Moderate: Red Hat Security Advisory: kernel-rt security update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

ALSA-2025:11299 Moderate: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: cifs: potential buffer overflow in handling symlinks CVE-2022-49058 kernel: media: uvcvideo: Remove dangling pointers CVE-2024-580...

AlmaLinux 8 : kernel-rt (ALSA-2025:11299)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:11299 advisory. kernel: cifs: potential buffer overflow in handling symlinks CVE-2022-49058 kernel: media: uvcvideo: Remove dangling pointers CVE-2024-58002 kernel: medi...

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: cifs: potential buffer overflow in handling symlinks CVE-2022-49058 kernel: media: uvcvideo: Remove dangling pointers CVE-2024-58002 kernel: media: uvcvideo: Fix double free in error path...

ALSA-2025:11298 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: cifs: potential buffer overflow in handling symlinks CVE-2022-49058 kernel: media: uvcvideo: Remove dangling pointers CVE-2024-58002 kernel: media: uvcvideo: Fix double free in error path...

SQLite < 3.50.3 -- CWE-190 Integer Overflow or Wraparound in FTS5 module

https://github.com/google/security-research/security/advisories/GHSA-v2c8-vqqp-hv3g reports: An integer overflow exists in the FTS5 https://sqlite.org/fts5.html extension. It occurs when the size of an array of tombstone pointers is calculated and truncated into a 32-bit integer. A pointer to...

CVE-2025-7029

A vulnerability in the Software SMI handler SwSmiInputValue 0xB2 allows a local attacker to control the RBX register, which is used to derive pointers OcHeader, OcData passed into power and thermal configuration logic. These buffers are not validated before performing multiple structured memory...

bpf: consider that tail calls invalidate packet pointers

...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a failure to check raw node preallocations resulting in null pointer dereferences...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from usb acpi not checking for hub pointers, which could lead to null pointer dereferencing...

PT-2025-35964

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the pNFS block/scsi layout implementation. The issue arises from a dereference of uninitialized pointers within the ext tree free commitdata function...

📄 libxslt xsltParseStylesheetProcess Use-After-Free

There is a use-after-free issue in libxslt read on a namespace URL stored in exclPrefixTab. The issue was reproduced on the latest Git version. The proof of concept and ASAN log are provided at the end of the report. There is a use-after-free issue in libxslt read on a namespace URL stored in...

UBUNTU-CVE-2022-50129

In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Fix a use-after-free Change the LIO port members inside struct srptport from regular members into pointers. Allocate the LIO port data structures from inside srptmaketport and free these from inside srptmaketport. Keep...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from dw-axi-dmac printing null LLI pointers...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the presence of a race condition in binder that could lead to reuse of referenced proc pointers after release...

wasmtime_jit_debug Dumps Undefined Memory by `JitDumpFile`

The unsound function dumpcodeloadrecord uses fromrawparts to directly convert the pointer addr and len into a slice without any validation and that memory block would be dumped. Thus, the 'safe' function dumpcodeloadrecord is actually 'unsafe' since it requires the caller to guarantee that the ad...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: sockmap, vsock: For connectible sockets allow only connected sockmap expects all vsocks to have a transport assigned, which is expressed in vsockproto::psockupdateskprot. However, there is an edge case where an unconnected...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: usb: typec: class: Fix NULL pointer access Concurrent calls to typecpartnerunlinkdevice can lead to a NULL pointer dereference. This patch adds a mutex to protect USB device pointers and prevent this issue. The same mutex protect...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: USB: Type-C: Class – Invalidate USB device pointers when the partner disregisters To avoid using invalid USB device pointers after a Type-C partner disconnects, this patch clears the pointers upon the partner’s disregistration...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: drm/xe/hmm: Do not dereference struct page pointers without holding the notifier lock. The pnfs that we obtain from hmmrangefault point to pages that we do not own. The guarantee that these pages are still in the CPU page tabl...