PT-2025-29020

Name of the Vulnerable Software and Affected Versions: Linux kernel versions 6.15.0-rc3+ and earlier Description: The Linux kernel contains a flaw within the sun8i-ce-cipher module related to error handling in the sun8i ce cipher prepare function. This issue manifests as two DMA cleanup problems ...

SUSE CVE-2025-22120

In the Linux kernel, the following vulnerability has been resolved: ext4: goto right label 'outmmapsem' in ext4setattr Otherwise, if ext4inodeattachjinode fails, a hung task will happen because filemapinvalidateunlock isn't called to unlock mapping-invalidatelock. Like this: EXT4-fs error device...

The Windows Registry Adventure #6: Kernel-mode objects

Posted by Mateusz Jurczyk, Google Project Zero Welcome back to the Windows Registry Adventure! In the previous installment of the series, we took a deep look into the internals of the regf hive format. Understanding this foundational aspect of the registry is crucial, as it illuminates the design...

The vulnerability of the dma-mapping component in the Linux operating system allows a hacker to gain access to confidential data and also cause a service failure.

The vulnerability of the dma-mapping component in the Linux operating system’s kernel is related to insufficient validation of input data. Exploiting this vulnerability can allow attackers to access confidential data and also cause service failures...

CVE-2025-21978 drm/hyperv: Fix address space leak when Hyper-V DRM device is removed

In the Linux kernel, the following vulnerability has been resolved: drm/hyperv: Fix address space leak when Hyper-V DRM device is removed When a Hyper-V DRM device is probed, the driver allocates MMIO space for the vram, and maps it cacheable. If the device removed, or in the error path for devic...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the drm hyperv module not unmapping MMIO space when removing a device...

CVE-2025-21872

In the Linux kernel, the following vulnerability has been resolved: efi: Don't map the entire mokvar table to determine its size Currently, when validating the mokvar table, we remap the entire table on each iteration of the loop, adding space as we discover new entries. If the table grows over a...

DEBIAN-CVE-2023-52935

In the Linux kernel, the following vulnerability has been resolved: mm/khugepaged: fix -anonvma race If an -anonvma is attached to the VMA, collapseandfreepmd requires it to be locked. Page table traversal is allowed under any one of the mmap lock, the anonvma lock if the VMA is associated with a...

CVE-2025-21872

In the Linux kernel, the following vulnerability has been resolved: efi: Don't map the entire mokvar table to determine its size Currently, when validating the mokvar table, we remap the entire table on each iteration of the loop, adding space as we discover new entries. If the table grows over a...

DEBIAN-CVE-2024-58091

In the Linux kernel, the following vulnerability has been resolved: drm/fbdev-dma: Add shadow buffering for deferred I/O DMA areas are not necessarily backed by struct page, so we cannot rely on it for deferred I/O. Allocate a shadow buffer for drivers that require deferred I/O and use it as...

CVE-2025-21872 efi: Don't map the entire mokvar table to determine its size

In the Linux kernel, the following vulnerability has been resolved: efi: Don't map the entire mokvar table to determine its size Currently, when validating the mokvar table, we remap the entire table on each iteration of the loop, adding space as we discover new entries. If the table grows over a...

CVE-2024-58091 drm/fbdev-dma: Add shadow buffering for deferred I/O

In the Linux kernel, the following vulnerability has been resolved: drm/fbdev-dma: Add shadow buffering for deferred I/O DMA areas are not necessarily backed by struct page, so we cannot rely on it for deferred I/O. Allocate a shadow buffer for drivers that require deferred I/O and use it as...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not properly handling mokvar table size calculations, which could lead to memory mapping failures...

CVE-2025-21853 bpf: avoid holding freeze_mutex during mmap operation

In the Linux kernel, the following vulnerability has been resolved: bpf: avoid holding freezemutex during mmap operation We use map-freezemutex to prevent races between mapfreeze and memory mapping BPF map contents with writable permissions. The way we naively do this means we'll hold freezemutex...

kernel: hwrng: core - Fix page fault dead lock on mmap-ed hwrng

A vulnerability was found in the hwrng component of the Linux kernel, which caused a deadlock when reading from /dev/hwrng into memory and mmap-ed from /dev/hwrng. This issue is triggered by a recursive read during a page fault and allows a local, authenticated attacker to cause a denial of servi...

CVE-2025-0285

Various Paragon Software products contain an arbitrary kernel memory mapping vulnerability within biontdrv.sys that is caused by a failure to properly validate the length of user supplied data, which can allow an attacker to perform privilege escalation exploits...

Linux Distros Unpatched Vulnerability : CVE-2025-21778

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: tracing: Do not allow mmap of persistent ring buffer When trying to mmap a trace instance...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: tls: fix race between tx work scheduling and socket close Similarly to previous commit, the submitting thread recvmsg/sendmsg may exit as soon as the async crypto handler calls complete. Reorder scheduling the wor...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Bad drive in topology results kernel crash CVE-2023-53037 In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix issues in mpi3mrgetalltgtinfo CVE-2023-53320 In the Lin...

Linux Distros Unpatched Vulnerability : CVE-2024-50141

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ACPI: PRM: Find EFIMEMORYRUNTIME block for PRM handler and context PRMT needs to find the...