ftrace: Fix potential warning in trace_printk_seq during ftrace_dump

...

CVE-2022-50380

In the Linux kernel, the following vulnerability has been resolved: mm: /proc/pid/smapsrollup: fix no vma's null-deref Commit 258f669e7e88 "mm: /proc/pid/smapsrollup: convert to single value seqfile" introduced a null-deref if there are no vma's in the task in showsmapsrollup...

UBUNTU-CVE-2025-39813

In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix potential warning in traceprintkseq during ftracedump When calling ftracedumpone concurrently with reading tracepipe, a WARNONONCE in traceprintkseq can be triggered due to a race condition. The issue occurs because:...

CVE-2025-39813

CVE-2025-39813 concerns the Linux kernel ftrace subsystem. A race between ftrace_dump() and trace_pipe reads could trigger WARN_ON_ONCE in trace_printk_seq() when trace data is consumed by other readers, causing iter.seq to be mispopulated. The documented fix moves the trace_printk_seq() call ins...

Malicious code in tg-seq-gen (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2e83c207a30feba0d5d041c70319284c5872d9f00baab2d79a77ab6a8f267936 Any computer that has this package installed or running should be considered fully compromised. All...

MAL-2025-47352 Malicious code in tg-seq-gen (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2e83c207a30feba0d5d041c70319284c5872d9f00baab2d79a77ab6a8f267936 Any computer that has this package installed or running should be considered fully compromised. All...

SUSE-SU-2025:20540-1 Security update for kernel-livepatch-MICRO-6-0_Update_2

This update for kernel-livepatch-MICRO-6-0Update2 fixes the following issues: - CVE-2024-50208: RDMA/bnxtre: Fix a bug while setting up Level-2 PBL pages bsc1233118 - CVE-2024-50250: fsdax: daxunshareiter needs to copy entire blocks bsc1233227 - CVE-2024-53146: NFSD: prevent a potential integer...

CLSA-2025-1754037187 Fix of 7 CVEs

CVE-url: https://ubuntu.com/security/CVE-2021-47352 - virtio-net: Add validation for used length CVE-url: https://ubuntu.com/security/CVE-2024-46771 - can: bcm: Remove proc entry when dev is unregistered. Bionic update: upstream stable patchset 2023-01-20 LP: 2003596 // CVE- url:...

Security update for the Linux Kernel (Live Patch 20 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005583 fixes several issues. The following security issues were fixed: CVE-2024-53146: NFSD: Prevent a potential integer overflow bsc1234854. CVE-2024-53214: vfio/pci: Properly hide first-in-list PCIe extended capability bsc1235005. CVE-2024-53173:...

SUSE-SU-2025:02390-1 Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506008 fixes several issues. The following security issues were fixed: - CVE-2024-53146: NFSD: Prevent a potential integer overflow bsc1234854. - CVE-2024-53214: vfio/pci: Properly hide first-in-list PCIe extended capability bsc1235005. - CVE-2024-53173:...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: ext4: Fix possible corruption when moving a directory CVE-2023-53137 In the Linux kernel, the following vulnerability has been resolved: tracing: Fix oob write in traceseqtobuffer CVE-2025-37923 In the Linux kerne...

CVE-2024-29866

Datalust Seq before 2023.4.11151 and 2024 before 2024.1.11146 has Incorrect Access Control because a Project Owner or Organization Owner can escalate to System privileges...

CVE-2023-38195

Datalust Seq before 2023.2.9489 allows insertion of sensitive information into an externally accessible file or directory. This is exploitable only when external SQL Server or PostgreSQL metadata storage is used. Exploitation can only occur from a high-privileged user account...

CVE-2021-43270

Datalust Seq.App.EmailPlus aka seq-app-htmlemail 3.1.0-dev-00148, 3.1.0-dev-00170, and 3.1.0-dev-00176 can use cleartext SMTP on port 25 in some cases where encryption on port 465 was intended...

CVE-2025-27911

An issue was discovered in Datalust Seq before 2024.3.13545. Expansion of identifiers in message templates can be used to bypass the system "Event body limit bytes" setting, leading to increased resource consumption. With sufficiently large events, there can be disk space exhaustion if saved to...

CVE-2024-58102

An issue was discovered in Datalust Seq before 2024.3.13545. An insecure default parsing depth limit allows stack consumption when parsing user-supplied queries containing deeply nested expressions...

CVE-2025-27912

An issue was discovered in Datalust Seq before 2024.3.13545. Missing Content-Type validation can lead to CSRF when 1 Entra ID or OpenID Connect authentication is in use and a user visits a compromised/malicious site, or 2 when username/password or Active Directory authentication is in use and a...

CVE-2025-27912

An issue was discovered in Datalust Seq before 2024.3.13545. Missing Content-Type validation can lead to CSRF when 1 Entra ID or OpenID Connect authentication is in use and a user visits a compromised/malicious site, or 2 when username/password or Active Directory authentication is in use and a...

CVE-2025-27912

An issue was discovered in Datalust Seq before 2024.3.13545. Missing Content-Type validation can lead to CSRF when 1 Entra ID or OpenID Connect authentication is in use and a user visits a compromised/malicious site, or 2 when username/password or Active Directory authentication is in use and a...

CVE-2025-27911

An issue was discovered in Datalust Seq before 2024.3.13545. Expansion of identifiers in message templates can be used to bypass the system "Event body limit bytes" setting, leading to increased resource consumption. With sufficiently large events, there can be disk space exhaustion if saved to...