54 matches found
CVE-2026-53047
CVE-2026-53047 affects the Linux kernel’s efi/capsule-loader. The vulnerability arises from a mis-sized allocation in __efi_capsule_setup_info(): the krealloc() for cap_info->phys uses sizeof(phys_addr_t *) instead of sizeof(phys_addr_t). This can produce an undersized allocation, inconsistent...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: erofs: Fixed invalid cases for encoded extents. Robert recently reported two corrupted images that can cause system crashes. These issues are related to the new encoded extents introduced in Linux 6.15: - The first image has...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ACPI: Tables: FPDT: Do not call acpiosmapmemory on an invalid physical address. On a Packard Bell Dot SC Intel Atom N2600 model, there is an FPDT table containing invalid physical addresses, with high bits set that fall outside t...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the incorrect conversion of physical addresses during the putfolios cleanup process in memfdluo,...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd/pmc: Detection when STB is unavailable. Loading the amdpmc module with the option amdpmc enablestb=1 may result in the following messages in the kernel ring buffer: amdpmc AMDI0009:00: SMU cmd failed. err: 0xff...
UBUNTU-CVE-2026-23085
In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Avoid truncating memory addresses On 32-bit machines with CONFIGARMLPAE, it is possible for lowmem allocations to be backed by addresses physical memory above the 32-bit address limit, as found while...
CVE-2026-23085
CVE-2026-23085 affects the Linux kernel irqchip/gic-v3-its on 32-bit ARM with CONFIG_ARM_LPAE, where lowmem allocations could be backed by physical memory above 4 GB. The ITS driver stored a 32-bit address in an unsigned long, triggering truncation. The fix changes the itt_addr and related physic...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002273)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002273 advisory. The pagemapopen function in fs/proc/taskmmu.c in the Linux kernel before 3.19.3, as used in Android 6.0.1 before 2016-03-01, allows local users to obtain sensitive...
CVE-2025-14159
The Secure Copy Content Protection and Content Locking plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.9.2. This is due to missing nonce validation on the 'ayssccpresultsexportfile' AJAX action. This makes it possible for unauthenticated...
CVE-2025-14159 Secure Copy Content Protection and Content Locking <= 4.9.2 - Cross-Site Request Forgery to Data Export
The Secure Copy Content Protection and Content Locking plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.9.2. This is due to missing nonce validation on the 'ayssccpresultsexportfile' AJAX action. This makes it possible for unauthenticated...
CVE-2025-48511
Improper input validation within AMD uprof can allow a local attacker to write to an arbitrary physical address, potentially resulting in crash or denial of service...
EUVD-2025-198997
Improper input validation within AMD uprof can allow a local attacker to write to an arbitrary physical address, potentially resulting in crash or denial of service...
CVE-2025-48511
Improper input validation within AMD uprof can allow a local attacker to write to an arbitrary physical address, potentially resulting in crash or denial of service...
EUVD-2020-28593
Malware in sbrugna...
SUSE CVE-2022-50320
In the Linux kernel, the following vulnerability has been resolved: ACPI: tables: FPDT: Don't call acpiosmapmemory on invalid phys address On a Packard Bell Dot SC Intel Atom N2600 model there is a FPDT table which contains invalid physical addresses, with high bits set which fall outside the ran...
CVE-2022-50320
The CVE-2022-50320 issue is a Linux kernel ACPI FPDT FPDT table bug where invalid physical addresses trigger ioremap warnings and an oops. The root cause is calling acpi_os_map_memory() on an invalid phys address; a fix adds a validation step to prevent mapping invalid addresses. The description ...
Linux Distros Unpatched Vulnerability : CVE-2021-28039
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Linux kernel 5.9.x through 5.11.3, as used with Xen. In some less-common configurations, an x86 PV guest OS user can crash a Dom0...
CVE-2020-11230
Potential arbitrary memory corruption when the qseecom driver updates ion physical addresses in the buffer as it exposes a physical address to user land in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile...
The Slow-Burn Nightmare of the National Public Data Breach
Social Security numbers, physical addresses, and more—all available online. After months of confusion, leaked information from a background-check firm underscores the long-term risks of data breaches...
CVE-2021-47277 kvm: avoid speculation-based attacks from out-of-range memslot accesses
In the Linux kernel, the following vulnerability has been resolved: kvm: avoid speculation-based attacks from out-of-range memslot accesses KVM's mechanism for accessing guest memory translates a guest physical address gpa to a host virtual address using the right-shifted gpa also known as gfn an...