CVE-2025-68299

In the Linux kernel, the following vulnerability has been resolved: afs: Fix delayed allocation of a cell's anonymous key The allocation of a cell's anonymous key is done in a background thread along with other cell setup such as doing a DNS upcall. In the reported bug, this is triggered by...

CVE-2025-68299 afs: Fix delayed allocation of a cell's anonymous key

In the Linux kernel, the following vulnerability has been resolved: afs: Fix delayed allocation of a cell's anonymous key The allocation of a cell's anonymous key is done in a background thread along with other cell setup such as doing a DNS upcall. In the reported bug, this is triggered by...

PT-2025-51703

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to the allocation of a cell's anonymous key within the AFS Andrew File System subsystem. Specifically, the issue arises from delayed allocation ...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987706)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987706 advisory. In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix flow memory leak in ovsflowcmdnew Syzkaller reports a memory leak of newflo...

EUVD-2023-45838

Malicious code in bioql PyPI...

EUVD-2023-59743

Malicious code in bioql PyPI...

CVE-2025-38402

The CVE concerns the Linux kernel IDPF driver RSS handling. The vulnerability arises when RSS is not supported: the code returns a 0 RSS key size, while a -EOPNOTSUPP path may be cast to a 32-bit size, potentially producing an invalid allocation size. This can lead to an allocation failure on sys...

CVE-2025-38402 idpf: return 0 size for RSS key if not supported

In the Linux kernel, the following vulnerability has been resolved: idpf: return 0 size for RSS key if not supported Returning -EOPNOTSUPP from function returning u32 is leading to cast and invalid size value as a result. -EOPNOTSUPP as a size probably will lead to allocation fail. Command: ethto...

DEBIAN-CVE-2023-52977

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix flow memory leak in ovsflowcmdnew Syzkaller reports a memory leak of newflow in ovsflowcmdnew as it is not freed when an allocation of a key fails. BUG: memory leak unreferenced object 0xffff888116668000 siz...

CVE-2023-52977 net: openvswitch: fix flow memory leak in ovs_flow_cmd_new

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix flow memory leak in ovsflowcmdnew Syzkaller reports a memory leak of newflow in ovsflowcmdnew as it is not freed when an allocation of a key fails. BUG: memory leak unreferenced object 0xffff888116668000 siz...

CVE-2023-52977

CVE-2023-52977 is a kernel vulnerability in the Linux kernel’s net/openvswitch path where a memory leak occurs in ovs_flow_cmd_new when key allocation fails. The issue is triggered during netlink/genl handling as shown in the provided trace, and the remediation described in the patch is to reorde...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates from a memory leak caused by the net openvswitch component failing to release newflow when it fails to...

kernel: net: openvswitch: fix flow memory leak in ovs_flow_cmd_new

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix flow memory leak in ovsflowcmdnew Syzkaller reports a memory leak of newflow in ovsflowcmdnew as it is not freed when an allocation of a key fails. BUG: memory leak unreferenced object 0xffff888116668000 siz...

kernel: net: openvswitch: fix flow memory leak in ovs_flow_cmd_new

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix flow memory leak in ovsflowcmdnew Syzkaller reports a memory leak of newflow in ovsflowcmdnew as it is not freed when an allocation of a key fails. BUG: memory leak unreferenced object 0xffff888116668000 siz...

CVE-2023-41325 OP-TEE double free in shdr_verify_signature

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.20 and prior to version 3.22, shdrverifysignature can make a double free. shdrverifysignature used to verify a TA...

The vulnerability of the wireless communication subsystem in the Linux kernel’s net/mac802154/llsec.c module, which allows a hacker to cause a service failure.

The vulnerability in the wireless communication subsystem of the Linux kernel’s net/mac802154/llsec.c module relates to the assignment of a null pointer in the llseckeyalloc function during network connection termination. Exploiting this vulnerability could allow an attacker to cause a service...

SUSE CVE-2007-0006

The key serial number collision avoidance code in the keyallocserial function in Linux kernel 2.6.9 up to 2.6.20 allows local users to cause a denial of service crash via vectors that trigger a null dereference, as originally reported as "spinlock CPU recursion."...

kernel: NULL pointer dereference in llsec_key_alloc() in net/mac802154/llsec.c

A NULL pointer dereference flaw was found in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. This flaw allows a local user to crash the system. The highest threat from this vulnerability is to system availability...

security flaw

The key serial number collision avoidance code in the keyallocserial function in Linux kernel 2.6.9 up to 2.6.20 allows local users to cause a denial of service crash via vectors that trigger a null dereference, as originally reported as "spinlock CPU recursion."...