1874 matches found
CVE-2023-53438 x86/MCE: Always save CS register on AMD Zen IF Poison errors
In the Linux kernel, the following vulnerability has been resolved: x86/MCE: Always save CS register on AMD Zen IF Poison errors The Instruction Fetch IF units on current AMD Zen-based systems do not guarantee a synchronous MC is delivered for poison consumption errors. Therefore,...
CVE-2023-53433 net: add vlan_get_protocol_and_depth() helper
In the Linux kernel, the following vulnerability has been resolved: net: add vlangetprotocolanddepth helper Before blamed commit, pskbmaypull was used instead of skbheaderpointer in vlangetprotocol and friends. Few callers depended on skb-head being populated with MAC header, syzbot caught one of...
CVE-2023-53337
In the Linux kernel, the following vulnerability has been resolved: nilfs2: do not write dirty data after degenerating to read-only According to syzbot's report, markbufferdirty called from nilfssegctordoconstruct outputs a warning with some patterns after nilfs2 detects metadata corruption and...
UBUNTU-CVE-2023-53354
In the Linux kernel, the following vulnerability has been resolved: skbuff: skbsegment, Call zero copy functions before using skbuff frags Commit bf5c25d60861 "skbuff: in skbsegment, call zerocopy functions once per nskb" added the call to zero copy functions in skbsegment. The change introduced ...
CVE-2023-53354
CVE-2023-53354 concerns the Linux kernel skb_segment path used for zero-copy of SKBs. The bug occurs when skb_orphan_frags() updates nr_frags, leaving the local nrfrags stale and causing a panic while iterating frags during GSO/zero-copy processing. The fix moves the call to zero-copy functions b...
CVE-2023-53354 skbuff: skb_segment, Call zero copy functions before using skbuff frags
In the Linux kernel, the following vulnerability has been resolved: skbuff: skbsegment, Call zero copy functions before using skbuff frags Commit bf5c25d60861 "skbuff: in skbsegment, call zerocopy functions once per nskb" added the call to zero copy functions in skbsegment. The change introduced ...
CVE-2023-53354 skbuff: skb_segment, Call zero copy functions before using skbuff frags
In the Linux kernel, the following vulnerability has been resolved: skbuff: skbsegment, Call zero copy functions before using skbuff frags Commit bf5c25d60861 "skbuff: in skbsegment, call zerocopy functions once per nskb" added the call to zero copy functions in skbsegment. The change introduced ...
CVE-2022-50273
CVE-2022-50273 concerns Linux kernel f2fs recovery logic. The vuln is fixed by a patch that adds a DATA_GENERIC_ENHANCE_UPDATE flag to the data block recovery flow, enabling validation of destination blkaddr in SIT during recovery and skipping f2fs_replace_block() to prevent inconsistent SIT/inod...
AZL-74664 CVE-2025-39770 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6CSUM When performing Generic Segmentation Offload GSO on an IPv6 packet that contains extension headers, the kernel incorrectly requests checksum offload if the...
DEBIAN-CVE-2025-39757
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Validate UAC3 cluster segment descriptors UAC3 class segment descriptors need to be verified whether their sizes match with the declared lengths and whether they fit with the allocated buffer sizes, too. Otherwis...
AZL-73956 CVE-2025-39757 affecting package kernel for versions less than 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Validate UAC3 cluster segment descriptors UAC3 class segment descriptors need to be verified whether their sizes match with the declared lengths and whether they fit with the allocated buffer sizes, too. Otherwis...
UBUNTU-CVE-2025-39757
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Validate UAC3 cluster segment descriptors UAC3 class segment descriptors need to be verified whether their sizes match with the declared lengths and whether they fit with the allocated buffer sizes, too. Otherwis...
CVE-2025-39757 ALSA: usb-audio: Validate UAC3 cluster segment descriptors
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Validate UAC3 cluster segment descriptors UAC3 class segment descriptors need to be verified whether their sizes match with the declared lengths and whether they fit with the allocated buffer sizes, too. Otherwis...
CVE-2025-39757
CVE-2025-39757 is a Linux kernel/ALSA USB-audio issue where UAC3 cluster segment descriptors were not validated for sizes against declared lengths or allocated buffers, enabling potential out-of-bounds (OOB) access. Connected advisories (Astra Linux and kernel security bulletins) confirm the vuln...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an unvalidated UAC3 class segment descriptor size that could lead to out-of-bounds access...
Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2025-1169)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1169 advisory. In the Linux kernel, the following vulnerability has been resolved: smb: client: Avoid race in opencacheddir with lease breaks CVE-2025-37954 In the Linux kernel, the following vulnerability h...
ipv6: sr: Fix MAC comparison to be constant-time
...
SUSE CVE-2025-39702
In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this...
DEBIAN-CVE-2025-39702
In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this...
UBUNTU-CVE-2025-39702
In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this...