1033 matches found
CVE-2023-54297 btrfs: zoned: fix memory leak after finding block group with super blocks
In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: fix memory leak after finding block group with super blocks At excludesuperstripes, if we happen to find a block group that has super blocks mapped to it and we are on a zoned filesystem, we error out as this is not...
CVE-2023-54297 btrfs: zoned: fix memory leak after finding block group with super blocks
In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: fix memory leak after finding block group with super blocks At excludesuperstripes, if we happen to find a block group that has super blocks mapped to it and we are on a zoned filesystem, we error out as this is not...
CVE-2023-54297
CVE-2023-54297 affects the Linux kernel (btrfs zoned). Root cause: in exclude_super_stripes(), finding a block group with super blocks and exiting on zoned filesystems without freeing the logical address of the super blocks, causing a memory leak. The fix frees the allocated logical address to pr...
CVE-2025-36192
IBM DS8A00 R10.1 10.10.106.0 and IBM DS8A00 R10.0 10.1.3.010.2.45.0 and IBM DS8900F R9.4 89.40.83.089.42.18.089.44.5.0 IBM System Storage DS8000 could allow a local user with authorized CCW update permissions to delete or corrupt backups due to missing authorization in IBM Safeguarded Copy / GDPS...
EUVD-2025-205442
IBM DS8A00 R10.1 10.10.106.0 and IBM DS8A00 R10.0 10.1.3.010.2.45.0 and IBM DS8900F R9.4 89.40.83.089.42.18.089.44.5.0 IBM System Storage DS8000 could allow a local user with authorized CCW update permissions to delete or corrupt backups due to missing authorization in IBM Safeguarded Copy / GDPS...
ReSMT: An SMT-Based Tool for Reverse Engineering
Software obfuscation techniques make code more difficult to understand, without changing its functionality. Such techniques are often used by authors of malicious software to avoid detection. Reverse Engineering of obfuscated code, i.e., the process of overcoming obfuscation and answering questio...
Linux Distros Unpatched Vulnerability : CVE-2023-54108
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: qla2xxx: Fix DMA-API call trace on NVMe LS requests The following message and call trace was seen with debug kernels: DMA-API: qla2xxx 0000:41:00.0: devic...
CVE-2023-54069
In the Linux kernel, the following vulnerability has been resolved: ext4: fix BUG in ext4mbnewinodepa due to overflow When we calculate the end position of ext4freeextent, this position may be exactly where ext4lblkt i.e. uint overflows. For example, if acgex.felogical is 4294965248 and...
CVE-2023-54069
In the Linux kernel, the following vulnerability has been resolved: ext4: fix BUG in ext4mbnewinodepa due to overflow When we calculate the end position of ext4freeextent, this position may be exactly where ext4lblkt i.e. uint overflows. For example, if acgex.felogical is 4294965248 and...
CVE-2023-54080
CVE-2023-54080 affects the Linux kernel in the btrfs zoned relocation path. When relocating and the corresponding region has no checksum, btrfs_finish_ordered_zoned() may reference an invalid checksum item, causing ordered_extent’s logical address to become invalid and later trigger a NULL pointe...
CVE-2023-54069 ext4: fix BUG in ext4_mb_new_inode_pa() due to overflow
In the Linux kernel, the following vulnerability has been resolved: ext4: fix BUG in ext4mbnewinodepa due to overflow When we calculate the end position of ext4freeextent, this position may be exactly where ext4lblkt i.e. uint overflows. For example, if acgex.felogical is 4294965248 and...
AZL-73054 CVE-2025-68371 affecting package kernel for versions less than 6.6.121.1-1
In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Fix device resources accessed after device removal Correct possible race conditions during device removal. Previously, a scheduled work item to reset a LUN could still execute after the device was removed, leading...
PT-2025-52986
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the iwlwifi component, specifically in the iwl mvm max amsdu size function. This issue arises when handling Multiple Logical LANs MLO, where...
Apple macOS Tahoe Logic Insufficient Limits Vulnerability
Apple macOS Tahoe is a desktop operating system released by Apple on June 10, 2025, using the LiquidGlass design language and integrating several AI and cross-device features. Apple macOS Tahoe suffers from a Logical Restriction Insufficiency vulnerability that can be exploited by an attacker to...
CVE-2025-68251
In the Linux kernel, the following vulnerability has been resolved: erofs: avoid infinite loops due to corrupted subpage compact indexes Robert reported an infinite loop observed by two crafted images. The root cause is that clusterofs can be larger than lclustersize for !NONHEAD lclusters in...
Pattern Based Quantum Key Distribution Using the Five Qubit Perfect Code for Eavesdropper Detection
I propose a new quantum key distribution protocol that uses the five qubit error correction code to detect the presence of eavesdropper reliably. The protocol turns any information theoretical attacks into a classical guess about the pattern. The logical qubit is encoded with a specific pattern...
Towards Spring Tools 5 - Stereotypes and a new Structural View
When working on Spring projects, developers do not only think in terms of low-level concepts like classes and interfaces. When using Spring, you think about higher-level abstractions and concepts like services, repositories, configuration classes, entities, aggregate roots, and so on. To bring...
CLSA-2025-1763124505 xorg-x11-server-Xwayland: Fix of CVE-2023-6816
CVE-2023-6816: fix heap buffer overflow in logical button map allocation, allocate sufficient space for maximum button mappings up to 255...
Finding Software Supply Chain Attack Paths with Logical Attack Graphs
Cyberattacks are becoming increasingly frequent and sophisticated, often exploiting the software supply chain SSC as an attack vector. Attack graphs provide a detailed representation of the sequence of events and vulnerabilities that could lead to a successful security breach in a system. MulVal ...
kernel: Bluetooth: L2CAP: Fix user-after-free
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix user-after-free This uses l2capchanholdunlesszero after calling l2capgetchanblah to prevent the following trace: Bluetooth: l2capcore.c:static void l2capchandestroystruct kref kref Bluetooth: chan...