22 matches found
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006676)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006676 advisory. In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Don't dereference ACPI root object handle Since the commit referenced in the...
UBUNTU-CVE-2025-71184
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix NULL dereference on root when tracing inode eviction When evicting an inode the first thing we do is to setup tracing for it, which implies fetching the root's id. But in btrfsevictinode the root might be NULL, as...
CVE-2025-71184
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix NULL dereference on root when tracing inode eviction When evicting an inode the first thing we do is to setup tracing for it, which implies fetching the root's id. But in btrfsevictinode the root might be NULL, as...
CVE-2025-71184 btrfs: fix NULL dereference on root when tracing inode eviction
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix NULL dereference on root when tracing inode eviction When evicting an inode the first thing we do is to setup tracing for it, which implies fetching the root's id. But in btrfsevictinode the root might be NULL, as...
CVE-2025-71184
CVE-2025-71184 affects the Linux kernel’s btrfs subsystem. The issue is a NULL dereference in btrfs_evict_inode() when tracing inode eviction because the root may be NULL. The fix ensures root is treated as 0 or delays tracing until the root is non-NULL, preventing a NULL dereference during evict...
CVE-2025-71184 btrfs: fix NULL dereference on root when tracing inode eviction
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix NULL dereference on root when tracing inode eviction When evicting an inode the first thing we do is to setup tracing for it, which implies fetching the root's id. But in btrfsevictinode the root might be NULL, as...
Denial-of-service (DoS)
pypdf is vulnerable to denial-of-service DoS. The vulnerability is due to improper handling of PDFs missing the /Root object with a large /Size value in non-strict parsing mode, which allows an attacker to craft an invalid PDF that triggers excessively long runtimes...
CVE-2026-22690
pypdf is a free and open-source pure-python PDF library. Prior to version 6.6.0, pypdf has possible long runtimes for missing /Root object with large /Size values. An attacker who uses this vulnerability can craft a PDF which leads to possibly long runtimes for actually invalid files. This can be...
CVE-2026-22690
pypdf is a free and open-source pure-python PDF library. Prior to version 6.6.0, pypdf has possible long runtimes for missing /Root object with large /Size values. An attacker who uses this vulnerability can craft a PDF which leads to possibly long runtimes for actually invalid files. This can be...
CVE-2026-22690 pypdf has possible long runtimes for missing /Root object with large /Size values
pypdf is a free and open-source pure-python PDF library. Prior to version 6.6.0, pypdf has possible long runtimes for missing /Root object with large /Size values. An attacker who uses this vulnerability can craft a PDF which leads to possibly long runtimes for actually invalid files. This can be...
CVE-2026-22690
CVE-2026-22690 affects the Python PDF library pypdf prior to version 6.6.0. The issue allows long runtimes for malformed PDFs caused by omitting the /Root entry in the trailer while using a large /Size value; the vulnerability occurs in non-strict reading mode. The problem has been addressed and ...
EUVD-2026-1692
pypdf has possible long runtimes for missing /Root object with large /Size values...
PT-2026-2244
Name of the Vulnerable Software and Affected Versions pypdf versions prior to 6.6.0 Description pypdf is a free and open-source pure-python PDF library. Versions prior to 6.6.0 are susceptible to potential long runtimes when processing PDF files missing the /Root object but containing a large /Si...
CVE-2023-53647
In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Don't dereference ACPI root object handle Since the commit referenced in the Fixes: tag below the VMBus client driver is walking the ACPI namespace up from the VMBus ACPI device to the ACPI namespace root obje...
AZL-76413 CVE-2023-53647 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Don't dereference ACPI root object handle Since the commit referenced in the Fixes: tag below the VMBus client driver is walking the ACPI namespace up from the VMBus ACPI device to the ACPI namespace root obje...
EUVD-2025-32758
In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Don't dereference ACPI root object handle Since the commit referenced in the Fixes: tag below the VMBus client driver is walking the ACPI namespace up from the VMBus ACPI device to the ACPI namespace root obje...
CVE-2023-53647
The CVE-2023-53647 issue in the Linux kernel arises from an ACPI namespace traversal in the Hyper-V VMBus driver (hv_vmbus). If Hyper-V MMIO ranges cannot be found, the code may dereference the ACPI namespace root object (which has an all-ones handle), causing a NULL pointer dereference and an oo...
CVE-2023-53647 Drivers: hv: vmbus: Don't dereference ACPI root object handle
In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Don't dereference ACPI root object handle Since the commit referenced in the Fixes: tag below the VMBus client driver is walking the ACPI namespace up from the VMBus ACPI device to the ACPI namespace root obje...
CVE-2023-53647 Drivers: hv: vmbus: Don't dereference ACPI root object handle
In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Don't dereference ACPI root object handle Since the commit referenced in the Fixes: tag below the VMBus client driver is walking the ACPI namespace up from the VMBus ACPI device to the ACPI namespace root obje...
CVE-2023-53647
In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Don't dereference ACPI root object handle Since the commit referenced in the Fixes: tag below the VMBus client driver is walking the ACPI namespace up from the VMBus ACPI device to the ACPI namespace root obje...