198 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: bpf: Correctly track subprogram poke descriptors and fix use-after-free Subprograms call mappoketrack, but during program release, there is no hook to call mappokeuntrack. However, during program release, the auxiliary memory and...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: BPF: Do not use tnumrange for array range checking when dealing with poke descriptors. Hsin-Wei reported a KASAN issue triggered by their BPF runtime fuzzer, which is based on a custom syzkaller: - BUG: KASAN: Out-of-bounds...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: s390/bpf: Fixed bpfarchtextpoke when newaddr == NULL The commit 7ded842b356d “s390/bpf: Fixed bpfplt pointer arithmetic” accidentally removed the critical portion of the commit c730fce7c70c “s390/bpf: Fixed bpfarchtextpoke when...
kernel: bpf: Don't use tnum_range on array range checking for poke descriptors
In the Linux kernel, the following vulnerability has been resolved: bpf: Don't use tnumrange on array range checking for poke descriptors Hsin-Wei reported a KASAN splat triggered by their BPF runtime fuzzer which is based on a customized syzkaller: BUG: KASAN: slab-out-of-bounds in...
kernel: bpf: Don't use tnum_range on array range checking for poke descriptors
In the Linux kernel, the following vulnerability has been resolved: bpf: Don't use tnumrange on array range checking for poke descriptors Hsin-Wei reported a KASAN splat triggered by their BPF runtime fuzzer which is based on a customized syzkaller: BUG: KASAN: slab-out-of-bounds in...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001819)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001819 advisory. arch/s390/kernel/ptrace.c in the Linux kernel before 3.15.8 on the s390 platform does not properly restrict address-space control operations in PTRACEPOKEUSRAREA...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992712)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992712 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf: Don't use tnumrange on array range checking for poke descriptors Hsin-Wei reported a KASAN...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992341)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992341 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf: Don't use tnumrange on array range checking for poke descriptors Hsin-Wei reported a KASAN...
kernel: bpf: Don't use tnum_range on array range checking for poke descriptors
In the Linux kernel, the following vulnerability has been resolved: bpf: Don't use tnumrange on array range checking for poke descriptors Hsin-Wei reported a KASAN splat triggered by their BPF runtime fuzzer which is based on a customized syzkaller: BUG: KASAN: slab-out-of-bounds in...
CLSA-2025-1763734783 kernel: Fix of 64 CVEs
media: bttv: fix use after free error due to btv-timeout timer CVE-2023-52847 - firmware: armscpi: Ensure scpiinfo is not assigned if the probe fails CVE-2022-50087 - wifi: mwifiex: Fix OOB and integer underflow when rx packets CVE-2023-53226 - vsock: Fix transport TOCTOU CVE-2025-38461 - ALSA:...
EUVD-2025-141272
Malicious code in irfan-poke11 npm...
Malicious code in hitachi-poke61 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fdc73eec9c506b9aa0ff35e129cc0a2d92be5add5397966b1a60c033ef3567de This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in koko-poke13 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 10f99ad31ed4279b2b152f3f5307d8961ede4dbcb570c028125297fd41117916 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-174532 Malicious code in hakim-poke20 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6f2381d00a7117cc3142bbe724c53b4998461f9de697ecc036a3080d60dbe3dd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in inul-poke8 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 17836f53d27b300f8d078df2a2c7688d828f15c6da3c68073804cf93596cfc24 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in indah-poke9 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9544fdba89c7e3180015c23aa350c30b8125e9d1ec6f12e84be7c61531cc1021 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-179393 Malicious code in zaskia-poke19 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4e60805a0c68674324abbb0da039994c1cec48cec1b631780261d7defcd25b40 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in sumpel-poke4 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f21222db2cc2bdb0b475fda6abeb8f23dcffc9c5067fe507b167732993053b0d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-141697
Malicious code in haritono-poke8 npm...
EUVD-2025-141581
Malicious code in hitachi-poke60 npm...