Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not checking the cx23885riscbuffer return value and the risc-cpu value, which could lead to a null pointer...

CVE-2025-56571

Finance.js v4.1.0 is affected by a DoS via the IRR() function (depth parameter) and via seekZero(), causing excessive CPU usage that can stall or crash applications. The root cause is improper handling of recursion/iteration limits. Exploitation status is not detailed in the provided documents. R...

NewStart CGSL MAIN 6.06 : cups Multiple Vulnerabilities (NS-SA-2025-0218)

The remote NewStart CGSL host, running version MAIN 6.06, has cups packages installed that are affected by multiple vulnerabilities: - ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to...

AZL-68073 CVE-2025-9648 affecting package ceph for versions less than 18.2.2-11

A vulnerability in the CivetWeb library's function mghandleformrequest allows remote attackers to trigger a denial of service DoS condition. By sending a specially crafted HTTP POST request containing a null byte in the payload, the server enters an infinite loop during form data parsing. Multipl...

IBM License Metric Tool 访问控制错误漏洞

The IBM License Metric Tool is a free tool from International Business Machines IBM that helps IBM Passport Advantage Software Upgrade and Support Services customers determine their Processor Value Unit PVU licensing needs. An Access Control Error vulnerability exists in IBM License Metric Tool...

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: nfsd: don't ignore the return code of svcprocregister CVE-2025-22026 kernel: netsched: hfsc: Fix a UAF vulnerability in class handling CVE-2025-37797 kernel: firmware: armscpi: Ensure...

ROS-20250929-10

Intel processor firmware vulnerability is linked to information disclosure. Exploitation exploitation of the vulnerability could allow an intruder to gain unauthorized access to protected information...

ROS-20250929-09

AMD processor firmware vulnerability is related to insufficient protection of service data. data. Exploitation of the vulnerability could allow an intruder to disclose protected information AMD processor firmware vulnerability is related to insufficient protection of service data. data...

ACPI: CPPC: Use access_width over bit_width for system memory accesses

...

CVE-2025-11042 Allocation of Resources Without Limits or Throttling in GitLab

An issue was discovered in GitLab CE/EE affecting all versions starting from 17.2 before 18.2.7, 18.3 before 18.3.3, and 18.4 before 18.4.1, that allows an attacker to cause uncontrolled CPU consumption, potentially leading to a Denial of Service DoS condition while using specific GraphQL queries...

USN-7775-2: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA...

Ubuntu Pro FIPS-updates 22.04 LTS : Linux kernel (Azure FIPS) vulnerabilities (USN-7775-1)

The remote Ubuntu Pro FIPS-updates 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7775-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...

Smart Medical IoT Security Vulnerabilities: Real-Time MITM Attack Analysis, Lightweight Encryption Implementation, and Practitioner Perceptions in Underdeveloped Nigerian Healthcare Systems

The growing use of Internet of Things IoT technologies in Nigerian healthcare offers potential improvements in remote monitoring and data-driven care, but unsecured wireless communication in medical IoT mIoT devices exposes patient data to cyber threats. This study investigates such vulnerabiliti...

USN-7774-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA...

USN-7776-1 linux-oracle-5.15 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA...

USN-7776-1: Linux kernel (Oracle) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA...

USN-7775-1: Linux kernel (Azure FIPS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA...

USN-7774-3: Linux kernel (Real-time) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA...

USN-7774-2: Linux kernel (FIPS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA...

CVE-2025-5717

An authenticated remote code execution RCE vulnerability exists in multiple WSO2 products due to improper input validation in the event processor admin service. A user with administrative access to the SOAP admin services can exploit this flaw by deploying a Siddhi execution plan containing...