32 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: arm64: kexec: The kexecbuf structure was previously declared without initialization. The commit bf454ec31add “kexecfile: allow to place kexecbuf randomly” added a field that is always read but not consistently populated by all...
CVE-2026-43240
A flaw was found in the Linux kernel's x86/kexec component. When a second-stage kernel is booted with a memory-limiting command, the Integrity Measurement Architecture IMA kexec buffer may be located outside the accessible memory range. This can lead to a kernel panic, effectively causing a Denia...
CVE-2026-43240 x86/kexec: add a sanity check on previous kernel's ima kexec buffer
In the Linux kernel, the following vulnerability has been resolved: x86/kexec: add a sanity check on previous kernel's ima kexec buffer When the second-stage kernel is booted via kexec with a limiting command line such as "mem=", the physical range that contains the carried over IMA measurement...
CVE-2026-43240
In the Linux kernel, the following vulnerability has been resolved: x86/kexec: add a sanity check on previous kernel's ima kexec buffer When the second-stage kernel is booted via kexec with a limiting command line such as "mem=", the physical range that contains the carried over IMA measurement...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: x86/mm, kexec, ima: Use memblockfreelate from imafreekexecbuffer The code calling imafreekexecbuffer runs long after the memblock allocator has already been torn down, potentially resulting in a use after free in...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: The imagetkexecbuffer function does not check whether the ima-kexec-buffer of the previous kernel lies outside the addressable memory range. This can lead to a kernel panic if the new kernel is booted with the mem=X argument, and...
EUVD-2025-31847
A vulnerability was determined in code-projects Web-Based Inventory and POS System 1.0. The impacted element is an unknown function of the file /transaction.php. This manipulation of the argument shopid causes sql injection. The attack is possible to be carried out remotely. The exploit has been...
Linux Distros Unpatched Vulnerability : CVE-2025-39904
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: arm64: kexec: initialize kexecbuf struct in loadothersegments Patch series kexec: Fix invali...
EUVD-2022-55424
Malicious code in bioql PyPI...
CVE-2025-39904
In the Linux kernel, the following vulnerability has been resolved: arm64: kexec: initialize kexecbuf struct in loadothersegments Patch series "kexec: Fix invalid field access". The kexecbuf structure was previously declared without initialization. commit bf454ec31add "kexecfile: allow to place...
SUSE CVE-2025-39904
In the Linux kernel, the following vulnerability has been resolved: arm64: kexec: initialize kexecbuf struct in loadothersegments Patch series "kexec: Fix invalid field access". The kexecbuf structure was previously declared without initialization. commit bf454ec31add "kexecfile: allow to place...
CVE-2025-39904
In the Linux kernel, the following vulnerability has been resolved: arm64: kexec: initialize kexecbuf struct in loadothersegments Patch series "kexec: Fix invalid field access". The kexecbuf structure was previously declared without initialization. commit bf454ec31add "kexecfile: allow to place...
UBUNTU-CVE-2025-39904
In the Linux kernel, the following vulnerability has been resolved: arm64: kexec: initialize kexecbuf struct in loadothersegments Patch series "kexec: Fix invalid field access". The kexecbuf structure was previously declared without initialization. commit bf454ec31add "kexecfile: allow to place...
CVE-2025-39904 arm64: kexec: initialize kexec_buf struct in load_other_segments()
In the Linux kernel, the following vulnerability has been resolved: arm64: kexec: initialize kexecbuf struct in loadothersegments Patch series "kexec: Fix invalid field access". The kexecbuf structure was previously declared without initialization. commit bf454ec31add "kexecfile: allow to place...
CVE-2025-39904
Summary: The CVE-2025-39904 issue affects the Linux kernel’s kexec path for arm64 (and riscv per the patch set). A kexec_buf structure was previously declared without full initialization, and a field added by a prior patch could be read uninitialized on some architectures, triggering UBSAN invali...
PT-2025-40078
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue where the kexec buf structure was declared without initialization. This could lead to the use of uninitialized memory, triggering a UBSAN Undefined...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an uninitialized kexecbuf structure, which could lead to uninitialized memory usage...
Linux Distros Unpatched Vulnerability : CVE-2022-50159
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - of: check previous kernel's ima-kexec-buffer against memory bounds Presently imagetkexecbuffer doesn't check if the previous kernel's ima-kexec-buffer lies...
SUSE CVE-2022-50159
In the Linux kernel, the following vulnerability has been resolved: of: check previous kernel's ima-kexec-buffer against memory bounds Presently imagetkexecbuffer doesn't check if the previous kernel's ima-kexec-buffer lies outside the addressable memory range. This can result in a kernel panic i...
DEBIAN-CVE-2022-50159
In the Linux kernel, the following vulnerability has been resolved: of: check previous kernel's ima-kexec-buffer against memory bounds Presently imagetkexecbuffer doesn't check if the previous kernel's ima-kexec-buffer lies outside the addressable memory range. This can result in a kernel panic i...