3078 matches found
CVE-2025-40169
CVE-2025-40169 : In the Linux kernel BPF verifier, check_alu_op() previously allowed negative offsets for ALU operations due to signed 16-bit off; the condition insn->off > 1 was meant to permit only 0 or 1 for BPF_MOD/BPF_DIV but accepted negatives. The fix tightens validation to (insn->...
CVE-2025-40169 bpf: Reject negative offsets for ALU ops
In the Linux kernel, the following vulnerability has been resolved: bpf: Reject negative offsets for ALU ops When verifying BPF programs, the checkaluop function validates instructions with ALU operations. The 'offset' field in these instructions is a signed 16-bit integer. The existing check...
CVE-2025-40169 bpf: Reject negative offsets for ALU ops
In the Linux kernel, the following vulnerability has been resolved: bpf: Reject negative offsets for ALU ops When verifying BPF programs, the checkaluop function validates instructions with ALU operations. The 'offset' field in these instructions is a signed 16-bit integer. The existing check...
PT-2025-46644
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's BPF Berkeley Packet Filter program verification process. Specifically, the check alu op function inadequately validates the 'offset' field within ALU...
kernel: ASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data()
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: stream-ipc: Check for cstream nullity in sofipcmsgdata The nullity of sps-cstream should be checked similarly as it is done in sofsetstreamdataoffset function. Assuming that it is not NULL if sps-stream is NULL is...
kernel: ASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data()
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: stream-ipc: Check for cstream nullity in sofipcmsgdata The nullity of sps-cstream should be checked similarly as it is done in sofsetstreamdataoffset function. Assuming that it is not NULL if sps-stream is NULL is...
kernel: block: fix adding folio to bio
In the Linux kernel, the following vulnerability has been resolved: block: fix adding folio to bio 4GB folio is possible on some ARCHs, such as aarch64, 16GB hugepage is supported, then 'offset' of folio can't be held in 'unsigned int', cause warning in bioaddfolionofail and IO failure. Fix it by...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989802)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989802 advisory. In the Linux kernel, the following vulnerability has been resolved: soundwire: cadence: fix invalid PDI offset For some reason, we add an offset to the PDI, presumab...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989850)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989850 advisory. In the Linux kernel, the following vulnerability has been resolved: sfc: fix TX channel offset when using legacy interrupts In legacy interrupt mode the...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989438)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989438 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/i915/reset: Fix errorstateread ptr + offset use Fix our pointer offset usage in errorstaterea...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989456)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989456 advisory. In the Linux kernel, the following vulnerability has been resolved: CDC-NCM: avoid overflow in sanity checking A broken device may give an extreme offset like 0xFFF0...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989719)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989719 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/i915/reset: Fix errorstateread ptr + offset use Fix our pointer offset usage in errorstaterea...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989830)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989830 advisory. In the Linux kernel, the following vulnerability has been resolved: ftruncate: pass a signed offset The old ftruncate syscall, using the 32-bit offt misses a sign...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990249)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990249 advisory. In the Linux kernel, the following vulnerability has been resolved: ftruncate: pass a signed offset The old ftruncate syscall, using the 32-bit offt misses a sign...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989326)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989326 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check pipe offset before setting vblank pipectx has a size of MAXPIPES so checki...
TencentOS Server 4: python3.11 (TSSA-2025:0832)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0832 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix accesses to uninit stack slots Privileged programs are supposed to be able to read uninitialized stack memory ever since 6715df8d5 but, before this patch, these accesses were permitted inconsistently. In particular,...
OESA-2025-2577 python3 security update
Python combines remarkable power with very clear syntax. It has modules, classes, exceptions, very high level dynamic data types, and dynamic typing. There are interfaces to many system calls and libraries, as well as to various windowing systems. New built-in modules are easily written in C or C...
OESA-2025-2578 python3 security update
Python combines remarkable power with very clear syntax. It has modules, classes, exceptions, very high level dynamic data types, and dynamic typing. There are interfaces to many system calls and libraries, as well as to various windowing systems. New built-in modules are easily written in C or C...
OESA-2025-2576 python3 security update
Python combines remarkable power with very clear syntax. It has modules, classes, exceptions, very high level dynamic data types, and dynamic typing. There are interfaces to many system calls and libraries, as well as to various windowing systems. New built-in modules are easily written in C or C...