099

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.2.0-rc2-00320-g1f5abbd77e2c Description A stack overflow can occur due to the rcu irq enter check tick function being probed. Registering a kprobe on this function can lead to a kernel stack overflow when CONFI...

EUVD-2022-44970

Malicious code in bioql PyPI...

EUVD-2022-25642

Malicious code in bioql PyPI...

EUVD-2022-34665

Malicious code in bioql PyPI...

CVE-2023-53428 powercap: arm_scmi: Remove recursion while parsing zones

In the Linux kernel, the following vulnerability has been resolved: powercap: armscmi: Remove recursion while parsing zones Powercap zones can be defined as arranged in a hierarchy of trees and when registering a zone with powercapregisterzone, the kernel powercap subsystem expects this to happen...

Linux Distros Unpatched Vulnerability : CVE-2017-17806

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The HMAC implementation crypto/hmac.c in the Linux kernel before 4.14.8 does not validate that the underlying cryptographic hash algorithm is unkeyed, allowing ...

Linux Distros Unpatched Vulnerability : CVE-2021-46931

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Wrap the tx reporter dump callback to extract the sq Function mlx5etxreporterdump...

CVE-2024-56695 drm/amdkfd: Use dynamic allocation for CU occupancy array in 'kfd_get_cu_occupancy()'

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Use dynamic allocation for CU occupancy array in 'kfdgetcuoccupancy' The kfdgetcuoccupancy function previously declared a large cuoccupancy array as a local variable, which could lead to stack overflows due to excessi...

PT-2024-37005 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue concerns the kfd get cu occupancy function, which previously declared a large cu occupancy array as a local variable. This could lead to stack overflows due to excessive stac...

Kernel: stack overflow problem in open vswitch kernel module leading to dos

...

CVE-2024-38575

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: pcie: handle randbuf allocation failure The kzalloc in brcmfpciedownloadfwnvram will return null if the physical memory has run out. As a result, if we use getrandombytes to generate random bytes in the randbuf, t...

CVE-2024-38575 wifi: brcmfmac: pcie: handle randbuf allocation failure

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: pcie: handle randbuf allocation failure The kzalloc in brcmfpciedownloadfwnvram will return null if the physical memory has run out. As a result, if we use getrandombytes to generate random bytes in the randbuf, t...

kernel: rcu: Avoid stack overflow due to __rcu_irq_enter_check_tick() being kprobe-ed

In the Linux kernel, the following vulnerability has been resolved: rcu: Avoid stack overflow due to rcuirqenterchecktick being kprobe-ed Registering a kprobe on rcuirqenterchecktick can cause kernel stack overflow as shown below. This issue can be reproduced by enabling CONFIGNOHZFULL and bootin...

openSUSE: Security Advisory for the Linux Kernel RT (Live Patch 3 for SLE 15 SP5) (SUSE-SU-2023:3806-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Stack overflow

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Wrap the tx reporter dump callback to extract the sq Function mlx5etxreporterdumpsq casts its void argument to struct mlx5etxqsq , but in TX-timeout-recovery flow the argument is actually of type struct mlx5etxtimeoutc...

CVE-2021-46931

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Wrap the tx reporter dump callback to extract the sq Function mlx5etxreporterdumpsq casts its void argument to struct mlx5etxqsq , but in TX-timeout-recovery flow the argument is actually of type struct mlx5etxtimeoutc...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-3359)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2023:3773-1 Security update for the Linux Kernel RT (Live Patch 9 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-1504001540 fixes several issues. The following security issues were fixed: - CVE-2023-3776: Fixed improper refcount update in clsfw leads to use-after-free bsc1215119. - CVE-2023-4273: Fixed a flaw in the exFAT driver of the Linux kernel that alloawed a...

Fedora 37 : kernel (2023-d9509be489)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-d9509be489 advisory. The 6.4.10 stable kernel update contains a number of important fixes across the tree. Tenable has extracted the preceding description block directly...

CVE-2023-4273

A flaw was found in the exFAT driver of the Linux kernel. The vulnerability exists in the implementation of the file name reconstruction function, which is responsible for reading file name entries from a directory index and merging file name parts belonging to one file into a single long file...