CVE-2025-21947 ksmbd: fix type confusion via race condition when using ipc_msg_send_request

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix type confusion via race condition when using ipcmsgsendrequest req-handle is allocated using ksmbdacquireid&ipcida, based on idaalloc. req-handle from ksmbdipcloginrequest and FSCTLPIPETRANSCEIVE ioctl can be same and ...

CVE-2025-21941

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix null check for pipectx-planestate in resourcebuildscalingparams Null pointer dereference issue could occur when pipectx-planestate is null. The fix adds a check to ensure 'pipectx-planestate' is not null befo...

CVE-2025-21941 drm/amd/display: Fix null check for pipe_ctx->plane_state in resource_build_scaling_params

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix null check for pipectx-planestate in resourcebuildscalingparams Null pointer dereference issue could occur when pipectx-planestate is null. The fix adds a check to ensure 'pipectx-planestate' is not null befo...

CVE-2025-21896

CVE-2025-21896 affects the Linux kernel fuse readahead path. The issue arose when converting readahead to folios: folio references were dropped after locking, breaking the expected reference on ap->folios during splice operations, risking use-after-free in readpages. The fix reverts to __reada...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not checking for a null value of pipectx-planestate, which could lead to a null pointer dereference...

Exploit for Improper Initialization in Linux Linux_Kernel

Dirty...Quoi? Il s'agit de la preuve de concept de Max Kellerm...

Deserialization of Untrusted Data

Overview vllm is an A high-throughput and memory-efficient inference and serving engine for LLMs Affected versions of this package are vulnerable to Deserialization of Untrusted Data in the MooncakePipe class, which relies on pickle for serialization and deserialization in recvtensor. An attacker...

NFC: nci: Add bounds checking in nci_hci_create_pipe()

...

CVE-2024-58073

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: check dpuplaneatomicprintstate for valid sspp Similar to the rpipe sspp protect, add a check to protect the pipe state prints to avoid NULL ptr dereference for cases when the state is dumped without a corresponding...

UBUNTU-CVE-2024-58073

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: check dpuplaneatomicprintstate for valid sspp Similar to the rpipe sspp protect, add a check to protect the pipe state prints to avoid NULL ptr dereference for cases when the state is dumped without a corresponding...

CVE-2024-58073

CVE-2024-58073 affects the Linux kernel component drm/msm/dpu, where dpu_plane_atomic_print_state() could dereference NULL when the pipe state is dumped without a corresponding atomic_check() and pipe->sspp is assigned. The issue is resolved by adding a validation check for sspp in the dpu pla...

CVE-2024-58073 drm/msm/dpu: check dpu_plane_atomic_print_state() for valid sspp

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: check dpuplaneatomicprintstate for valid sspp Similar to the rpipe sspp protect, add a check to protect the pipe state prints to avoid NULL ptr dereference for cases when the state is dumped without a corresponding...

Linux Distros Unpatched Vulnerability : CVE-2024-57993

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HID: hid-thrustmaster: Fix warning in thrustmasterprobe by adding endpoint check syzbot has found a type mismatch between a USB pipe and the transfer endpoint,...

SUSE CVE-2025-21735

In the Linux kernel, the following vulnerability has been resolved: NFC: nci: Add bounds checking in ncihcicreatepipe The "pipe" variable is a u8 which comes from the network. If it's more than 127, then it results in memory corruption in the caller, ncihciconnectgate...

DEBIAN-CVE-2025-21735

In the Linux kernel, the following vulnerability has been resolved: NFC: nci: Add bounds checking in ncihcicreatepipe The "pipe" variable is a u8 which comes from the network. If it's more than 127, then it results in memory corruption in the caller, ncihciconnectgate...

UBUNTU-CVE-2025-21735

In the Linux kernel, the following vulnerability has been resolved: NFC: nci: Add bounds checking in ncihcicreatepipe The "pipe" variable is a u8 which comes from the network. If it's more than 127, then it results in memory corruption in the caller, ncihciconnectgate...

SUSE CVE-2022-49397

In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qmp: fix struct clk leak on probe errors Make sure to release the pipe clock reference in case of a late probe error e.g. probe deferral...

AZL-68757 CVE-2024-57993 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: HID: hid-thrustmaster: Fix warning in thrustmasterprobe by adding endpoint check syzbot has found a type mismatch between a USB pipe and the transfer endpoint, which is triggered by the hid-thrustmaster driver1. There is a number...

DEBIAN-CVE-2024-57993

In the Linux kernel, the following vulnerability has been resolved: HID: hid-thrustmaster: Fix warning in thrustmasterprobe by adding endpoint check syzbot has found a type mismatch between a USB pipe and the transfer endpoint, which is triggered by the hid-thrustmaster driver1. There is a number...

CVE-2024-57993

In the Linux kernel, the following vulnerability has been resolved: HID: hid-thrustmaster: Fix warning in thrustmasterprobe by adding endpoint check syzbot has found a type mismatch between a USB pipe and the transfer endpoint, which is triggered by the hid-thrustmaster driver1. There is a number...