CVE-2025-40107 can: hi311x: fix null pointer dereference when resuming from sleep before interface was enabled

In the Linux kernel, the following vulnerability has been resolved: can: hi311x: fix null pointer dereference when resuming from sleep before interface was enabled This issue is similar to the vulnerability in the mcp251x driver, which was fixed in commit 03c427147b2d "can: mcp251x: fix resume fr...

CVE-2025-40107 can: hi311x: fix null pointer dereference when resuming from sleep before interface was enabled

In the Linux kernel, the following vulnerability has been resolved: can: hi311x: fix null pointer dereference when resuming from sleep before interface was enabled This issue is similar to the vulnerability in the mcp251x driver, which was fixed in commit 03c427147b2d "can: mcp251x: fix resume fr...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: firmware: armffa: Replace mutex with rwlock to avoid sleep in atomic context The current use of a mutex to protect the notifier hashtable accesses can lead to issues in the atomic context. It results in the below kernel warnings:...

EUVD-2023-60050

Nagios Log Server versions prior to 2024R1 contain an incorrect authorization vulnerability. Users who lacked the required API permission were nevertheless able to invoke API endpoints, resulting in unintended access to data and actions exposed via the API. This incorrect authorization check coul...

CVE-2025-40038

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Skip fastpath emulation on VM-Exit if next RIP isn't valid Skip the WRMSR and HLT fastpaths in SVM's VM-Exit handler if the next RIP isn't valid, e.g. because KVM is running with nrips=false. SVM must decode and emulate...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to validate the validity of the next RIP, which could result in a sleep function being called in a...

Linux Distros Unpatched Vulnerability : CVE-2025-39994

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: tuner: xc5000: Fix use-after-free in xc5000release The original code uses canceldelayedwork in xc5000release, which does not guarantee that the delayed...

EUVD-2022-54961

In the Linux kernel, the following vulnerability has been resolved: PM: domains: Fix sleep-in-atomic bug caused by genpddebugremove When a genpd with GENPDFLAGIRQSAFE gets removed, the following sleep-in-atomic bug will be seen, as genpddebugremove will be called with a spinlock being held...

PT-2025-43032

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 141.0.7390.122 Description An out-of-bounds memory access issue exists in the V8 JavaScript engine within Google Chrome. This flaw allows a remote attacker to perform out-of-bounds memory access by way of a...

chromium -- security fix

Chrome Releases reports: This update includes 1 security fix: 452296415 High CVE-2025-12036: Inappropriate implementation in V8. Reported by Google Big Sleep on 2025-10-15...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987705)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987705 advisory. In the Linux kernel, the following vulnerability has been resolved: w1: fix WARNING after calling w1process I got the following WARNING message while removing...

SUSE CVE-2025-39994

In the Linux kernel, the following vulnerability has been resolved: media: tuner: xc5000: Fix use-after-free in xc5000release The original code uses canceldelayedwork in xc5000release, which does not guarantee that the delayed work item timersleep has fully completed if it was already running. Th...

Malicious Package

Overview rtk-sleep is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

📄 Greenlife.bg SQL Injection

Greenlife.bg appears to suffer from a remote SQL injection vulnerability. It is unclear what vulnerable code base is being used or if it's custom, however, the researcher has not heard a response from the vendor and they have not addressed the issue, putting their users at risk, so this is being...

CVE-2025-39994

In the Linux kernel, the following vulnerability has been resolved: media: tuner: xc5000: Fix use-after-free in xc5000release The original code uses canceldelayedwork in xc5000release, which does not guarantee that the delayed work item timersleep has fully completed if it was already running. Th...

CVE-2025-39994 media: tuner: xc5000: Fix use-after-free in xc5000_release

In the Linux kernel, the following vulnerability has been resolved: media: tuner: xc5000: Fix use-after-free in xc5000release The original code uses canceldelayedwork in xc5000release, which does not guarantee that the delayed work item timersleep has fully completed if it was already running. Th...

CVE-2025-39994

The CVE-2025-39994 issue is in the Linux kernel’s media tuner xc5000: the code path xc5000_release() used cancel_delayed_work(), risking use-after-free of xc5000_priv if timer_sleep is still active. The fix replaces cancel_delayed_work() with cancel_delayed_work_sync() to ensure the delayed work ...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Fix sleeping in atomic context for PREEMPTRT Commit bab1c299f3945ffe79 "LoongArch: Fix sleeping in atomic context in setuptlbhandler" changes the gfp flag from GFPKERNEL to GFPATOMIC for allocpagesnode. However, for...

Linux Distros Unpatched Vulnerability : CVE-2023-53475

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: usb: xhci: tegra: fix sleep in atomic call When we set the dual-role port to Host mode, we...

Linux Distros Unpatched Vulnerability : CVE-2023-53558

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rcu-tasks: Avoid prinfo with spin lock in cblistinitgeneric prinfo is called with rtp-cbsgbllock spin lock locked. Because prinfo calls printk that might sleep,...