4 matches found
CLSA-2026-1771240859 kernel: Fix of 13 CVEs
vsock: Do not allow binding to VMADDRPORTANY CVE-2025-38618 - cnic: Fix use-after-free bugs in cnicdeletetask CVE-2025-39945 - scsi: bfa: Double-free fix CVE-2025-38699 - pptp: ensure minimal skb length in pptpxmit CVE-2025-38574 - ipv6: reject malicious packets in ipv6gsosegment CVE-2025-38572 -...
CVE-2025-38660
In the Linux kernel, the following vulnerability has been resolved: ceph parselongname: strrchr expects NUL-terminated string ... and parselongname is not guaranteed that. That's the reason why it uses kmemdupnul to build the argument for kstrtou64; the problem is, kstrtou64 is not the only thing...
AZL-66584 CVE-2025-38660 affecting package kernel 6.6.126.1-1
In the Linux kernel, the following vulnerability has been resolved: ceph parselongname: strrchr expects NUL-terminated string ... and parselongname is not guaranteed that. That's the reason why it uses kmemdupnul to build the argument for kstrtou64; the problem is, kstrtou64 is not the only thing...
CVE-2025-38660 [ceph] parse_longname(): strrchr() expects NUL-terminated string
In the Linux kernel, the following vulnerability has been resolved: ceph parselongname: strrchr expects NUL-terminated string ... and parselongname is not guaranteed that. That's the reason why it uses kmemdupnul to build the argument for kstrtou64; the problem is, kstrtou64 is not the only thing...