CVE-2025-68293 mm/huge_memory: fix NULL pointer deference when splitting folio

In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: fix NULL pointer deference when splitting folio Commit c010d47f107f "mm: thp: split huge page to any lower order pages" introduced an early check on the folio's order via mapping-flags before proceeding with the...

CVE-2025-68293

CVE-2025-68293 relates to a Linux kernel null pointer dereference in mm/huge_memory during folio splitting. A prior patch (mm: thp: split huge page to any lower order pages) added an early check on folio order via mapping->flags, which could dereference mapping when the mapping pointer is NULL...

CVE-2025-68293 mm/huge_memory: fix NULL pointer deference when splitting folio

In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: fix NULL pointer deference when splitting folio Commit c010d47f107f "mm: thp: split huge page to any lower order pages" introduced an early check on the folio's order via mapping-flags before proceeding with the...

PT-2025-51697

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s memory management subsystem, specifically within the huge memory handling related to folio splitting. A NULL pointer dereference can occur when...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a lack of null pointer checking when hugememory splits folio, which could lead to a crash...

CVE-2025-13636

Inappropriate implementation in Split View in Google Chrome prior to 143.0.7499.41 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted domain name. Chromium security severity: Low...

DEBIAN-CVE-2025-66506

Fulcio is a free-to-use certificate authority for issuing code signing certificates for an OpenID Connect OIDC identity. Prior to 1.8.3, function identity.extractIssuerURL splits via a call to strings.Split its argument which is untrusted data on periods. As a result, in the face of a malicious...

Chromium: CVE-2025-13636 Inappropriate implementation in Split View

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

EUVD-2025-201229

In the Linux kernel, the following vulnerability has been resolved: mm: prevent poison consumption when splitting THP When performing memory error injection on a THP Transparent Huge Page mapped to userspace on an x86 server, the kernel panics with the following trace. The expected behavior is to...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 kernel was updated to fix various security issues The following security issues were fixed: CVE-2022-50327: ACPI: processor: idle: Check acpifetchacpidev return value bsc1249859. CVE-2022-50334: hugetlbfs: fix null-ptr-deref in hugetlbfsparseparam bsc1249857...

SUSE CVE-2025-13636

Inappropriate implementation in Split View in Google Chrome prior to 143.0.7499.41 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted domain name. Chromium security severity: Low...

EUVD-2025-200314

Inappropriate implementation in Split View in Google Chrome prior to 143.0.7499.41 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted domain name. Chromium security severity: Low...

CVE-2025-13636

Inappropriate implementation in Split View in Google Chrome prior to 143.0.7499.41 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted domain name. Chromium security severity: Low...

CVE-2025-13636

Inappropriate implementation in Split View in Google Chrome prior to 143.0.7499.41 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted domain name. Chromium security severity: Low...

CVE-2025-13636

CVE-2025-13636 affects Google Chrome/Chromium Split View. The vulnerability arises from an inappropriate implementation in Split View, enabling UI spoofing via a crafted domain name when a user performs specific UI gestures. Impact is UI spoofing with Low severity; affected products are Chrome/Ch...

CVE-2025-13636

Inappropriate implementation in Split View in Google Chrome prior to 143.0.7499.41 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted domain name. Chromium security severity: Low...

CVE-2025-13636

Inappropriate implementation in Split View in Google Chrome prior to 143.0.7499.41 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted domain name. Chromium security severity: Low...

CVE-2025-13636

Inappropriate implementation in Split View in Google Chrome prior to 143.0.7499.41 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted domain name. Chromium security severity: Low...

KLA90657 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, spoof user interface. Below is a complete list of vulnerabilities: 1. Implementation vulnerability in Google Updater can be exploited to caus...

PT-2025-48761

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 143.0.7499.41 Description An improper implementation in the Split View feature allowed a remote attacker to perform UI spoofing. The attacker needed to convince a user to perform specific UI gestures with a...