4609 matches found
Linux Distros Unpatched Vulnerability : CVE-2022-48727
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Avoid consuming a stale esr value when SError occur When any exception other tha...
Linux Distros Unpatched Vulnerability : CVE-2023-52606
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - powerpc/lib: Validate size for vector operations Some of the fp/vmx code in sstep.c assume a certain maximum size for the instructions being emulated. The size ...
Linux Distros Unpatched Vulnerability : CVE-2024-42313
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: venus: fix use after free in vdecclose There appears to be a possible use after free with vdecclose. The firmware will add buffer release work to the wor...
Linux Distros Unpatched Vulnerability : CVE-2021-47281
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ALSA: seq: Fix race of sndseqtimeropen The timer instance per queue is exclusive, and sndseqtimeropen should have managed the concurrent accesses. It looks as i...
Linux Distros Unpatched Vulnerability : CVE-2024-44932
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - idpf: fix UAFs when destroying the queues The second tagged commit started sometimes very rarely, but possible throwing WARNs from...
Google's March 2025 Android Security Update Fixes Two Actively Exploited Vulnerabilities
Google has released its monthly Android Security Bulletin for March 2025 to address a total of 44 vulnerabilities, including two that it said have come under active exploitation in the wild. The two high-severity vulnerabilities are listed below - CVE-2024-43093 - A privilege escalation flaw in...
Linux Distros Unpatched Vulnerability : CVE-2014-9419
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The switchto function in arch/x86/kernel/process64.c in the Linux kernel through 3.18.1 does not ensure that Thread Local Storage TLS descriptors are loaded...
Linux Distros Unpatched Vulnerability : CVE-2016-7916
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Race condition in the environread function in fs/proc/base.c in the Linux kernel before 4.5.4 allows local users to obtain sensitive information from kernel...
Linux Distros Unpatched Vulnerability : CVE-2018-7273
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel through 4.15.4, the floppy driver reveals the addresses of kernel functions and global variables using printk calls within the function...
Linux Distros Unpatched Vulnerability : CVE-2018-1120
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found affecting the Linux kernel before version 4.17. By mmaping a FUSE-backed file onto a process's memory containing command line arguments or...
Linux Distros Unpatched Vulnerability : CVE-2019-11884
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The dohidpsockioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from...
Linux Distros Unpatched Vulnerability : CVE-2013-1796
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The kvmsetmsrcommon function in arch/x86/kvm/x86.c in the Linux kernel through 3.8.4 does not ensure a required timepage alignment during an MSRKVMSYSTEMTIME...
Linux Distros Unpatched Vulnerability : CVE-2019-10638
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel before 5.1.7, a device can be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols e.g., UDP and...
Linux Distros Unpatched Vulnerability : CVE-2011-4127
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Linux kernel before 3.2.2 does not properly restrict SGIO ioctl calls, which allows local users to bypass intended restrictions on disk read and write...
OESA-2025-1204 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: bpf: Prevent tailcall infinite loop caused by freplace There is a potential infinite loop issue that can occur when using a combination of tail calls and freplac...
OESA-2025-1202 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmode should keep reference to parent The altmode device release refers to its parent device, but without keeping a reference to it. When registeri...
CVE-2022-49232
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix a NULL pointer dereference in amdgpudmconnectoraddcommonmodes In amdgpudmconnectoraddcommonmodes, amdgpudmcreatecommonmode is assigned to mode and is passed to drmmodeprobedadd directly after that...
SUSE CVE-2025-21753
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free when attempting to join an aborted transaction When we are trying to join the current transaction and if it's aborted, we read its 'aborted' field after unlocking fsinfo-translock and without holding any...
SUSE CVE-2025-21777
In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Validate the persistent meta data subbuf array The meta data for a mapped ring buffer contains an array of indexes of all the subbuffers. The first entry is the reader page, and the rest of the entries lay out the...
kernel security update
5.14.0-503.26.15.OL9 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...