CVE-2025-64345

Wasmtime is a runtime for WebAssembly. Prior to version 38.0.4, 37.0.3, 36.0.3, and 24.0.5, Wasmtime's Rust embedder API contains an unsound interaction where a WebAssembly shared linear memory could be viewed as a type which provides safe access to the host Rust to the contents of the linear...

CVE-2025-64345 Wasmtime provides unsound API access to a WebAssembly shared linear memory

Wasmtime is a runtime for WebAssembly. Prior to version 38.0.4, 37.0.3, 36.0.3, and 24.0.5, Wasmtime's Rust embedder API contains an unsound interaction where a WebAssembly shared linear memory could be viewed as a type which provides safe access to the host Rust to the contents of the linear...

CVE-2025-64345 Wasmtime provides unsound API access to a WebAssembly shared linear memory

Wasmtime is a runtime for WebAssembly. Prior to version 38.0.4, 37.0.3, 36.0.3, and 24.0.5, Wasmtime's Rust embedder API contains an unsound interaction where a WebAssembly shared linear memory could be viewed as a type which provides safe access to the host Rust to the contents of the linear...

EUVD-2025-124915

In the Linux kernel, the following vulnerability has been resolved: smc: Use skdstget and dstdevrcu in smcclcprfxmatch. smcclcprfxmatch is called from smclistenwork and not under RCU nor RTNL. Using skdstgetsk-dev could trigger UAF. Let's use skdstget and dstdevrcu. Note that the returned value o...

PT-2025-46722

Name of the Vulnerable Software and Affected Versions Wasmtime versions 24.0.0 through 24.0.4 Wasmtime versions 36.0.0 through 36.0.2 Wasmtime versions 37.0.0 through 37.0.2 Wasmtime versions 38.0.0 through 38.0.3 Description Wasmtime’s Rust embedder API has an issue where a WebAssembly shared...

wasmtime 竞争条件问题漏洞

wasmtime is a lightweight WebAssembly runtime open-sourced by the Bytecode Alliance. A compete condition issue vulnerability exists in wasmtime versions prior to 38.0.4, 37.0.3, 36.0.3, and 24.0.5, which stems from a data contention risk in shared linear memory...

Stack-based Buffer Overflow

Overview nvidia-pytriton is a PyTriton - Flask/FastAPI-like interface to simplify Triton's deployment in Python environments. Affected versions of this package are vulnerable to Stack-based Buffer Overflow via the shared memory allocation. An attacker can cause a stack overflow and disrupt servic...

Unsound API access to a WebAssembly shared linear memory

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-hc7m-r6v8-hg9q For more information see the GitHub-hosted security advisory...

kernel: net/smc: fix potential panic dues to unprotected smc_llc_srv_add_link()

A race condition was found in the SMC Shared Memory Communications networking subsystem. The smcllcsrvaddlink function lacks proper locking, allowing concurrent link additions that can corrupt link group state and crash the kernel...

kernel: soc: qcom: cmd-db: Map shared memory as WC, not WB

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: cmd-db: Map shared memory as WC, not WB Linux does not write into cmd-db region. This region of memory is write protected by XPU. XPU may sometime falsely detect clean cache eviction as "write" into the write protected...

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: can: isotp: fix potential CAN frame reception race in isotprcv CVE-2022-48830 kernel: soc: qcom: cmd-db: Map shared memory as WC, not WB CVE-2024-46689 kernel: Squashfs: sanity check...

PT-2025-51006

Name of the Vulnerable Software and Affected Versions macOS Sequoia versions prior to 15.7.2 macOS Sonoma versions prior to 14.8.2 macOS Tahoe versions prior to 26.1 tvOS versions prior to 26.1 visionOS versions prior to 26.1 iOS versions prior to 18.7.2 iPadOS versions prior to 18.7.2 watchOS...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: media: venus: Added a check for the packet size after reading from shared memory. A check was added to ensure that the packet size does not exceed the number of available words after reading the packet header from shared memory...

SUSE CVE-2025-40031

In the Linux kernel, the following vulnerability has been resolved: tee: fix registershmhelper In registershmhelper, fix incorrect error handling for a call to ioviterextractpages. A case is missing for when ioviterextractpages only got some pages and return a number larger than 0, but not the...

CVE-2025-40031

CVE-2025-40031 affects the Linux kernel where in tee, register_shm_helper() was fixed to correct error handling for iov_iter_extract_pages. The bug could trigger a NULL pointer dereference after a bad input from ioctl(TEE_IOC_SHM_REGISTER) when parts of the buffer aren’t mapped, due to a missing ...

CVE-2025-40031 tee: fix register_shm_helper()

In the Linux kernel, the following vulnerability has been resolved: tee: fix registershmhelper In registershmhelper, fix incorrect error handling for a call to ioviterextractpages. A case is missing for when ioviterextractpages only got some pages and return a number larger than 0, but not the...

CVE-2025-40031 tee: fix register_shm_helper()

In the Linux kernel, the following vulnerability has been resolved: tee: fix registershmhelper In registershmhelper, fix incorrect error handling for a call to ioviterextractpages. A case is missing for when ioviterextractpages only got some pages and return a number larger than 0, but not the...

EUVD-2019-11921

Malware in sbrugna...

EUVD-2018-19402

Malware in sbrugna...