PT-2025-43010

Name of the Vulnerable Software and Affected Versions OpenWrt versions prior to 24.10.4 Description OpenWrt Project is a Linux operating system designed for embedded devices. A flaw exists where local users can read and write to arbitrary kernel memory using the ioctls of the ltq-ptm driver, whic...

UBUNTU-CVE-2025-40008

In the Linux kernel, the following vulnerability has been resolved: kmsan: fix out-of-bounds access to shadow memory Running sha224kunit on a KMSAN-enabled kernel results in a crash in kmsaninternalsetshadoworigin: BUG: unable to handle page fault for address: ffffbc3840291000 PF: supervisor read...

kernel: net: usb: smsc75xx: Limit packet length to skb->len

In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Limit packet length to skb-len Packet length retrieved from skb data may be larger than the actual socket buffer length up to 9026 bytes. In such case the cloned skb passed up the network stack will leak kerne...

PT-2025-52920

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the ntfs3 module related to uninitialized buffers allocated by the getname function. This issue can lead to uninitialized errors after buffer...

Security Bulletin: IBM Technical Suppport Appliance - possible security flaws in memory management leading to information disclosure or denial of service

Summary A flaw in the KASAN Kernel Address Sanitizer code may allow memory to be accessed that is already free and a flaw in Virtual Machine Communication Interface VMCI allowed uninitialized kernel memory to be exposed to userspace. Vulnerability Details CVEID:CVE-2022-49058 DESCRIPTION: In the...

Security Bulletin: possible security flaw in memory management

Summary A flaw in the KASAN Kernel Address Sanitizer code may allow memory to be accessed that is no longer used, potentially exposing security related information. Vulnerability Details CVEID:CVE-2022-50020 DESCRIPTION: In the Linux kernel, the following vulnerability has been resolved: ext4:...

EUVD-2023-59994

BYTEVALUE Intelligent Flow Control Router contains a command injection vulnerability via the /goform/webRead/open endpoint. The path parameter is not properly validated and is echoed into a shell context, allowing an attacker to inject and execute arbitrary shell commands on the device. Successfu...

EUVD-2022-55137

In the Linux kernel, the following vulnerability has been resolved: powerpc: Fix virtaddrvalid for 64-bit Book3E & 32-bit mpe: On 64-bit Book3E vmalloc space starts at 0x8000000000000000. Because of the way pa works we have: pa0x8000000000000000 == 0, and therefore virttopfn0x8000000000000000 == ...

EUVD-2022-55092

In the Linux kernel, the following vulnerability has been resolved: dm ioctl: prevent potential spectre v1 gadget It appears like cmd could be a Spectre v1 gadget as it's supplied by a user and used as an array index. Prevent the contents of kernel memory from being leaked to userspace via...

AlmaLinux 10 : kernel (ALSA-2025:15005)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:15005 advisory. kernel: udp: Fix memory accounting leak. CVE-2025-22058 kernel: netsched: hfsc: Fix a potential UAF in hfscdequeue too CVE-2025-37823 kernel: ext4: only...

HEVD

SMEP & kASLR Bypassing - HEVD x86 Kernel Exploit !Alt text...

Linux Distros Unpatched Vulnerability : CVE-2023-53614

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mm/ksm: fix race with VMA iteration and mmstruct teardown exitmmap will tear down the VMAs a...

Linux Distros Unpatched Vulnerability : CVE-2022-50439

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ASoC: mediatek: mt8173: Enable IRQ when pdata is ready If the device does not come straight from reset, we might receive an IRQ before we are ready to handle it...

RockyLinux 10 : kernel (RLSA-2025:15005)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:15005 advisory. kernel: udp: Fix memory accounting leak. CVE-2025-22058 kernel: netsched: hfsc: Fix a potential UAF in hfscdequeue too CVE-2025-37823 kernel: ext4: onl...

CVE-2023-53674 clk: Fix memory leak in devm_clk_notifier_register()

In the Linux kernel, the following vulnerability has been resolved: clk: Fix memory leak in devmclknotifierregister devmclknotifierregister allocates a devres resource for clk notifier but didn't register that to the device, so the notifier didn't get unregistered on device detach and the allocat...

CVE-2022-50545

In the Linux kernel, the following vulnerability has been resolved: r6040: Fix kmemleak in probe and remove There is a memory leaks reported by kmemleak: unreferenced object 0xffff888116111000 size 2048: comm "modprobe", pid 817, jiffies 4294759745 age 76.502s hex dump first 32 bytes: 00 c4 0a 04...

EUVD-2025-32817

In the Linux kernel, the following vulnerability has been resolved: r6040: Fix kmemleak in probe and remove There is a memory leaks reported by kmemleak: unreferenced object 0xffff888116111000 size 2048: comm "modprobe", pid 817, jiffies 4294759745 age 76.502s hex dump first 32 bytes: 00 c4 0a 04...

CVE-2023-53642 x86: fix clear_user_rep_good() exception handling annotation

In the Linux kernel, the following vulnerability has been resolved: x86: fix clearuserrepgood exception handling annotation This code no longer exists in mainline, because it was removed in commit d2c95f9d6802 "x86: don't use REPGOOD or ERMS for user memory clearing" upstream. However, rather tha...

CVE-2023-53640 ASoC: lpass: Fix for KASAN use_after_free out of bounds

In the Linux kernel, the following vulnerability has been resolved: ASoC: lpass: Fix for KASAN useafterfree out of bounds When we run syzkaller we get below Out of Bounds error. "KASAN: slab-out-of-bounds Read in regcacheflatread" Below is the backtrace of the issue: BUG: KASAN: slab-out-of-bound...

EUVD-2019-15177

Malware in sbrugna...