DEBIAN-CVE-2025-39710

In the Linux kernel, the following vulnerability has been resolved: media: venus: Add a check for packet size after reading from shared memory Add a check to ensure that the packet size does not exceed the number of available words after reading the packet header from shared memory. This ensures...

AZL-66944 CVE-2025-39710 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: media: venus: Add a check for packet size after reading from shared memory Add a check to ensure that the packet size does not exceed the number of available words after reading the packet header from shared memory. This ensures...

UBUNTU-CVE-2025-39710

In the Linux kernel, the following vulnerability has been resolved: media: venus: Add a check for packet size after reading from shared memory Add a check to ensure that the packet size does not exceed the number of available words after reading the packet header from shared memory. This ensures...

CVE-2025-39710 media: venus: Add a check for packet size after reading from shared memory

In the Linux kernel, the following vulnerability has been resolved: media: venus: Add a check for packet size after reading from shared memory Add a check to ensure that the packet size does not exceed the number of available words after reading the packet header from shared memory. This ensures...

CVE-2025-39710

CVE-2025-39710: In the Linux kernel, the Venus media driver adds a packet-size validation after reading the header from shared memory to ensure the reported size cannot exceed the number of available words. This fixes potential out-of-bounds memory accesses by firmware-provided sizes. The fix tar...

CVE-2025-39710 media: venus: Add a check for packet size after reading from shared memory

In the Linux kernel, the following vulnerability has been resolved: media: venus: Add a check for packet size after reading from shared memory Add a check to ensure that the packet size does not exceed the number of available words after reading the packet header from shared memory. This ensures...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from unverified packet sizes in shared memory, which could lead to out-of-bounds memory accesses...

mm: revert "mm: shmem: fix data-race in shmem_getattr()"

...

kernel: mm/hugetlb: avoid corrupting page->mapping in hugetlb_mcopy_atomic_pte

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: avoid corrupting page-mapping in hugetlbmcopyatomicpte In MCOPYATOMICCONTINUE case with a non-shared VMA, pages in the page cache are installed in the ptes. But hugepageaddnewanonrmap is called for them mistakenly...

kernel: mm/hugetlb: avoid corrupting page->mapping in hugetlb_mcopy_atomic_pte

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: avoid corrupting page-mapping in hugetlbmcopyatomicpte In MCOPYATOMICCONTINUE case with a non-shared VMA, pages in the page cache are installed in the ptes. But hugepageaddnewanonrmap is called for them mistakenly...

CVE-2025-38669

In the Linux kernel, the following vulnerability has been resolved: Revert "drm/gem-shmem: Use dmabuf from GEM object instance" This reverts commit 1a148af06000e545e714fe3210af3d77ff903c11. The dmabuf field in struct drmgemobject is not stable over the object instance's lifetime. The field become...

CVE-2025-38669

CVE-2025-38669 concerns a Linux kernel issue where the dma_buf field in struct drm_gem_object is not stable across a GEM object’s lifetime, becoming NULL after the final GEM handle is released, leading to a NULL-pointer dereference. The vulnerability arose after a change to use dma_buf from the G...

CVE-2025-38669 Revert "drm/gem-shmem: Use dma_buf from GEM object instance"

In the Linux kernel, the following vulnerability has been resolved: Revert "drm/gem-shmem: Use dmabuf from GEM object instance" This reverts commit 1a148af06000e545e714fe3210af3d77ff903c11. The dmabuf field in struct drmgemobject is not stable over the object instance's lifetime. The field become...

(Pwn2Own) NVIDIA Triton Inference Server LoadFromSharedMemory Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of NVIDIA Triton Inference Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the LoadFromSharedMemory function. The issue results from the lac...

Linux Distros Unpatched Vulnerability : CVE-2025-38241

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mm/shmem, swap: fix softlockup with mTHP swapin Following softlockup can be easily reproduce...

CVE-2025-38560

CVE-2025-38560 relates to the Linux kernel x86/sev SNP memory validation. The vulnerability requires a cache-line eviction mitigation when memory is validated after changing a page state to private. The documented mitigation is to touch the first and last byte of each 4K page being validated. If ...

DEBIAN-CVE-2025-38515

In the Linux kernel, the following vulnerability has been resolved: drm/sched: Increment job count before swapping tail spsc queue A small race exists between spscqueuepush and the run-job worker, in which spscqueuepush may return not-first while the run-job worker has already idled due to the jo...

Linux Distros Unpatched Vulnerability : CVE-2022-49991

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: avoid corrupting page-mapping in hugetlbmcopyatomicpte In MCOPYATOMICCONTINUE ca...

Linux Distros Unpatched Vulnerability : CVE-2020-6796

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A content process could have modified shared memory relating to crash reporting information, crash itself, and cause an out-of-bound write. This could have caus...

Linux Distros Unpatched Vulnerability : CVE-2022-49972

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: xsk: Fix corrupted packets for XDPSHAREDUMEM Fix an issue in XDPSHAREDUMEM mode together wit...