CVE-2023-54126

CVE-2023-54126 : Linux kernel crypto_safexcel vulnerability where a failed safexcel driver load leaves IRQ affinity/workqueues uncleared, causing a boot-time warning. The fix cleans up the IRQ affinity and workqueues on load failure, per the vulnerability description and vendor advisories. Connec...

CVE-2022-50765 RISC-V: kexec: Fix memory leak of elf header buffer

In the Linux kernel, the following vulnerability has been resolved: RISC-V: kexec: Fix memory leak of elf header buffer This is reported by kmemleak detector: unreferenced object 0xff2000000403d000 size 4096: comm "kexec", pid 146, jiffies 4294900633 age 64.792s hex dump first 32 bytes: 7f 45 4c ...

CVE-2022-50765

CVE-2022-50765 affects the Linux kernel (RISC‑V) in the kexec path. The root cause is a memory leak: a buffer used to store ELF headers is allocated with vzalloc() during elf_kexec_load and is not freed when the kdump kernel is reloaded/unloaded or when image->elf_header is set and loading sub...

CVE-2022-50701

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921s: fix slab-out-of-bounds access in sdio host SDIO may need addtional 511 bytes to align bus operation. If the tailroom of this skb is not big enough, we would access invalid memory region. For low level...

UBUNTU-CVE-2023-53998

In the Linux kernel, the following vulnerability has been resolved: hwrng: virtio - Fix race on dataavail and actual data The virtio rng device kicks off a new entropy request whenever the data available reaches zero. When a new request occurs at the end of a read operation, that is, when the...

CVE-2023-53998

In the Linux kernel, the following vulnerability has been resolved: hwrng: virtio - Fix race on dataavail and actual data The virtio rng device kicks off a new entropy request whenever the data available reaches zero. When a new request occurs at the end of a read operation, that is, when the...

CVE-2023-54000 net: hns3: fix deadlock issue when externel_lb and reset are executed together

In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix deadlock issue when externellb and reset are executed together When externellb and reset are executed together, a deadlock may occur: 3147.217009 INFO: task kworker/u321:0:7 blocked for more than 120 seconds...

CVE-2023-54000 net: hns3: fix deadlock issue when externel_lb and reset are executed together

In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix deadlock issue when externellb and reset are executed together When externellb and reset are executed together, a deadlock may occur: 3147.217009 INFO: task kworker/u321:0:7 blocked for more than 120 seconds...

CVE-2025-68350 exfat: fix divide-by-zero in exfat_allocate_bitmap

In the Linux kernel, the following vulnerability has been resolved: exfat: fix divide-by-zero in exfatallocatebitmap The variable maxracount can be 0 in exfatallocatebitmap, which causes a divide-by-zero error in the subsequent modulo operation i % maxracount, leading to a system crash. When...

CVE-2025-68350 exfat: fix divide-by-zero in exfat_allocate_bitmap

In the Linux kernel, the following vulnerability has been resolved: exfat: fix divide-by-zero in exfatallocatebitmap The variable maxracount can be 0 in exfatallocatebitmap, which causes a divide-by-zero error in the subsequent modulo operation i % maxracount, leading to a system crash. When...

EUVD-2025-204972

Tencent NeuralNLP-NeuralClassifier loadcheckpoint Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tencent NeuralNLP-NeuralClassifier. User interaction is required to exploit th...

SUSE CVE-2025-68480

Marshmallow is a lightweight library for converting complex objects to and from simple Python datatypes. In versions from 3.0.0rc1 to before 3.26.2 and from 4.0.0 to before 4.1.2, Schema.loaddata, many=True is vulnerable to denial of service attacks. A moderately sized request can consume a...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to clean up the ring interrupt work queue and affinity on a load failure, which could lead to...

PT-2025-53117

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the configfs create dir function that can lead to a memory leak. The issue arises from an incorrect reference count within the configfs make dirent...

PT-2025-53046

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s RDMA/bnxt re component related to handling completions after queue pair QP destruction. Hardware may generate completions even after a QP is destroyed...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from improper locking during concurrent execution of external load balancing and reset operations, which could...

Deserialization of Untrusted Data

Overview langchain-core is a Building applications with LLMs through composability Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the dumps and dumpd functions when user-controlled data containing the lc key is serialized and later deserialized. This key...

CVE-2025-14498

TradingView Desktop Electron Uncontrolled Search Path Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of TradingView Desktop. An attacker must first obtain the ability to execute low-privileged code on the target...

CVE-2025-13713

Tencent Hunyuan3D-1 loadpretrained Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tencent Hunyuan3D-1. User interaction is required to exploit this vulnerability in that the...

CVE-2025-13708

CVE-2025-13708 affects Tencent NeuralNLP-NeuralClassifier. The vulnerability is in the _load_checkpoint function, where unvalidated deserialization of untrusted data can lead to remote code execution. Exploitation requires user interaction (visiting a malicious page or opening a malicious file), ...