PT-2025-3034 · Apple · Xnu Kernel +3

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 15.2 iOS versions prior to 18.2 iPadOS versions prior to 18.2 Description: A type confusion issue was addressed with improved memory handling. An attacker with user privileges may be able to read kernel memory due to...

The vulnerability of the kernel component of the Linux operating system, which allows a hacker to cause a service failure

The vulnerability of the kernel component of the Linux operating system is related to the lack of memory release after the effective lifespan of the component. Exploiting this vulnerability can allow an attacker to cause a service failure...

PT-2025-3035 · Apple · Macos Sonoma +2

Name of the Vulnerable Software and Affected Versions: macOS Sonoma versions prior to 14.7.2 macOS Sonoma versions prior to 14.7.3 macOS Sequoia versions prior to 15.2 Description: An out-of-bounds write issue was addressed with improved input validation. This issue may allow an app to cause...

PT-2024-31072

Name of the Vulnerable Software and Affected Versions: iPadOS versions prior to 17.7.3 visionOS versions prior to 2.2 macOS Sequoia versions prior to 15.2 iOS versions prior to 18.2 iPadOS versions prior to 18.2 macOS Sonoma versions prior to 14.7.2 Description: The issue was addressed with...

kernel: mm/shmem: disable PMD-sized page cache if needed

A denial of service vulnerability was found in the Linux Kernel. In architectures such as ARM64 where the base page size is 64KB, a 512MB page cache could lead to a software crash...

The vulnerability of the btrfs component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the btrfs component in Linux operating systems is related to the lack of memory release after the effective lifespan of the component has ended. Exploiting this vulnerability can allow an attacker to cause a service failure...

PT-2024-25081 · Qualcomm · Qualcomm Snapdragon Auto To Xr2 5G Platform

Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon Auto to XR2 5G Platform affected versions not specified Description: The issue involves memory corruption when analyzing sensor packets in the camera driver. A user-space variable is used while allocating memory in the...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets, which stems from a possible memory corruption when parsing sensor packets from a camera driver, if user-space variables are used for kernel-space memory allocation and...

CVE-2024-43702 GPU DDK - MLIST/PM render state buffers writable allowing arbitrary writes to kernel memory pages

Software installed and run as a non-privileged user may conduct improper GPU system calls to allow unprivileged access to arbitrary physical memory page...

CVE-2024-43702 GPU DDK - MLIST/PM render state buffers writable allowing arbitrary writes to kernel memory pages

Software installed and run as a non-privileged user may conduct improper GPU system calls to allow unprivileged access to arbitrary physical memory page...

CVE-2024-53097 mm: krealloc: Fix MTE false alarm in __do_krealloc

In the Linux kernel, the following vulnerability has been resolved: mm: krealloc: Fix MTE false alarm in dokrealloc This patch addresses an issue introduced by commit 1a83a716ec233 "mm: krealloc: consider spare memory for GFPZERO" which causes MTE Memory Tagging Extension to falsely report a...

The vulnerability of the nf_tables component in the Linux operating system’s kernel allows a hacker to increase their privileges within the system.

The vulnerability of the nftables component in the Linux operating system’s kernel is related to memory-related errors that occur after the release of resources in the nftablesmoduleexit function. Exploiting this vulnerability can allow an attacker to gain elevated privileges within the system...

The vulnerability of the SUNRPC component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the SUNRPC component in the Linux operating system’s kernel is related to a memory leak in the svctcpsendmsg function. Exploiting this vulnerability can allow an attacker to cause a service failure...

DEBIAN-CVE-2024-53049

In the Linux kernel, the following vulnerability has been resolved: slub/kunit: fix a WARNING due to unwrapped kmalloccachenoprof 'modprobe slubkunit' will have a warning as shown below. The root cause is that kmalloccachenoprof was directly used, which resulted in no alloctag being allocated. Th...

UBUNTU-CVE-2024-53066

In the Linux kernel, the following vulnerability has been resolved: nfs: Fix KMSAN warning in decodegetfattrattrs Fix the following KMSAN warning: CPU: 1 UID: 0 PID: 7651 Comm: cp Tainted: G B Tainted: B=BADPAGE Hardware name: QEMU Standard PC Q35 + ICH9, 2009...

CVE-2024-50302

In the Linux kernel, the following vulnerability has been resolved: HID: core: zero-initialize the report buffer Since the report buffer is used by all kinds of drivers in various ways, let's zero-initialize it during allocation to make sure that it can't be ever used to leak kernel memory via...

CVE-2024-50302 HID: core: zero-initialize the report buffer

In the Linux kernel, the following vulnerability has been resolved: HID: core: zero-initialize the report buffer Since the report buffer is used by all kinds of drivers in various ways, let's zero-initialize it during allocation to make sure that it can't be ever used to leak kernel memory via...

PT-2024-10645 · Mediatek · Mediatek Audio Driver

Name of the Vulnerable Software and Affected Versions: MediaTek audio driver affected versions not specified Description: The issue is related to a missing bounds check in the mtkscoaudio debugfs, combined with weakened SELinux policies. This could allow for an arbitrary kernel memory write,...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the presence of a KMSAN warning in the decodegetfattrattrs function...

CLSA-2024-1731606243 Fix of 67 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-42265 - protect the fetch of -fdfd in dodup2 from mispredictions CVE-url: https://ubuntu.com/security/CVE-2024-47669 - nilfs2: fix state management in error path of log writing function CVE-url: https://ubuntu.com/security/CVE-2023-52918 - media: pci:...