PUB-A-463674877

In vpummap of vpuioctl, there is a possible arbitrary address mmap due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-21949 LoongArch: Set hugetlb mmap base address aligned with pmd size

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Set hugetlb mmap base address aligned with pmd size With ltp test case "testcases/bin/hugefork02", there is a dmesg error report message such as: kernel BUG at mm/hugetlb.c:5550! Oops - BUG1: CPU: 0 UID: 0 PID: 1517...

USN-2969-1 linux-lts-utopic vulnerabilities

Ralf Spenneberg discovered that the Aiptek Tablet USB device driver in the Linux kernel did not properly validate the endpoints reported by the device. An attacker with physical access could cause a denial of service system crash. CVE-2015-7515 Ben Hawkes discovered that the Linux kernel's AIO...

Apache 2.4.7 + PHP 7.0.2 - 'openssl_seal()' Uninitialized Memory Code Execution

?php // Source: http://akat1.pl/?id=1 function getmaps $fh = fopen"/proc/self/maps", "r"; $maps = fread$fh, 331337; fclose$fh; return explode"\n", $maps; function findmap$sym $addr = 0; foreachgetmaps as $record if strstr$record, $sym && strstr$record, "r-xp" $addr = hexdecexplode'-', $record0;...

kernel: personality: fix PER_CLEAR_ON_SETID

The personality subsystem in the Linux kernel before 2.6.31-rc3 has a PERCLEARONSETID setting that does not clear the ADDRCOMPATLAYOUT and MMAPPAGEZERO flags when executing a setuid or setgid program, which makes it easier for local users to leverage the details of memory usage to 1 conduct NULL...