1881 matches found
UBUNTU-CVE-2025-39773
In the Linux kernel, the following vulnerability has been resolved: net: bridge: fix soft lockup in brmulticastqueryexpired When set multicastqueryinterval to a large value, the local variable 'time' in brmulticastsendquery may overflow. If the time is smaller than jiffies, the timer will expire...
UBUNTU-CVE-2025-39791
In the Linux kernel, the following vulnerability has been resolved: dm: dm-crypt: Do not partially accept write BIOs with zoned targets Read and write operations issued to a dm-crypt target may be split according to the dm-crypt internal limits defined by the maxreadsize and maxwritesize module...
UBUNTU-CVE-2025-39756
In the Linux kernel, the following vulnerability has been resolved: fs: Prevent file descriptor table allocations exceeding INTMAX When sysctlnropen is set to a very high value for example, 1073741816 as set by systemd, processes attempting to use file descriptors near the limit can trigger massi...
CVE-2025-39773 net: bridge: fix soft lockup in br_multicast_query_expired()
In the Linux kernel, the following vulnerability has been resolved: net: bridge: fix soft lockup in brmulticastqueryexpired When set multicastqueryinterval to a large value, the local variable 'time' in brmulticastsendquery may overflow. If the time is smaller than jiffies, the timer will expire...
CVE-2025-39756 fs: Prevent file descriptor table allocations exceeding INT_MAX
In the Linux kernel, the following vulnerability has been resolved: fs: Prevent file descriptor table allocations exceeding INTMAX When sysctlnropen is set to a very high value for example, 1073741816 as set by systemd, processes attempting to use file descriptors near the limit can trigger massi...
CVE-2025-39756
CVE-2025-39756 is a Linux kernel issue where extremely high nr_open values (e.g., 1073741816) can trigger massive file descriptor table allocations that exceed INT_MAX, causing a kernel warning and impractical memory requests (>8GB) during operations near the FD limit. The root cause involves ...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not properly handling the maximum copy size, which could result in a buffer overflow...
kernel: udp: Fix memory accounting leak.
A memory overflow vulnerability exists within the Linux kernel's networking subsystem. Specifically, an application can set the SORCVBUF socket option to its maximum value INTMAX, which triggers an integer overflow within the udprmemrelease function during socket closure. The udpdestructcommon...
kernel: udp: Fix memory accounting leak.
A memory overflow vulnerability exists within the Linux kernel's networking subsystem. Specifically, an application can set the SORCVBUF socket option to its maximum value INTMAX, which triggers an integer overflow within the udprmemrelease function during socket closure. The udpdestructcommon...
Malicious npm Packages Impersonate Flashbots, Steal Ethereum Wallet Keys
A new set of four malicious packages have been discovered in the npm package registry with capabilities to steal cryptocurrency wallet credentials from Ethereum developers. "The packages masquerade as legitimate cryptographic utilities and Flashbots MEV infrastructure while secretly exfiltrating...
SUSE CVE-2025-38702
In the Linux kernel, the following vulnerability has been resolved: fbdev: fix potential buffer overflow in doregisterframebuffer The current implementation may lead to buffer overflow when: 1. Unregistration creates NULL gaps in registeredfb 2. All array slots become occupied despite...
UBUNTU-CVE-2025-38702
In the Linux kernel, the following vulnerability has been resolved: fbdev: fix potential buffer overflow in doregisterframebuffer The current implementation may lead to buffer overflow when: 1. Unregistration creates NULL gaps in registeredfb 2. All array slots become occupied despite...
CVE-2025-38702 fbdev: fix potential buffer overflow in do_register_framebuffer()
In the Linux kernel, the following vulnerability has been resolved: fbdev: fix potential buffer overflow in doregisterframebuffer The current implementation may lead to buffer overflow when: 1. Unregistration creates NULL gaps in registeredfb 2. All array slots become occupied despite...
CVE-2025-38702
The CVE-2025-38702 entry concerns the Linux kernel fbdev subsystem. The issue is a potential buffer overflow in do_register_framebuffer() when unregistration creates NULL gaps in registered_fb[], when all slots become occupied despite num_registered_fb
CVE-2025-38691
Technical details about CVE-2025-38691 are not publicly provided in the supplied connected documents. Monitor vendor advisories (Debian, Mageia, Amazon Linux) for patches and mitigations and update accordingly.
drm/amd/display: Correct the defined value for AMDGPU_DMUB_NOTIFICATION_MAX
...
cachefiles: Set the max subreq size for cache writes to MAX_RW_COUNT
...
netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX
...
HID: pidff: Make sure to fetch pool before checking SIMULTANEOUS_MAX
...
ethtool: fail closed if we can't get max channel used in indirection tables
...