221 matches found
Fedora 43 : xen (2025-873ad6df70)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-873ad6df70 advisory. Rebuilt for Python 3.14.0rc3 bytecode ---- Mutiple vulnerabilities in the Viridian interface XSA-472, CVE-2025-27466, CVE-2025-58142, CVE-2025-58143...
Fedora 41 : xen (2025-643cc72c6f)
The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-643cc72c6f advisory. Mutiple vulnerabilities in the Viridian interface XSA-472, CVE-2025-27466, CVE-2025-58142, CVE-2025-58143 Arm issues with page refcounting XSA-473,...
Linux Distros Unpatched Vulnerability : CVE-2022-50417
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/panfrost: Fix GEM handle creation ref-counting panfrostgemcreatewithhandle previously returned a BO but with the only reference being from the handle, which...
Fedora 42 : xen (2025-7a1f93f58a)
The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-7a1f93f58a advisory. Mutiple vulnerabilities in the Viridian interface XSA-472, CVE-2025-27466, CVE-2025-58142, CVE-2025-58143 Arm issues with page refcounting XSA-473,...
Linux Distros Unpatched Vulnerability : CVE-2025-39764
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: ctnetlink: remove refcounting in expectation dumpers Same pattern as previous patch: do not keep the expectation object alive via refcount, only stor...
netfilter: ctnetlink: remove refcounting in expectation dumpers
...
SUSE CVE-2025-39764
In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: remove refcounting in expectation dumpers Same pattern as previous patch: do not keep the expectation object alive via refcount, only store a cookie value and then use that as the skip hint for dump...
CVE-2025-39764
In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: remove refcounting in expectation dumpers Same pattern as previous patch: do not keep the expectation object alive via refcount, only store a cookie value and then use that as the skip hint for dump...
AZL-67160 CVE-2025-39764 affecting package kernel 6.6.126.1-1
In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: remove refcounting in expectation dumpers Same pattern as previous patch: do not keep the expectation object alive via refcount, only store a cookie value and then use that as the skip hint for dump...
DEBIAN-CVE-2025-39764
In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: remove refcounting in expectation dumpers Same pattern as previous patch: do not keep the expectation object alive via refcount, only store a cookie value and then use that as the skip hint for dump...
CVE-2025-39764
In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: remove refcounting in expectation dumpers Same pattern as previous patch: do not keep the expectation object alive via refcount, only store a cookie value and then use that as the skip hint for dump...
CVE-2025-39764
The CVE-2025-39764 entry concerns a Linux kernel netfilter issue: ctnetlink path dumpers initially kept an expectation object alive via refcounting, risking a refcounting bug (double-increment) when exp == last, leading to a memory leak. The patch removes refcounting for the expectation object an...
CVE-2025-39764 netfilter: ctnetlink: remove refcounting in expectation dumpers
In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: remove refcounting in expectation dumpers Same pattern as previous patch: do not keep the expectation object alive via refcount, only store a cookie value and then use that as the skip hint for dump...
CVE-2025-39764 netfilter: ctnetlink: remove refcounting in expectation dumpers
In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: remove refcounting in expectation dumpers Same pattern as previous patch: do not keep the expectation object alive via refcount, only store a cookie value and then use that as the skip hint for dump...
CVE-2025-58145 Arm issues with page refcounting
This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. There are two issues related to the mapping of pages belonging to other domains: For one, an assertion is wrong there, where the case actually needs handling. A NULL...
CVE-2025-58144
CVE-2025-58144 affects the Xen hypervisor; a vulnerability in mapping pages from other domains can cause a NULL pointer dereference, potentially on a release build. The record also notes a related issue (CVE-2025-58145) about the P2M lock and domain boundary integrity, but the provided documents ...
Arm issues with page refcounting
ISSUE DESCRIPTION There are two issues related to the mapping of pages belonging to other domains: For one, an assertion is wrong there, where the case actually needs handling. A NULL pointer de-reference could result on a release build. This is CVE-2025-58144. And then the P2M lock isn't held...
PT-2025-46759
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel has a flaw in how user message limits are handled within the Intelligent Platform Management Interface IPMI. The existing implementation had issues with incorrect messag...
PT-2025-37222
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The netfilter component in the Linux kernel contains an issue in the ctnetlink module related to expectation dumpers. A flaw exists where the refcount of an expectation object may be...
CVE-2025-37804
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...