43 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-54217
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Revert drm/msm: Add missing check and destroy for allocorderedworkqueue This reverts commit 643b7d0869cc7f1f7a5ac7ca6bd25d88f54e31d0. A recent patch that tried ...
EUVD-2025-203717
In the Linux kernel, the following vulnerability has been resolved: s390: Disable ARCHWANTOPTIMIZEHUGETLBVMEMMAP As reported by Luiz Capitulino enabling HVO on s390 leads to reproducible crashes. The problem is that kernel page tables are modified without flushing corresponding TLB entries. Even ...
USN-7894-2: EDK II regression
USN-7894-1 fixed vulnerabilities in EDK II. The update introduced a regression in the UEFI network boot. This update reverts the corresponding fixes for CVE-2023-45236 and CVE-2023-45237 pending further investigation. We apologize for the inconvenience. Original advisory details: It was discovere...
EUVD-2025-28133
Malicious code in bioql PyPI...
Debian's cpio contains a path traversal vulnerability. This issue was introduced by reverting CVE-2015-1197 patches which had caused a regression in --no-absolute-filenames. Upstream has since provided a proper fix to --no-absolute-filenames.
...
First-Spammed, First-Served: MEV Extraction on Fast-Finality Blockchains
This research analyzes the economics of spam-based arbitrage strategies on fast-finality blockchains. We begin by theoretically demonstrating that, splitting a profitable MEV opportunity into multiple small transactions is the optimal strategy for CEX-DEX arbitrageurs. We then empirically validat...
CVE-2024-29895
Cacti provides an operational monitoring and fault management framework. A command injection vulnerability on the 1.3.x DEV branch allows any unauthenticated user to execute arbitrary command on the server when registerargcargv option of PHP is On. In cmdrealtime.php line 119, the $pollerid used ...
CVE-2024-53127 Revert "mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K"
In the Linux kernel, the following vulnerability has been resolved: Revert "mmc: dwmmc: Fix IDMAC operation with pages bigger than 4K" The commit 8396c793ffdf "mmc: dwmmc: Fix IDMAC operation with pages bigger than 4K" increased the maxreqsize, even for 4K pages, causing various issues: - Panic...
CVE-2024-49980 vrf: revert "vrf: Remove unnecessary RCU-bh critical section"
In the Linux kernel, the following vulnerability has been resolved: vrf: revert "vrf: Remove unnecessary RCU-bh critical section" This reverts commit 504fc6f4f7f681d2a03aa5f68aad549d90eab853. devqueuexmitnit is expected to be called with BH disabled. devqueuexmit has the following: / Disable soft...
A memory leak in the nfp_abm_u32_knode_replace() function in drivers/net/ethernet/netronome/nfp/abm/cls.c in the Linux kernel before 5.3.6 allows attackers to cause a denial of service (memory consumption) aka CID-78beef629fd9. NOTE: This has been argued as not a valid vulnerability. The upstream commit 78beef629fd9 was reverted
...
CVE-2024-36944
In the Linux kernel, the following vulnerability has been resolved: Reapply "drm/qxl: simplify qxlfencewait" This reverts commit 07ed11afb68d94eadd4ffc082b97c2331307c5ea. Stephen Rostedt reports: "I went to run my tests on my VMs and the tests hung on boot up. Unfortunately, the most I ever got o...
USN-6728-2 squid regression
USN-6728-1 fixed vulnerabilities in Squid. The fix for CVE-2023-5824 caused Squid to crash in certain environments on Ubuntu 20.04 LTS. The problematic fix has been reverted pending further investigation. We apologize for the inconvenience. Original advisory details: Joshua Rogers discovered that...
PT-2025-46749
Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description A flaw exists in the Linux kernel's IPMI driver related to message handling. A reverted patch intended to fix a message stack issue when IPMI is disconnected introduces a potential for a...
CVE-2023-52564
In the Linux kernel, the following vulnerability has been resolved: Revert "tty: ngsm: fix UAF in gsmcleanupmux" This reverts commit 9b9c8195f3f0d74a826077fc1c01b9ee74907239. The commit above is reverted as it did not solve the original issue. gsmcleanupmux tries to free up the virtual ttys by...
PT-2024-14589 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved by reverting a commit that introduced a race condition, potentially causing system hangs. The issue occurred in the md/raid5 modul...
java security update
CentOS Errata and Security Advisory CESA-2024:0223 An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detail...
SUSE CVE-2023-7207
Debian's cpio contains a path traversal vulnerability. This issue was introduced by reverting CVE-2015-1197 patches which had caused a regression in --no-absolute-filenames. Upstream has since provided a proper fix to --no-absolute-filenames...
Some tokens may revert when zero value transfers are made
Lines of code 356, 371, 145, 272, 252, 116, 445, 374, 506, 488https://github.com/Tapioca-DAO/tap-token-audit/blob/59749be5bc2286f0bdbf59d7ddc258ddafd49a9f/contracts/options/TapiocaOptionBroker...
Ocean.doMultipleInteractions() cannot wrap ether
Lines of code Vulnerability details Bug Description doMultipleInteractions in Ocean.sol attempts to wrap ether but reverts due to a logical error. The internal helper function, doMultipleInteractions, includes the following: if msg.value != 0 balanceDeltas.increaseBalanceDeltaWRAPPEDETHERID,...
Missing store revert in case of swap error can lead to loss of funds
Lines of code Vulnerability details Impact The module is expected to have no state changes in case a swap failed, and continue to the conversion phase. It was implemented by swallowing the error with a log and continuing with the flow erc20 conversion, etc. This is the relevant code section:...