CLSA-2025-1757947030 nettle: Fix of CVE-2018-16869

Port side-channel silent functions from 3.4.1. Partially fix for CVE-2018-16869 - CVE-2018-16869: Add side-channel silent memory, math, PKCS1, RSA functions - Added tests for side-channel silent implementations...

CVE-2022-50257

In the Linux kernel, the following vulnerability has been resolved: xen/gntdev: Prevent leaking grants Prior to this commit, if a grant mapping operation failed partially, some of the entries in the mapops array would be invalid, whereas all of the entries in the kmapops array would be valid. Thi...

DEBIAN-CVE-2022-50257

In the Linux kernel, the following vulnerability has been resolved: xen/gntdev: Prevent leaking grants Prior to this commit, if a grant mapping operation failed partially, some of the entries in the mapops array would be invalid, whereas all of the entries in the kmapops array would be valid. Thi...

UBUNTU-CVE-2022-50257

In the Linux kernel, the following vulnerability has been resolved: xen/gntdev: Prevent leaking grants Prior to this commit, if a grant mapping operation failed partially, some of the entries in the mapops array would be invalid, whereas all of the entries in the kmapops array would be valid. Thi...

CVE-2022-50257

The CVE-2022-50257 issue is in the Linux kernel Xen grant handling (xen/gntdev) where partial grant mapping failures could leak grants. In paravirtualized domains (use_ptemod = true), alloced was not updated for all successful map_ops or kmap_ops, risking incorrect live_grants and leaks. The fix ...

CVE-2022-50257 xen/gntdev: Prevent leaking grants

In the Linux kernel, the following vulnerability has been resolved: xen/gntdev: Prevent leaking grants Prior to this commit, if a grant mapping operation failed partially, some of the entries in the mapops array would be invalid, whereas all of the entries in the kmapops array would be valid. Thi...

CVE-2022-50257 xen/gntdev: Prevent leaking grants

In the Linux kernel, the following vulnerability has been resolved: xen/gntdev: Prevent leaking grants Prior to this commit, if a grant mapping operation failed partially, some of the entries in the mapops array would be invalid, whereas all of the entries in the kmapops array would be valid. Thi...

SUSE-SU-2025:03223-1 Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002317 fixes several issues. The following security issues were fixed: - CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245504. - CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. - CVE-2025-38001: netsched: hfsc: Address...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the failure to properly handle the authorization state when a partial mapping operation fails, which could...

PT-2025-37511

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel's Xen/gntdev component that can lead to grant references being leaked. This occurs when a grant mapping operation fails partially, resulting in...

DEBIAN-CVE-2025-39792

In the Linux kernel, the following vulnerability has been resolved: dm: Always split write BIOs to zoned device limits Any zoned DM target that requires zone append emulation will use the block layer zone write plugging. In such case, DM target drivers must not split BIOs using dmacceptpartialbio...

CVE-2025-39792 dm: Always split write BIOs to zoned device limits

In the Linux kernel, the following vulnerability has been resolved: dm: Always split write BIOs to zoned device limits Any zoned DM target that requires zone append emulation will use the block layer zone write plugging. In such case, DM target drivers must not split BIOs using dmacceptpartialbio...

Five Minutes of DDoS Brings Down Tor: DDoS Attacks on the Tor Directory Protocol and Mitigations

The Tor network offers network anonymity to its users by routing their traffic through a sequence of relays. A group of nine directory authorities maintains information about all available relay nodes using a distributed directory protocol. We observe that the current protocol makes a steep...

PT-2025-37326

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw related to block I/O BIO splitting in device mapper dm targets that support zoned devices. Specifically, the issue arises when zoned DM targets utilize...

Security update for the Linux Kernel (Live Patch 32 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024136 fixes several issues. The following security issues were fixed: CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF bsc1237930. CVE-2025-38001: netsched: hfsc: Address reentrant...

AZL-67244 CVE-2025-39738 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: btrfs: do not allow relocation of partially dropped subvolumes BUG There is an internal report that balance triggered transaction abort, with the following call trace: item 85 key 594509824 169 0 itemoff 12599 itemsize 33 extent...

CVE-2025-39791 dm: dm-crypt: Do not partially accept write BIOs with zoned targets

In the Linux kernel, the following vulnerability has been resolved: dm: dm-crypt: Do not partially accept write BIOs with zoned targets Read and write operations issued to a dm-crypt target may be split according to the dm-crypt internal limits defined by the maxreadsize and maxwritesize module...

CVE-2025-39791

The vulnerability CVE-2025-39791 affects Linux kernel dm-crypt targets (zoned devices) where BIOs can be split to respect max_read_size/max_write_size. For zoned targets, splitting could cause a deadlock or data corruption if a splitBIO reminder re-enters the queue or if zone-append processing is...

CVE-2025-39791

In the Linux kernel, the following vulnerability has been resolved: dm: dm-crypt: Do not partially accept write BIOs with zoned targets Read and write operations issued to a dm-crypt target may be split according to the dm-crypt internal limits defined by the maxreadsize and maxwritesize module...

Security update for kernel-livepatch-MICRO-6-0-RT_Update_2

This update for kernel-livepatch-MICRO-6-0-RTUpdate2 fixes the following issues: CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245505 CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579 CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltree...