Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: efi: fix potential NULL deref in efimemreservepersistent When iterating on a linked list, a result of memremap is dereferenced without checking it for NULL. This patch adds a check that falls back on allocating a new page in case...

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : UltraJSON vulnerabilities (USN-8219-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8219-1 advisory. Cameron Criswell discovered that UltraJSON contained a memory leak that would occur when parsing large integers. An...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987684)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987684 advisory. In the Linux kernel, the following vulnerability has been resolved: efi: fix potential NULL deref in efimemreservepersistent When iterating on a linked list, a resul...

UBUNTU-CVE-2025-38076

In the Linux kernel, the following vulnerability has been resolved: alloctag: allocate percpu counters for module tags dynamically When a module gets unloaded it checks whether any of its tags are still in use and if so, we keep the memory containing module's allocation tags alive until all tags...

UBUNTU-CVE-2023-52976

In the Linux kernel, the following vulnerability has been resolved: efi: fix potential NULL deref in efimemreservepersistent When iterating on a linked list, a result of memremap is dereferenced without checking it for NULL. This patch adds a check that falls back on allocating a new page in case...

CVE-2023-52976 efi: fix potential NULL deref in efi_mem_reserve_persistent

In the Linux kernel, the following vulnerability has been resolved: efi: fix potential NULL deref in efimemreservepersistent When iterating on a linked list, a result of memremap is dereferenced without checking it for NULL. This patch adds a check that falls back on allocating a new page in case...

PT-2023-34949 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.11 Description: A potential NULL dereference issue was identified in the efi mem reserve persistent function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux...

CVE-2022-2639

An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reservesfasize function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write...

DEBIAN-CVE-2022-2639

An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reservesfasize function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write...

GHSA-H6JH-7GV5-28VG Bad alloc in `StringNGrams` caused by integer conversion

Impact The implementation of tf.rawops.StringNGrams is vulnerable to an integer overflow issue caused by converting a signed integer value to an unsigned one and then allocating memory based on this value. python import tensorflow as tf tf.rawops.StringNGrams data='','', datasplits=0,2, separator...

CVE-2021-25837

Cosmos Network Ethermint = v0.4.0 is affected by cache lifecycle inconsistency in the EVM module. Due to the inconsistency between the Storage caching cycle and the Tx processing cycle, Storage changes caused by a failed transaction are improperly reserved in memory. Although the bad storage cach...

Multiple IRC Client Non-registered User parse_client_queued Saturation DoS

The remote host is running a version of ircd which is vulnerable to a rate-limiting Denial of Service DoS attack. The flaw is in the fact that the IRCD daemon reserves more than 500 bytes of memory for each line received. An attacker, exploiting this flaw, would need network access to the IRC...