PT-2026-36458

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the qrtr tx flow component. The radix tree create function allocates and links intermediate nodes into the tree sequentially. If a subsequent allocation fails,...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013863)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013863 advisory. In the Linux kernel, the following vulnerability has been resolved: cachefiles: add missing lock protection when polling Add missing lock protection in poll routine...

org.webjars.npm:listhen (=1.0.1), org.webjars.npm:radix-vue (=1.9.17) +5 more potentially affected by CVE-2026-35209 via org.webjars.npm:defu (=6.1.4)

org.webjars.npm:defu MAVEN version =6.1.4 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.npm:defu and may be impacted: - org.webjars.npm:listhen =1.0.1 - org.webjars.npm:radix-vue =1.9.17 - org.webjars.npm:rc9 =2.0.0, =0.52.1, =0.52.3 Sour...

Siemens SIMATIC S7-1500 Use After Free (CVE-2025-38212)

In the Linux kernel, the following vulnerability has been resolved: ipc: fix to protect IPCS lookups using RCU syzbot reported that it discovered a use-after-free vulnerability, 0 0: https://lore.ke rnel.org/all/[email protected]/ idrforeach is protected by rwsem, but th...

[SECURITY] Fedora 43 Update: kiss-fft-131.2.0-1.fc43

KISS FFT - A mixed-radix Fast Fourier Transform based on the principle, "Keep It Simple, Stupid." There are many great fft libraries already around. Kiss FFT is not trying to be better than any of them. It only attempts to be a reasonably efficient, moderately useful FFT that can use fixed or...

[SECURITY] Fedora 44 Update: kiss-fft-131.2.0-1.fc44

KISS FFT - A mixed-radix Fast Fourier Transform based on the principle, "Keep It Simple, Stupid." There are many great fft libraries already around. Kiss FFT is not trying to be better than any of them. It only attempts to be a reasonably efficient, moderately useful FFT that can use fixed or...

ROS-20260112-7305

A vulnerability in the genradixiterpeek function of the include/linux/generic-radix-tree.h module of the Linux operating system kernel is related to integer overflow. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Malicious Package

Overview radix-ui-react-modal is a malicious package. This package contains malicious code associated with a social engineering campaign called "Contagious Interview." The attackers target developers through fake job interviews or coding test assignments that require the installation of this...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990897)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990897 advisory. In the Linux kernel, the following vulnerability has been resolved: lib/generic-radix-tree.c: Fix rare race in genradixptralloc If we need to increase the tree depth...

EUVD-2024-2867

Malicious code in bioql PyPI...

kernel: tipc: Fix use-after-free in tipc_conn_close()

In the Linux kernel, the following vulnerability has been resolved: tipc: Fix use-after-free in tipcconnclose. syzbot reported a null-ptr-deref in tipcconnclose during netns dismantle. 0 tipctopsrvstop iterates tipcnetnet-topsrv-connidr and calls tipcconnclose for each tipcconn. The problem is th...

lib/generic-radix-tree.c: Don't overflow in peek()

...

Linux Distros Unpatched Vulnerability : CVE-2025-38464

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tipc: Fix use-after-free in tipcconnclose. syzbot reported a null-ptr-deref in tipcconnclose during netns dismantle. 0 tipctopsrvstop iterates...

Malicious code in test-mlw2-radix-yrivd (npm)

The package test-mlw2-radix-yrivd was found to contain malicious code...

MAL-2025-36077 Malicious code in test-mlw2-radix-yrivd (npm)

The package test-mlw2-radix-yrivd was found to contain malicious code...

Selective KV-Cache Sharing to Mitigate Timing Side-Channels in LLM Inference

Global KV-cache sharing has emerged as a key optimization for accelerating large language model LLM inference. However, it exposes a new class of timing side-channel attacks, enabling adversaries to infer sensitive user inputs via shared cache entries. Existing defenses, such as per-user isolatio...

Linux Distros Unpatched Vulnerability : CVE-2025-37922

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: book3s64/radix : Align section vmemmap start address to PAGESIZE A vmemmap altmap is a...

Linux Distros Unpatched Vulnerability : CVE-2021-47034

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Fix pte update for kernel memory on radix When adding a PTE a ptesync is needed...

book3s64/radix : Align section vmemmap start address to PAGE_SIZE

...

SUSE CVE-2025-38212

In the Linux kernel, the following vulnerability has been resolved: ipc: fix to protect IPCS lookups using RCU syzbot reported that it discovered a use-after-free vulnerability, 0 0: https://lore.kernel.org/all/[email protected]/ idrforeach is protected by rwsem, but thi...