CVE-2025-40329

In the Linux kernel, the following vulnerability has been resolved: drm/sched: Fix deadlock in drmschedentitykilljobscb The Mesa issue referenced below pointed out a possible deadlock: 1231.611031 Possible interrupt unsafe locking scenario: 1231.611033 CPU0 CPU1 1231.611034 ---- ---- 1231.611035...

CVE-2025-40329 drm/sched: Fix deadlock in drm_sched_entity_kill_jobs_cb

In the Linux kernel, the following vulnerability has been resolved: drm/sched: Fix deadlock in drmschedentitykilljobscb The Mesa issue referenced below pointed out a possible deadlock: 1231.611031 Possible interrupt unsafe locking scenario: 1231.611033 CPU0 CPU1 1231.611034 ---- ---- 1231.611035...

CVE-2025-40329

In the Linux kernel, the following vulnerability has been resolved: drm/sched: Fix deadlock in drmschedentitykilljobscb The Mesa issue referenced below pointed out a possible deadlock: 1231.611031 Possible interrupt unsafe locking scenario: 1231.611033 CPU0 CPU1 1231.611034 ---- ---- 1231.611035...

CVE-2025-40329

The CVE-2025-40329 entry documents a deadlock in the Linux kernel’s DRM scheduler, specifically in drm_sched_entity_kill_jobs_cb. The issue arises when a fence callback (executed in interrupt context) tries to acquire dma_fence/additional locks while another CPU holds xa_lock, creating a potentia...

CVE-2025-40329 drm/sched: Fix deadlock in drm_sched_entity_kill_jobs_cb

In the Linux kernel, the following vulnerability has been resolved: drm/sched: Fix deadlock in drmschedentitykilljobscb The Mesa issue referenced below pointed out a possible deadlock: 1231.611031 Possible interrupt unsafe locking scenario: 1231.611033 CPU0 CPU1 1231.611034 ---- ---- 1231.611035...

kprobes: Fix check for probe enabled in kill_kprobe()

...

@abtnode/blocklet-services (>=1.16.6 <=1.17.12-beta-20260422-093007-b389a838), @abtnode/cli (>=1.0.0 <=1.16.34-beta-20241113-102431-65542b84) +125 more potentially affected by unknown CVE via kill-port (>=2.0.0 <=2.0.1)

kill-port NPM version =2.0.0, =1.16.6, =1.0.0, =1.16.6, =0.0.0-beta.0, =0.0.0, =2.49.0, =1.0.0, =1.2.1, =1.16.6, =1.1.3, =2.6.0, =1.0.0, =0.1.1, =0.2.8, =0.2.10 and more Source cves: unknown CVE Source advisory: OSV:MAL-2025-191116...

EUVD-2025-199220

Malicious code in kill-port npm...

Malicious code in kill-port (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector da8762d3a240cbf5a33e4b613b2ea601d5515824da362b82eed4b5095baa7b8c The package kill-port was found to contain malicious code. Source: ghsa-malware 12e6ea3a28f8e792e2cac11bd7aa1651eed2f77b6468a8d9aa43567dc9e95bbd Any...

Embedded Malicious Code

Overview kill-port is a Kills the process running on given port. Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The...

@abtnode/blocklet-services (>=1.16.6 <=1.17.12-beta-20260422-093007-b389a838), @abtnode/cli (>=1.0.0 <=1.16.34-beta-20241113-102431-65542b84) +125 more potentially affected by unknown CVE via kill-port (>=2.0.0 <=2.0.1)

kill-port NPM version =2.0.0, =1.16.6, =1.0.0, =1.16.6, =0.0.0-beta.0, =0.0.0, =2.49.0, =1.0.0, =1.2.1, =1.16.6, =1.1.3, =2.6.0, =1.0.0, =0.1.1, =0.2.8, =0.2.10 and more Source cves: unknown CVE Source advisory: SNYK:JS-KILLPORT-14103850...

Zero-Day Zero: The AI Attack That Just Ended the Era of the Forgiving Internet

Why the Exploit Window Has Collapsed and How CISOs Must Pivot to Survive For decades, cybersecurity was a game of time. We banked on the buffer between a vulnerability’s disclosure and its widespread exploitation. We relied on the forgiving internet, where human attackers needed days or weeks to...

EUVD-2025-147059

Malicious code in uinsnu-lotimi-kill npm...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989780)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989780 advisory. In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix hang in usbkillurb by adding memory barriers The syzbot fuzzer has identified a b...

Improper Authentication Exposure

github.com/chaos-mesh/chaos-mesh is vulnerable to improper authentication exposure. The vulnerability is due to the Chaos Controller Manager exposing an unauthenticated GraphQL debugging server to the entire Kubernetes cluster, which allows an attacker to kill arbitrary processes in any pod...

Recommended update of flake-pilot (moderate)

openSUSE security update: recommended update of flake-pilot ------------------------------------------------------------- Announcement ID: openSUSE-SU-2025-20000-1 Rating: moderate References: bsc1248004 Cross-References: CVE-2025-55159 CVSS scores: CVE-2025-55159 SUSE : 5.8...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: ACPI: APEI: send SIGBUS to current task if synchronous memory error not recovered If a synchronous error is detected as a result of user-space process triggering a 2-bit uncorrected error, the CPU will take a synchronous error...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: drm/scheduler: signal scheduled fence when kill job When an entity from application B is killed, drmschedentitykill removes all jobs belonging to that entity through drmschedentitykilljobswork. If application A's job depends on a...

EUVD-2019-12031

Malware in sbrugna...

EUVD-2000-0985

Malware in sbrugna...