95 matches found
CVE-2025-71093
In the Linux kernel, the following vulnerability has been resolved: e1000: fix OOB in e1000tbishouldaccept In e1000tbishouldaccept we read the last byte of the frame via 'datalength - 1' to evaluate the TBI workaround. If the descriptor- reported length is zero or larger than the actual RX buffer...
CVE-2025-71093 e1000: fix OOB in e1000_tbi_should_accept()
In the Linux kernel, the following vulnerability has been resolved: e1000: fix OOB in e1000tbishouldaccept In e1000tbishouldaccept we read the last byte of the frame via 'datalength - 1' to evaluate the TBI workaround. If the descriptor- reported length is zero or larger than the actual RX buffer...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992383)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992383 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf: make sure skb-len != 0 when redirecting to a tunneling device syzkaller managed to trigger...
CVE-2022-50706
In the Linux kernel, the following vulnerability has been resolved: net/ieee802154: don't warn zero-sized rawsendmsg syzbot is hitting skbassertlen warning at devqueuexmit 1, for PFIEEE802154 socket's zero-sized rawsendmsg request is hitting devqueuexmit with skb-len == 0. Since PFIEEE802154...
SUSE CVE-2025-40106
In the Linux kernel, the following vulnerability has been resolved: comedi: fix divide-by-zero in comedibufmunge The comedibufmunge function performs a modulo operation async-mungechan %= async-cmd.chanlistlen without first checking if chanlistlen is zero. If a user program submits a command with...
CVE-2025-40106 comedi: fix divide-by-zero in comedi_buf_munge()
In the Linux kernel, the following vulnerability has been resolved: comedi: fix divide-by-zero in comedibufmunge The comedibufmunge function performs a modulo operation async-mungechan %= async-cmd.chanlistlen without first checking if chanlistlen is zero. If a user program submits a command with...
Linux Distros Unpatched Vulnerability : CVE-2025-40009
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/proc/taskmmu: check p-vecbuf for NULL When the PAGEMAPSCAN ioctl is invoked with veclen = 0 reaches pagemapscanbackoutrange, kernel panics with null-ptr-dere...
PT-2025-44599
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The comedi buf munge function in the Linux kernel is susceptible to a divide-by-zero error. This occurs when the function performs a modulo operation async-munge chan %= async-cmd.chanli...
SUSE CVE-2025-40009
In the Linux kernel, the following vulnerability has been resolved: fs/proc/taskmmu: check p-vecbuf for NULL When the PAGEMAPSCAN ioctl is invoked with veclen = 0 reaches pagemapscanbackoutrange, kernel panics with null-ptr-deref: 44.936808 Oops: general protection fault, probably for non-canonic...
UBUNTU-CVE-2025-40009
In the Linux kernel, the following vulnerability has been resolved: fs/proc/taskmmu: check p-vecbuf for NULL When the PAGEMAPSCAN ioctl is invoked with veclen = 0 reaches pagemapscanbackoutrange, kernel panics with null-ptr-deref: 44.936808 Oops: general protection fault, probably for non-canonic...
EUVD-2021-21088
Malware in sbrugna...
EUVD-2023-37290
Malicious code in bioql PyPI...
PT-2025-40102
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s i2c subsystem, specifically within the rtl9300 driver. The issue stems from a missing check on the data length during i2c transfers. A data length of ...
PT-2025-42778
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.17.0-rc6 Description The Linux kernel contains a flaw within the fs/proc/task mmu component. Specifically, a null pointer dereference can occur in pagemap scan backout range when the PAGEMAP SCAN ioctl is calle...
CVE-2023-53420
In the Linux kernel, the following vulnerability has been resolved: ntfs: Fix panic about slab-out-of-bounds caused by ntfslistxattr Here is a BUG report from syzbot: BUG: KASAN: slab-out-of-bounds in ntfslistea fs/ntfs3/xattr.c:191 inline BUG: KASAN: slab-out-of-bounds in ntfslistxattr+0x401/0x5...
CVE-2023-53420
CVE-2023-53420 affects the Linux kernel NTFS code path. The issue arises in ntfs_listxattr() (fs/ntfs3/xattr.c) where slab-out-of-bounds access could occur due to incorrect handling in the ea_all iteration when aea->name_len is 0, potentially reading invalid memory during listxattr(). The vend...
CVE-2023-53420 ntfs: Fix panic about slab-out-of-bounds caused by ntfs_listxattr()
In the Linux kernel, the following vulnerability has been resolved: ntfs: Fix panic about slab-out-of-bounds caused by ntfslistxattr Here is a BUG report from syzbot: BUG: KASAN: slab-out-of-bounds in ntfslistea fs/ntfs3/xattr.c:191 inline BUG: KASAN: slab-out-of-bounds in ntfslistxattr+0x401/0x5...
Linux Distros Unpatched Vulnerability : CVE-2022-50253
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: make sure skb-len != 0 when redirecting to a tunneling device syzkaller managed to trigger another case where skb-len == 0 when we enter devqueuexmit:...
DEBIAN-CVE-2023-53220
In the Linux kernel, the following vulnerability has been resolved: media: az6007: Fix null-ptr-deref in az6007i2cxfer In az6007i2cxfer, msg is controlled by user. When msgi.buf is null and msgi.len is zero, former checks on msgi.buf would be passed. Malicious data finally reach az6007i2cxfer. If...
CVE-2022-50253
CVE-2022-50253 is a Linux kernel issue where bpf code did not ensure skb->len was non-zero when redirecting to a tunneling device, leading to a length underflow/invalid skb handling path after __skb_pull in certain redirect paths. The vulnerability is exploited via BPF/XDP filtering paths that...