Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990457)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990457 advisory. In the Linux kernel, the following vulnerability has been resolved: veth: Ensure eth header is in skb's linear part After feeding a decapsulated packet to a veth...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989194)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989194 advisory. In the Linux kernel, the following vulnerability has been resolved: veth: Ensure eth header is in skb's linear part After feeding a decapsulated packet to a veth...

Defeating KASLR by Doing Nothing at All

Posted by Seth Jenkins, Project Zero Introduction I've recently been researching Pixel kernel exploitation and as part of this research I found myself with an excellent arbitrary write primitive…but without a KASLR leak. As necessity is the mother of all invention, on a hunch, I started researchi...

CVE-2025-61723

The processing time for parsing some invalid inputs scales non-linearly with respect to the size of the input. This affects programs which parse untrusted PEM inputs. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product...

EUVD-2025-36736

The processing time for parsing some invalid inputs scales non-linearly with respect to the size of the input. This affects programs which parse untrusted PEM inputs...

EUVD-2025-36738

Due to the design of the name constraint checking algorithm, the processing time of some inputs scals non-linearly with respect to the size of the certificate. This affects programs which validate arbitrary certificate chains...

CVE-2025-61723

The processing time for parsing some invalid inputs scales non-linearly with respect to the size of the input. This affects programs which parse untrusted PEM inputs...

AZL-78913 CVE-2025-58187 affecting package golang 1.25.7-1

Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate. This affects programs which validate arbitrary certificate chains...

AZL-78919 CVE-2025-61723 affecting package golang 1.25.7-1

The processing time for parsing some invalid inputs scales non-linearly with respect to the size of the input. This affects programs which parse untrusted PEM inputs...

CVE-2025-58187

Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate. This affects programs which validate arbitrary certificate chains...

CVE-2025-61723

The processing time for parsing some invalid inputs scales non-linearly with respect to the size of the input. This affects programs which parse untrusted PEM inputs...

CVE-2025-58187

Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate. This affects programs which validate arbitrary certificate chains...

SUSE CVE-2025-40052

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix crypto buffers in non-linear memory The crypto API, through the scatterlist API, expects input buffers to be in linear memory. We handle this with the cifssgsetbuf helper that converts vmalloc'd memory to their...

Google Go encoding 安全漏洞

Google Go encoding is a code library from Google, Inc. that provides multiple forms of encoding for data based on the Go language. A security vulnerability exists in Google Go encoding that stems from a non-linear correlation between processing time and input size when parsing certain invalid...

AZL-68846 CVE-2025-40052 affecting package kernel for versions less than 6.6.112.1-2

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix crypto buffers in non-linear memory The crypto API, through the scatterlist API, expects input buffers to be in linear memory. We handle this with the cifssgsetbuf helper that converts vmalloc'd memory to their...

CVE-2025-40052

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix crypto buffers in non-linear memory The crypto API, through the scatterlist API, expects input buffers to be in linear memory. We handle this with the cifssgsetbuf helper that converts vmalloc'd memory to their...

UBUNTU-CVE-2025-40052

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix crypto buffers in non-linear memory The crypto API, through the scatterlist API, expects input buffers to be in linear memory. We handle this with the cifssgsetbuf helper that converts vmalloc'd memory to their...

CVE-2025-40052

CVE-2025-40052 (Linux kernel, SMB/CIFS crypto path) fixes a bug where aead_request context could end up in vmalloc memory, causing sg_set_buf() to crash when virt_addr_valid(buf) fails under heavy parallel I/O. Root cause: creq allocation used kvzalloc(), potentially placing __ctx in vmalloc area...

EUVD-2025-36476

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix crypto buffers in non-linear memory The crypto API, through the scatterlist API, expects input buffers to be in linear memory. We handle this with the cifssgsetbuf helper that converts vmalloc'd memory to their...

CVE-2025-40052 smb: client: fix crypto buffers in non-linear memory

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix crypto buffers in non-linear memory The crypto API, through the scatterlist API, expects input buffers to be in linear memory. We handle this with the cifssgsetbuf helper that converts vmalloc'd memory to their...