Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel. This vulnerability stems from the svsenable DebugWrite function in the mediatek SVS driver, which fails when the...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: SCSI: BFA – Ensure that the copied buffer is terminated with NUL characters. Currently, we allocate a kernel buffer of size nbytes and copy nbytes from user space to that buffer. Later, we use sscanf on this buffer, but we do not...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: tipc: Check for a null pointer after calling kmemdup kmemdup may return a null pointer, so it is necessary to check for this. Otherwise, the null pointer will be dereferenced later in tipccryptokeyxmit, as can be seen in the trac...

CVE-2025-71273

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: Use devmkmemdup in rtwsetsupportedband Simplify the code by using device managed memory allocations. This also fixes a memory leak in rtwregisterhw. The supported bands were not freed in the error path. Copied from...

SUSE CVE-2025-40193

In the Linux kernel, the following vulnerability has been resolved: xtensa: simdisk: add input size check in procwritesimdisk A malicious user could pass an arbitrarily bad value to memdupusernul, potentially causing kernel crash. This follows the same pattern as commit ee76746387f6 "netdevsim:...

EUVD-2022-15376

Malicious code in bioql PyPI...

PT-2025-38017

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A memory leak exists in the Network File System daemon nfsd error handling path. Specifically, if a memdup user call fails, the previously allocated memory is not freed, resulting in a...

UBUNTU-CVE-2025-38664

In the Linux kernel, the following vulnerability has been resolved: ice: Fix a null pointer dereference in icecopyandinitpkg Add check for the return value of devmkmemdup to prevent potential null pointer dereference...

CVE-2025-38664 ice: Fix a null pointer dereference in ice_copy_and_init_pkg()

In the Linux kernel, the following vulnerability has been resolved: ice: Fix a null pointer dereference in icecopyandinitpkg Add check for the return value of devmkmemdup to prevent potential null pointer dereference...

CVE-2025-38257

In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Prevent overflow in size calculation for memdupuser Number of apqn target list entries contained in 'nrapqns' variable is determined by userspace via an ioctl call so the result of the product in calculation of size...

UBUNTU-CVE-2025-21709

In the Linux kernel, the following vulnerability has been resolved: kernel: be more careful about dupmmap failures and uprobe registering If a memory allocation fails during dupmmap, the maple tree can be left in an unsafe state for other iterators besides the exit path. All the locks are dropped...

CLSA-2024-1719932549 kernel: Fix of 20 CVEs

net: iptunnel: make sure to pull inner header in iptunnelrcv CVE-2024-26882 - net: Set true network header for ECN decapsulation CVE-2024-26882 - media: dvb-core: Fix use-after-free due to race at dvbregisterdevice CVE-2022-45884 - media: dvbdev: fix error logic at dvbregisterdevice...

SUSE CVE-2022-0168

A denial of service DOS issue was found in the Linux kernel's smb2ioctlqueryinfo function in the fs/cifs/smb2ops.c Common Internet File System CIFS due to an incorrect return from the memdupuser function. This flaw allows a local, privileged CAPSYSADMIN attacker to crash the system...

kernel: nfsd: Fix a memory leak in an error handling path

In the Linux kernel, the following vulnerability has been resolved: nfsd: Fix a memory leak in an error handling path If this memdupuser call fails, the memory allocated in a previous call a few lines above should be freed. Otherwise it leaks...

UBUNTU-CVE-2022-3108

An issue was discovered in the Linux kernel through 5.16-rc6. kfdparsesubtypeiolink in drivers/gpu/drm/amd/amdkfd/kfdcrat.c lacks check of the return value of kmemdup...

CVE-2022-3108

An issue was discovered in the Linux kernel through 5.16-rc6. kfdparsesubtypeiolink in drivers/gpu/drm/amd/amdkfd/kfdcrat.c lacks check of the return value of kmemdup...

CLSA-2021-1632262269 Fix of CVE: CVE-2021-34693, CVE-2021-20292, CVE-2021-28972, CVE-2021-20265, CVE-2021-32399, CVE-2014-4508, CVE-2021-3612, CVE-2021-3178, CVE-2021-37159, CVE-2021-38205, CVE-2021-3573, CVE-2021-38160

ELSCVE-666: CVE-2021-34693: can: bcm: fix infoleak in struct bcmmsghead - ELSCVE-705: CVE-2021-38160: virtioconsole: Assure used length from device is limited - ELSCVE-769: CVE-2014-4508: x8632, entry: Do syscall exit work on badsys CVE-2014-4508 - ELSCVE-844: CVE-2021-3573: Bluetooth: use...

[SECURITY] Fedora 31 Update: kata-ksm-throttler-1.11.1-1.fc31.1

This project implements a Kernel Same-page Merging throttling daemon. The Kata Containers runtime creates a virtual machine VM to isolate a set of container workloads. The VM requires a guest kernel and a guest operating system "guest OS" to boot and create containers inside the guest environment...