CVE-2026-48545 Gradio < 6.15.0 Cookie Injection via Shared Proxy Client

Gradio before version 6.15.0 contains a cookie injection vulnerability that allows remote attackers to perform cross-Space session fixation by exploiting a shared module-level HTTP client used across all users in the reverse proxy endpoint. Attackers controlling any HF Space can return a...

SUSE CVE-2025-40048

In the Linux kernel, the following vulnerability has been resolved: uiohvgeneric: Let userspace take care of interrupt mask Remove the logic to set interrupt mask by default in uiohvgeneric driver as the interrupt mask value is supposed to be controlled completely by the user space. If the mask b...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/radeon: fix uninitialized size issue in radeonvcecsparse On the off chance that command stream passed from userspace via ioctl call to radeonvcecsparse is weirdly crafted and first command to execute is to encode case...

EUVD-2023-60353

In the Linux kernel, the following vulnerability has been resolved: KVM: s390: pv: fix index value of replaced ASCE The index field of the struct page corresponding to a guest ASCE should be 0. When replacing the ASCE in s390replaceasce, the index of the new ASCE should also be set to 0. Having t...

CVE-2023-54092 KVM: s390: pv: fix index value of replaced ASCE

In the Linux kernel, the following vulnerability has been resolved: KVM: s390: pv: fix index value of replaced ASCE The index field of the struct page corresponding to a guest ASCE should be 0. When replacing the ASCE in s390replaceasce, the index of the new ASCE should also be set to 0. Having t...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a substitution of incorrect ASCE index values, which could lead to address delivery errors and validity...

UBUNTU-CVE-2025-40048

In the Linux kernel, the following vulnerability has been resolved: uiohvgeneric: Let userspace take care of interrupt mask Remove the logic to set interrupt mask by default in uiohvgeneric driver as the interrupt mask value is supposed to be controlled completely by the user space. If the mask b...

CVE-2022-50010

In the Linux kernel, the following vulnerability has been resolved: video: fbdev: i740fb: Check the argument of i740calcvclk Since the user can control the arguments of the ioctl from the user space, under special arguments that may result in a divide-by-zero bug. If the user provides an improper...

ALPINE-CVE-2025-21441

Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver...

kernel: vmci: prevent speculation leaks by sanitizing event in event_deliver()

A vulnerability was found in the eventdeliver function in the Linux kernel's VMCI component, where the issue involves a lack of sanitization for the eventdata.event index controlled by user-space, which could lead to speculative information leaks...

CVE-2024-39499

CVE-2024-39499 (Linux kernel, vmci): The vulnerability allows speculative leaks via event_deliver() because user-controlled event_msg-&gt;event_data.event was used as an index without sanitization. The fix sanitizes the index to mitigate speculative information leaks. The issue is exploitable loc...

kernel: KVM: s390: pv: fix index value of replaced ASCE

In the Linux kernel, the following vulnerability has been resolved: KVM: s390: pv: fix index value of replaced ASCE The index field of the struct page corresponding to a guest ASCE should be 0. When replacing the ASCE in s390replaceasce, the index of the new ASCE should also be set to 0. Having t...

PT-2025-53169

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the KVM component related to the s390 virtualization platform. Specifically, an incorrect index value can be assigned to a replaced ASCE Address...

Privilege Escalation

kernel is vulnerable to privilege escalation. The vulnerability exists as the compatallocuserspace function in the Linux kernel 32/64-bit compatibility layer implementation was missing sanity checks. This function could be abused in other areas of the Linux kernel if its length argument can be...

CVE-2014-3534

arch/s390/kernel/ptrace.c in the Linux kernel before 3.15.8 on the s390 platform does not properly restrict address-space control operations in PTRACEPOKEUSRAREA requests, which allows local users to obtain read and write access to kernel memory locations, and consequently gain privileges, via a...

CVE-2014-3534

arch/s390/kernel/ptrace.c in the Linux kernel before 3.15.8 on the s390 platform does not properly restrict address-space control operations in PTRACEPOKEUSRAREA requests, which allows local users to obtain read and write access to kernel memory locations, and consequently gain privileges, via a...

Memory corruption

arch/s390/kernel/ptrace.c in the Linux kernel before 3.15.8 on the s390 platform does not properly restrict address-space control operations in PTRACEPOKEUSRAREA requests, which allows local users to obtain read and write access to kernel memory locations, and consequently gain privileges, via a...

CVE-2014-3534

arch/s390/kernel/ptrace.c in the Linux kernel before 3.15.8 on the s390 platform does not properly restrict address-space control operations in PTRACEPOKEUSRAREA requests, which allows local users to obtain read and write access to kernel memory locations, and consequently gain privileges, via a...

Important: Red Hat Security Advisory: kernel security update

Updated kernel packages that fix one security issue are now available for Red Hat Enterprise Linux 5.3 Extended Update Support. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detail...