1430 matches found
CVE-2025-38084
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: unshare page tables during VMA split, not before Currently, splitvma triggers hugetlb page table unsharing through vmops-maysplit. This happens before the VMA lock and rmap locks are taken - which is too early, it...
CVE-2025-38084 mm/hugetlb: unshare page tables during VMA split, not before
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: unshare page tables during VMA split, not before Currently, splitvma triggers hugetlb page table unsharing through vmops-maysplit. This happens before the VMA lock and rmap locks are taken - which is too early, it...
CVE-2025-38084
CVE-2025-38084 concerns the Linux kernel. A race was introduced where hugetlb page-table unsharing could occur before the VMA/rmap locks are held during VMA split. The fix explicitly moves the hugetlb unshare logic into __split_vma(), at the point THP splitting occurs, ensuring both the VMA and r...
CVE-2025-38084 mm/hugetlb: unshare page tables during VMA split, not before
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: unshare page tables during VMA split, not before Currently, splitvma triggers hugetlb page table unsharing through vmops-maysplit. This happens before the VMA lock and rmap locks are taken - which is too early, it...
kernel: ext4: fix off-by-one error in do_split
In the Linux kernel, the following vulnerability has been resolved: ext4: fix off-by-one error in dosplit Syzkaller detected a use-after-free issue in ext4insertdentry that was caused by out-of-bounds access due to incorrect splitting in dosplit. BUG: KASAN: use-after-free in...
SUSE CVE-2022-50117
In the Linux kernel, the following vulnerability has been resolved: vfio: Split migration ops from main device ops vfio core checks whether the driver sets some migration op e.g. setstate/getstate and accordingly calls its op. However, currently mlx5 driver sets the above ops without regards to i...
SUSE CVE-2025-38045
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: fix debug actions order The order of actions taken for debug was implemented incorrectly. Now we implemented the dump split and do the FW reset only in the middle of the dump rather than the FW killing itself on...
DEBIAN-CVE-2022-50117
In the Linux kernel, the following vulnerability has been resolved: vfio: Split migration ops from main device ops vfio core checks whether the driver sets some migration op e.g. setstate/getstate and accordingly calls its op. However, currently mlx5 driver sets the above ops without regards to i...
UBUNTU-CVE-2022-50117
In the Linux kernel, the following vulnerability has been resolved: vfio: Split migration ops from main device ops vfio core checks whether the driver sets some migration op e.g. setstate/getstate and accordingly calls its op. However, currently mlx5 driver sets the above ops without regards to i...
AZL-70286 CVE-2025-38045 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: fix debug actions order The order of actions taken for debug was implemented incorrectly. Now we implemented the dump split and do the FW reset only in the middle of the dump rather than the FW killing itself on...
AZL-64016 CVE-2025-38040 affecting package kernel for versions less than 6.6.96.1-1
In the Linux kernel, the following vulnerability has been resolved: serial: mctrlgpio: split disablems into sync and nosync APIs The following splat has been observed on a SAMA5D27 platform using atmelserial: BUG: sleeping function called from invalid context at kernel/irq/manage.c:738 inatomic: ...
DEBIAN-CVE-2025-38040
In the Linux kernel, the following vulnerability has been resolved: serial: mctrlgpio: split disablems into sync and nosync APIs The following splat has been observed on a SAMA5D27 platform using atmelserial: BUG: sleeping function called from invalid context at kernel/irq/manage.c:738 inatomic: ...
CVE-2025-38040
In the Linux kernel, the following vulnerability has been resolved: serial: mctrlgpio: split disablems into sync and nosync APIs The following splat has been observed on a SAMA5D27 platform using atmelserial: BUG: sleeping function called from invalid context at kernel/irq/manage.c:738 inatomic: ...
Efficient Malware Detection with Optimized Learning on High-Dimensional Features
Malware detection using machine learning requires feature extraction from binary files, as models cannot process raw binaries directly. A common approach involves using LIEF for raw feature extraction and the EMBER vectorizer to generate 2381-dimensional feature vectors. However, the high...
Anubis Ransomware Encrypts and Wipes Files, Making Recovery Impossible Even After Payment
An emerging ransomware strain has been discovered incorporating capabilities to encrypt files as well as permanently erase them, a development that has been described as a "rare dual-threat." "The ransomware features a 'wipe mode,' which permanently erases files, rendering recovery impossible eve...
PT-2025-27290
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to the version containing the fix for this issue Description: The issue is related to the Linux kernel's handling of huge page tables during VMA split. The problem arises because the split vma function triggers...
DEBIAN-CVE-2025-37999
In the Linux kernel, the following vulnerability has been resolved: fs/erofs/fileio: call erofsonlinefoliosplit after bioaddfolio If bioaddfolio fails because it is full, erofsfileioscanfolio needs to submit the I/O request via erofsfileiorqsubmit and allocate a new I/O request with an empty stru...
CVE-2024-25728
ExpressVPN before 12.73.0 on Windows, when split tunneling is used, sends DNS requests according to the Windows configuration e.g., sends them to DNS servers operated by the user's ISP instead of to the ExpressVPN DNS servers, which may allow remote attackers to obtain sensitive information about...
CVE-2024-52912
Bitcoin Core before 0.21.0 allows a network split that is resultant from an integer overflow calculating the time offset for newly connecting peers and an abs64 logic bug...
CVE-2023-25476
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Ezoic AmpedSense – AdSense Split Tester plugin = 4.68 versions...