SUSE CVE-2025-21657

In the Linux kernel, the following vulnerability has been resolved: schedext: Replace rqlock to rawspinrqlock in scxopsbypass scxopsbypass iterates all CPUs to re-enqueue all the scx tasks. For each CPU, it acquires a lock using rqlock regardless of whether a CPU is offline or the CPU is currentl...

UBUNTU-CVE-2025-21657

In the Linux kernel, the following vulnerability has been resolved: schedext: Replace rqlock to rawspinrqlock in scxopsbypass scxopsbypass iterates all CPUs to re-enqueue all the scx tasks. For each CPU, it acquires a lock using rqlock regardless of whether a CPU is offline or the CPU is currentl...

PT-2025-9007

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel's hrtimers infrastructure allows wakeups to be performed by an outgoing CPU after the CPUHP AP HRTIMERS DYING stage, potentially resulting in bandwidt...

CVE-2025-22390

An issue was discovered in Optimizely EPiServer.CMS.Core before 12.32.0. A medium-severity vulnerability exists in the CMS due to insufficient enforcement of password complexity requirements. The application permits users to set passwords with a minimum length of 6 characters, lacking adequate...

PT-2026-2880

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to kexec functionality on PowerPC architectures. Specifically, if Simultaneous Multi-Threading SMT is disabled or partially enabled, attempting ...

SUSE CVE-2024-56690

In the Linux kernel, the following vulnerability has been resolved: crypto: pcrypt - Call crypto layer directly when padatadoparallel return -EBUSY Since commit 8f4f68e788c3 "crypto: pcrypt - Fix hungtask for PADATARESET", the pcrypt encryption and decryption operations return -EAGAIN when the CP...

DEBIAN-CVE-2024-56690

In the Linux kernel, the following vulnerability has been resolved: crypto: pcrypt - Call crypto layer directly when padatadoparallel return -EBUSY Since commit 8f4f68e788c3 "crypto: pcrypt - Fix hungtask for PADATARESET", the pcrypt encryption and decryption operations return -EAGAIN when the CP...

PT-2024-36851 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a missed RCU barrier on deoffloading in the Linux kernel. Running the rcutorture test with specific parameters can trigger a warning and a deadlock. The problem...

The vulnerability of the cpufreq component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the cpufreq component in the Linux operating system’s kernel is related to improper validation of input in the functions cpufreqoffline and cpufreqremovedev. Exploiting this vulnerability can allow an attacker to cause a service failure...

NTP Timeroast

Windows authenticates NTP requests by calculating the message digest using the NT hash followed by the first 48 bytes of the NTP message all fields preceding the key ID. An attacker can abuse this to recover hashes that can be cracked offline for machine and trust accounts. The attacker must know...

Bitcoin Core 安全漏洞

Bitcoin Core is a Bitcoin open source client for verifying the validity of blockchain transactions. A security vulnerability exists in Bitcoin Core 27.2 and earlier versions that stems from allowing transaction relay blocking via an offline protocol attack...

PT-2024-40550 · Mozilla · Seamonkey

Name of the Vulnerable Software and Affected Versions: SeaMonkey versions prior to 2.53.19 Description: The issue is related to a security vulnerability in SeaMonkey. The estimated number of potentially affected devices is not provided. There is no information about real-world incidents where thi...

kernel: genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline

In the Linux kernel, the following vulnerability has been resolved: genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline The absence of IRQDMOVEPCNTXT prevents immediate effectiveness of interrupt affinity reconfiguration via procfs. Instead, the change is deferred until the next...

Astra Linux – Vulnerability in freeipa

A vulnerability was discovered in FreeIPA when a Kerberos TGS-REQ is encrypted using the client’s session key. This key varies for each new session, which helps protect it from brute-force attacks. However, the tickets contained within are encrypted using the target principal key directly. For us...

CVE-2024-34028

CVE-2024-34028 affects Intel Graphics Offline Compiler for OpenCL Code software on Windows prior to 2024.1.0.142 and graphics driver 31.0.101.5445, with an underlying issue described as an uncontrolled search path. The Red Hat and Intel advisories confirm this can potentially enable privilege esc...

CVE-2024-34028

Uncontrolled search path in some IntelR Graphics Offline Compiler for OpenCLTM Code software for Windows before version 2024.1.0.142, graphics driver 31.0.101.5445 may allow an authenticated user to potentially enable escalation of privilege via local access...

Intel Graphics Offline Compiler 代码问题漏洞

Intel Graphics Offline Compiler is an application from Intel Corporation USA. A security vulnerability exists in Intel Graphics Offline Compiler that stems from an uncontrolled search path. An attacker can exploit the vulnerability to elevate privileges...

kernel: powerpc/smp: do not decrement idle task preempt count in CPU offline

A vulnerability was found in the Linux kernel's powerpc/smp architecture, where the idle task's preemption count was incorrectly decremented during the CPU offline process. This issue caused a "scheduling while atomic" error when a CPU was offlined and then onlined again, leading to potential...

rcu/nocb: Fix rcuog wake-up from offline softirq

...

CVE-2020-11916

An issue was discovered in Siime Eye 14.1.00000001.3.330.0.0.3.14. The password for the root user is hashed using an old and deprecated hashing technique. Because of this deprecated hashing, the success probability of an attacker in an offline cracking attack is greatly increased...