DEBIAN-CVE-2025-40290

In the Linux kernel, the following vulnerability has been resolved: xsk: avoid data corruption on cq descriptor number Since commit 30f241fcf52a "xsk: Fix immature cq descriptor production", the descriptor number is stored in skb control block and xskcqsubmitaddrlocked relies on it to put the ume...

UBUNTU-CVE-2025-40302

In the Linux kernel, the following vulnerability has been resolved: media: videobuf2: forbid removebufs when legacy fileio is active vb2ioctlremovebufs call manipulates queue internal buffer list, potentially overwriting some pointers used by the legacy fileio access mode. Forbid that ioctl when...

CVE-2022-50583

CVE-2022-50583 relates to the Linux kernel, specifically a bug in md/raid0 and raid10 where discard sector handling could export an incorrect max_discard_sectors for mixed rotational/SSD configurations. The issue could trigger warning logs in __blkdev_issue_discard when invoking discard IOs (e.g....

CVE-2022-50583 md/raid0, raid10: Don't set discard sectors for request queue

In the Linux kernel, the following vulnerability has been resolved: md/raid0, raid10: Don't set discard sectors for request queue It should use diskstacklimits to get a proper maxdiscardsectors rather than setting a value by stack drivers. And there is a bug. If all member disks are rotational...

CVE-2025-40302 media: videobuf2: forbid remove_bufs when legacy fileio is active

In the Linux kernel, the following vulnerability has been resolved: media: videobuf2: forbid removebufs when legacy fileio is active vb2ioctlremovebufs call manipulates queue internal buffer list, potentially overwriting some pointers used by the legacy fileio access mode. Forbid that ioctl when...

CVE-2025-40302

In the Linux kernel, the following vulnerability has been resolved: media: videobuf2: forbid removebufs when legacy fileio is active vb2ioctlremovebufs call manipulates queue internal buffer list, potentially overwriting some pointers used by the legacy fileio access mode. Forbid that ioctl when...

CVE-2025-40302

CVE-2025-40302 is a Linux kernel issue in the media: videobuf2 path where vb2_ioctl_remove_bufs could affect the queue state when legacy fileio is active. The fix forbids the remove_bufs ioctl if fileio is active to protect internal queue pointers across read/write calls, preventing potential cor...

CVE-2025-40290

In the Linux kernel, the following vulnerability has been resolved: xsk: avoid data corruption on cq descriptor number Since commit 30f241fcf52a "xsk: Fix immature cq descriptor production", the descriptor number is stored in skb control block and xskcqsubmitaddrlocked relies on it to put the ume...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from disabling removebufs when legacy fileio is active, which could lead to corruption of the internal state of the...

CVE-2025-64081

SQL injection vulnerability in /php/apipatientschedule.php in SourceCodester Patients Waiting Area Queue Management System v1 allows attackers to execute arbitrary SQL commands via the appointmentID parameter...

Linux Distros Unpatched Vulnerability : CVE-2023-53748

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: mediatek: vcodec: Fix potential array out-of-bounds in decoder queuesetup variable nplanes is provided by user via system call argument. The possible val...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the hwq-cqlock deadlock issue, which could cause the system to hang...

SourceCodester Patients Waiting Area Queue Management System SQL注入漏洞

SourceCodester Patients Waiting Area Queue Management System is SourceCodester open source a patient waiting area queue management system. SourceCodester Patients Waiting Area Queue Management System v1 version exists SQL injection vulnerability , the vulnerability stems from /...

CVE-2025-64081

CVE-2025-64081 is a SQL injection in SourceCodester’s Patients Waiting Area Queue Management System v1, affecting the file /php/api_patient_schedule.php via the appointmentID parameter. The root cause is improper input validation/sanitization, enabling attackers to execute arbitrary SQL commands....

PT-2025-49434

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s videobuf2 subsystem. The vb2 ioctl remove bufs function can manipulate the internal buffer list of a queue, potentially overwriting pointers used when...

Oracle Linux 10 : kernel (ELSA-2025-22395)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-22395 advisory. - mm/memory-failure: fix VMBUGONPAGEPagePoisonedpage when unpoison memory CKI Backport Bot RHEL-119161 CVE-2025-39883 - nfsd: handle getclientlocked...

Linux Distros Unpatched Vulnerability : CVE-2025-40302

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: videobuf2: forbid removebufs when legacy fileio is active vb2ioctlremovebufs call manipulates queue internal buffer list, potentially overwriting some...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not properly freeing the work queue of a background tracker, which could lead to a memory leak...

RLSA-2025:22395 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: ublk: make sure ubq-canceling is set when queue is frozen CVE-2025-22068 kernel: nfsd: handle getclientlocked failure in nfsd4setclientidconfirm CVE-2025-38724 kernel: mm/memory-failure:...

RockyLinux 10 : kernel (RLSA-2025:22395)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:22395 advisory. kernel: ublk: make sure ubq-canceling is set when queue is frozen CVE-2025-22068 kernel: nfsd: handle getclientlocked failure in nfsd4setclientidconfir...