65 matches found
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: afunix: Initialize sccindex in unixaddedge. Quang Le reported that the AFUNIX GC could garbage-collect a receive queue of an alive in-flight socket. The repro consists of three stages: 1 Create a single cyclic reference with...
LSN-0118-1: Kernel Live Patch Security Notice
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in async decryption Doing an async decryption large read crashes with a slab-use-after-free way down in the crypto API. In the Linux kernel, the following vulnerability has been resolved: padata: avoid UAF fo...
CVE-2025-40214
In the Linux kernel, the following vulnerability has been resolved: afunix: Initialise sccindex in unixaddedge. Quang Le reported that the AFUNIX GC could garbage-collect a receive queue of an alive in-flight socket, with a nice repro. The repro consists of three stages. 1 1-a. Create a single...
SUSE CVE-2025-40214
In the Linux kernel, the following vulnerability has been resolved: afunix: Initialise sccindex in unixaddedge. Quang Le reported that the AFUNIX GC could garbage-collect a receive queue of an alive in-flight socket, with a nice repro. The repro consists of three stages. 1 1-a. Create a single...
DEBIAN-CVE-2025-40214
In the Linux kernel, the following vulnerability has been resolved: afunix: Initialise sccindex in unixaddedge. Quang Le reported that the AFUNIX GC could garbage-collect a receive queue of an alive in-flight socket, with a nice repro. The repro consists of three stages. 1 1-a. Create a single...
CVE-2025-40214
In the Linux kernel, the following vulnerability has been resolved: afunix: Initialise sccindex in unixaddedge. Quang Le reported that the AFUNIX GC could garbage-collect a receive queue of an alive in-flight socket, with a nice repro. The repro consists of three stages. 1 1-a. Create a single...
CVE-2025-40214
CVE-2025-40214 is a Linux kernel vulnerability in AF_UNIX handling where unix_add_edge() fails to initialize vertex->scc_index. This allows unix_vertex_dead() to misjudge that sk-A and sk-B are in the same SCC, risking incorrect dead/GC decisions during in-flight socket GC. The repro and root ...
CVE-2025-40214 af_unix: Initialise scc_index in unix_add_edge().
In the Linux kernel, the following vulnerability has been resolved: afunix: Initialise sccindex in unixaddedge. Quang Le reported that the AFUNIX GC could garbage-collect a receive queue of an alive in-flight socket, with a nice repro. The repro consists of three stages. 1 1-a. Create a single...
CVE-2025-40214 af_unix: Initialise scc_index in unix_add_edge().
In the Linux kernel, the following vulnerability has been resolved: afunix: Initialise sccindex in unixaddedge. Quang Le reported that the AFUNIX GC could garbage-collect a receive queue of an alive in-flight socket, with a nice repro. The repro consists of three stages. 1 1-a. Create a single...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an uninitialized sccindex, which could lead to a garbage collection error...
CVE-2025-40143
In the Linux kernel, the following vulnerability has been resolved: bpf: dont report verifier bug for missing bpfsccvisit on speculative path Syzbot generated a program that triggers a verifierbug call in maybeexitscc. maybeexitscc assumes that, when called for a state with insnidx in some SCC,...
EUVD-2025-124940
In the Linux kernel, the following vulnerability has been resolved: bpf: dont report verifier bug for missing bpfsccvisit on speculative path Syzbot generated a program that triggers a verifierbug call in maybeexitscc. maybeexitscc assumes that, when called for a state with insnidx in some SCC,...
CVE-2025-40143
In the Linux kernel, the following vulnerability has been resolved: bpf: dont report verifier bug for missing bpfsccvisit on speculative path Syzbot generated a program that triggers a verifierbug call in maybeexitscc. maybeexitscc assumes that, when called for a state with insnidx in some SCC,...
UBUNTU-CVE-2025-40143
In the Linux kernel, the following vulnerability has been resolved: bpf: dont report verifier bug for missing bpfsccvisit on speculative path Syzbot generated a program that triggers a verifierbug call in maybeexitscc. maybeexitscc assumes that, when called for a state with insnidx in some SCC,...
CVE-2025-40143 bpf: dont report verifier bug for missing bpf_scc_visit on speculative path
In the Linux kernel, the following vulnerability has been resolved: bpf: dont report verifier bug for missing bpfsccvisit on speculative path Syzbot generated a program that triggers a verifierbug call in maybeexitscc. maybeexitscc assumes that, when called for a state with insnidx in some SCC,...
CVE-2025-40143
In the Linux kernel, the following vulnerability has been resolved: bpf: dont report verifier bug for missing bpfsccvisit on speculative path Syzbot generated a program that triggers a verifierbug call in maybeexitscc. maybeexitscc assumes that, when called for a state with insnidx in some SCC,...
CVE-2025-40143
CVE-2025-40143 concerns the Linux kernel BPF verifier. Syzbot-generated input could trigger a verifier_bug() in maybe_exit_scc() when processing a state inside an SCC, under speculative execution paths. The root cause was an assumption that an existing bpf_scc_visit instance always accompanies a ...
CVE-2025-40143 bpf: dont report verifier bug for missing bpf_scc_visit on speculative path
In the Linux kernel, the following vulnerability has been resolved: bpf: dont report verifier bug for missing bpfsccvisit on speculative path Syzbot generated a program that triggers a verifierbug call in maybeexitscc. maybeexitscc assumes that, when called for a state with insnidx in some SCC,...
PT-2025-49020
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel’s AF UNIX garbage collection mechanism could incorrectly collect a receive queue of an active socket. This occurs due to a failure to initialize the scc index in the uni...
EUVD-2023-2468
Malicious code in bioql PyPI...