247 matches found
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987133)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987133 advisory. In the Linux kernel, the following vulnerability has been resolved: net/mlx4en: Fix an use-after-free bug in mlx4entryallocresources In mlx4entryallocresources,...
EUVD-2022-47955
Malicious code in bioql PyPI...
CVE-2025-39925
In the Linux kernel, the following vulnerability has been resolved: can: j1939: implement NETDEVUNREGISTER notification handler syzbot is reporting unregisternetdevice: waiting for vcan0 to become free. Usage count = 2 problem, for j1939 protocol did not have NETDEVUNREGISTER notification handler...
CVE-2025-39925 can: j1939: implement NETDEV_UNREGISTER notification handler
In the Linux kernel, the following vulnerability has been resolved: can: j1939: implement NETDEVUNREGISTER notification handler syzbot is reporting unregisternetdevice: waiting for vcan0 to become free. Usage count = 2 problem, for j1939 protocol did not have NETDEVUNREGISTER notification handler...
UBUNTU-CVE-2022-50390
In the Linux kernel, the following vulnerability has been resolved: drm/ttm: fix undefined behavior in bit shift for TTMTTFLAGPRIVPOPULATED Shifting signed 32-bit value by 31 bits is undefined, so changing significant bit to unsigned. The UBSAN warning calltrace like below: UBSAN:...
CVE-2022-50390
In the Linux kernel, the following vulnerability has been resolved: drm/ttm: fix undefined behavior in bit shift for TTMTTFLAGPRIVPOPULATED Shifting signed 32-bit value by 31 bits is undefined, so changing significant bit to unsigned. The UBSAN warning calltrace like below: UBSAN:...
CVE-2022-50390
The CVE-2022-50390 issue is in the Linux kernel DRM TTM code. It fixes an undefined behavior when shifting a signed 32-bit value by 31 bits in TTM_TT_FLAG_PRIV_POPULATED, by changing the operation to unsigned to avoid UBSAN/shift-out-of-bounds warnings observed during framebuffer/VM operations. T...
CVE-2022-50245
CVE-2022-50245 concerns a Linux kernel issue in the rapidio driver where a UAF can occur if kfifo_alloc() fails during mport_cdev_open(). The fix removes priv from the chdev->file_list before freeing it to prevent traversal from accessing a freed object (the smatch warning reference). Affected...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the failure to remove priv from the list when kfifoalloc fails, which could lead to reuse after release...
CVE-2025-39696
CVE-2025-39696 affects the Linux kernel ALSA HDA path for tas2781. The root cause was a wrong reference assignment during calibration data management: tasdevice_priv was set to h->hda_priv instead of h->priv, causing memory corruption and crashes due to a void pointer. The issue is resolved...
PT-2025-36290
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel related to the ALSA subsystem and the tas2781 driver. A wrong reference to tasdevice priv was set to h-hda priv instead of h-priv during calibration...
CVE-2025-9513 editso fuso mod.rs PenetrateRsaAndAesHandshake inadequate encryption
A flaw has been found in editso fuso up to 1.0.4-beta.7. This affects the function PenetrateRsaAndAesHandshake of the file src/net/penetrate/handshake/mod.rs. This manipulation of the argument privkey causes inadequate encryption strength. Remote exploitation of the attack is possible. A high...
pam security update
1.3.1-38.0.1 - pamlimits: fix use after free in pamsmopensession Orabug: 36272695 1.3.1-38 - pamnamespace: fix potential privilege escalation. Resolves: CVE-2025-6020 and RHEL-96724...
PT-2025-40099
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel has an issue where the j1939 protocol lacked a NETDEV UNREGISTER notification handler, leading to problems when unregistering network devices. Specifically, the j1939 sk...
PT-2025-34654 · D Link · Dsl-7740C
Name of the Vulnerable Software and Affected Versions: D-Link DSL-7740C versions DSL7740C.V6.TR069.20211230 Description: An incorrect access control issue exists in the Maintenance module. Authenticated attackers with low-level privileges can arbitrarily change high-privileged account passwords a...
CVE-2025-38662
In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8365-dai-i2s: pass correct size to mt8365daisetpriv Given mt8365daisetpriv allocate privsize space to copy privdata which means we should pass mt8365i2sprivi or "struct mtkafei2spriv" instead of afepriv which ha...
CVE-2025-38662
In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8365-dai-i2s: pass correct size to mt8365daisetpriv Given mt8365daisetpriv allocate privsize space to copy privdata which means we should pass mt8365i2sprivi or "struct mtkafei2spriv" instead of afepriv which ha...
UBUNTU-CVE-2025-38662
In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8365-dai-i2s: pass correct size to mt8365daisetpriv Given mt8365daisetpriv allocate privsize space to copy privdata which means we should pass mt8365i2sprivi or "struct mtkafei2spriv" instead of afepriv which ha...
CVE-2025-38662
CVE-2025-38662 in the Linux kernel affects the ASoC Mediatek mt8365 PCM/DAI code. The issue arises in mt8365_dai_set_priv where priv_size is allocated for the destination, but the code passes afe_priv (the size of struct mt8365_afe_private) instead of the correct priv structure (mt8365_i2s_priv[i...
CVE-2025-38662
In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8365-dai-i2s: pass correct size to mt8365daisetpriv Given mt8365daisetpriv allocate privsize space to copy privdata which means we should pass mt8365i2sprivi or "struct mtkafei2spriv" instead of afepriv which ha...