Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: The issue of using NULL for folio handling in movepageshugepmd has been fixed. movepageshugepmd handles UFFDIOMOVE operations for both normal THPs and huge zero pages. For the huge zero page, srcfolio is explicitly...

CLSA-2026-1777558504 vim: Fix of 10 CVEs

CVE-2021-3928: in suggesttriewalk only credit a non-word-char boundary with SCORENONWORD when preword is non-empty, so spell suggestions do not read uninitialized memory behind preword. - CVE-2021-3974: in nfaregmatch NFAMARK / NFAMARKGT / NFAMARKLT, save reginput - regline and re-fetch regline...

CLSA-2026-1777545655 vim: Fix of 10 CVEs

CVE-2021-3928: in suggesttriewalk only credit a non-word-char boundary with SCORENONWORD when preword is non-empty, so spell suggestions do not read uninitialized memory behind preword. - CVE-2021-3974: in nfaregmatch NFAMARK / NFAMARKGT / NFAMARKLT, save reginput - regline and re-fetch regline...

CVE-2026-6386 Missing large page handling in pmap_pkru_update_range()

In order to apply a particular protection key to an address range, the kernel must update the corresponding page table entries. The subroutine which handled this failed to take into account the presence of 1GB largepage mappings created using the shmcreatelargepage3 interface. In particular, it...

CVE-2026-28529

cryptodev-linux version 1.14 and prior contain a page reference handling flaw in the getuserbuf function of the /dev/crypto device driver that allows local users to trigger use-after-free conditions. Attackers with access to the /dev/crypto interface can repeatedly decrement reference counts of...

Tenda WH450 安全漏洞

Tenda WH450 is a wireless access point from Tenda China. A security vulnerability exists in Tenda WH450 version 1.0.0.18, which originates from an incorrect manipulation of the parameter page in the file /goform/webExcptypemanFilte in the component HTTP Request Handler, which could result in a...

Tenda CH22 安全漏洞

The Tenda CH22 is an enterprise-grade wireless router for small to medium-sized businesses or home office environments. It supports single-band 2.4GHz wireless networks with a maximum transmission rate of up to 450Mbps. A buffer overflow vulnerability exists in the Tenda CH22 in version 1.0.0.1...

EUVD-2012-3782

Malware in sbrugna...

EUVD-2021-15335

Malware in sbrugna...

CVE-2025-58143

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. There are multiple issues related to the handling and accessing of guest memory pages in the viridian code: 1. A NULL pointer dereference in the updating of the reference...

Linux Distros Unpatched Vulnerability : CVE-2021-47090

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mm/hwpoison: clear MFCOUNTINCREASED before retrying getanypage Hulk Robot reported a panic i...

Linux Distros Unpatched Vulnerability : CVE-2025-22034

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mm/gup: reject FOLLSPLITPMD with hugetlb VMAs Patch series mm: fixes for device-exclusive...

CVE-2022-49992

In the Linux kernel, the following vulnerability has been resolved: mm/mprotect: only reference swap pfn page if type match Yu Zhao reported a bug after the commit "mm/swap: Add swpoffsetpfn to fetch PFN from swap entry" added a check in swpoffsetpfn for swap type 1: kernel BUG at...

DEBIAN-CVE-2022-49053

In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcmu: Fix possible page UAF tcmutrygetdatapage looks up pages under cmdrlock, but it does not take refcount properly and just returns page pointer. When tcmutrygetdatapage returns, the returned page may have been...

CVE-2024-56612

In the Linux kernel, the following vulnerability has been resolved: mm/gup: handle NULL pages in unpinuserpages The recent addition of "pofs" pages or folios handling to gup has a flaw: it assumes that unpinuserpages handles NULL pages in the pages array. That's not the case, as I discovered when...

Unspecified vulnerability in Linux kernel (CNVD-2025-01681)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an issue with the handling of NULL pages by unpinuserpages in the mm/gup subsystem. No details of the...

CVE-2024-56612

In the Linux kernel, the following vulnerability has been resolved: mm/gup: handle NULL pages in unpinuserpages The recent addition of "pofs" pages or folios handling to gup has a flaw: it assumes that unpinuserpages handles NULL pages in the pages array. That's not the case, as I discovered when...

CVE-2024-56612

CVE-2024-56612 describes a Linux kernel vulnerability in mm/gup where unpin_user_pages() may dereference NULL pages in the pages** array when using pofs. The flaw was triggered by a configuration like x86 with numa=fake=2 movablecore=4G on Linux 6.12, leading to a kernel NULL pointer dereference ...

CVE-2024-56612 mm/gup: handle NULL pages in unpin_user_pages()

In the Linux kernel, the following vulnerability has been resolved: mm/gup: handle NULL pages in unpinuserpages The recent addition of "pofs" pages or folios handling to gup has a flaw: it assumes that unpinuserpages handles NULL pages in the pages array. That's not the case, as I discovered when...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an issue with the handling of NULL pages by unpinuserpages in the mm/gup subsystem. No details of the...