DEBIAN-CVE-2023-52929

In the Linux kernel, the following vulnerability has been resolved: nvmem: core: fix cleanup after devsetname If devsetname fails, we leak nvmem-wpgpio as the cleanup does not put this. While a minimal fix for this would be to add the gpiodput call, we can do better if we split deviceregister, an...

UBUNTU-CVE-2023-52941

In the Linux kernel, the following vulnerability has been resolved: can: isotp: split tx timer into transmission and timeout The timer for the transmission of isotp PDUs formerly had two functions: 1. send two consecutive frames with a given time gap 2. monitor the timeouts for flow control frame...

CVE-2023-52941

CVE-2023-52941 affects the Linux kernel can:isotp subsystem. The bug arose from the tx timer handling for isotp PDUs, where the timer served two roles: sending two consecutive frames with a gap and monitoring timeouts for flow control and echo frames. This caused more complex txstate checks and e...

DEBIAN-CVE-2024-58091

In the Linux kernel, the following vulnerability has been resolved: drm/fbdev-dma: Add shadow buffering for deferred I/O DMA areas are not necessarily backed by struct page, so we cannot rely on it for deferred I/O. Allocate a shadow buffer for drivers that require deferred I/O and use it as...

UBUNTU-CVE-2025-21890

In the Linux kernel, the following vulnerability has been resolved: idpf: fix checksums set in idpfrxrsc idpfrxrsc uses skbtransportoffsetskb while the transport header is not set yet. This triggers the following warning for CONFIGDEBUGNET=y builds. DEBUGNETWARNONONCE!skbtransportheaderwassetskb...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the can isotp component splitting the tx timer into two functions, transmission and timeout, fixing a...

AZL-59177 CVE-2025-30204 affecting package coredns for versions less than 1.11.4-5

golang-jwt is a Go implementation of JSON Web Tokens. Starting in version 3.2.0 and prior to versions 5.2.2 and 4.5.2, the function parse.ParseUnverified splits via a call to strings.Split its argument which is untrusted data on periods. As a result, in the face of a malicious request whose...

AZL-59193 CVE-2025-30204 affecting package application-gateway-kubernetes-ingress for versions less than 1.7.7-2

golang-jwt is a Go implementation of JSON Web Tokens. Starting in version 3.2.0 and prior to versions 5.2.2 and 4.5.2, the function parse.ParseUnverified splits via a call to strings.Split its argument which is untrusted data on periods. As a result, in the face of a malicious request whose...

PT-2025-20345

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability has been resolved in the Linux kernel. The issue is related to the use of the counted by function in the vsc-tp.c code, which is using the counted bylen attribute on vsc ...

tty: xilinx_uartps: split sysrq handling

...

block, bfq: fix waker_bfqq UAF after bfq_split_bfqq()

...

Linux Distros Unpatched Vulnerability : CVE-2024-53079

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/thp: fix deferred split unqueue naming and locking Recent changes are putting more pressure on THP deferred split queues: under load revealing long-standing...

DEBIAN-CVE-2025-21820

In the Linux kernel, the following vulnerability has been resolved: tty: xilinxuartps: split sysrq handling lockdep detects the following circular locking dependency: CPU 0 CPU 1 ========================== ============================ cdnsuartisr printk uartportlockport consolelock...

SUSE CVE-2022-49334

In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: Fix xarray node memory leak If xassplitalloc fails to allocate the necessary nodes to complete the xarray entry split, it sets the xastate to -ENOMEM, which xasnomem then interprets as "Please allocate more memory"...

SUSE CVE-2022-49378

In the Linux kernel, the following vulnerability has been resolved: sfc: fix considering that all channels have TX queues Normally, all channels have RX and TX queues, but this is not true if modparam efxseparatetxchannels=1 is used. In that cases, some channels only have RX queues and others onl...

SUSE CVE-2022-49642

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: dwc-qos: Disable split header for Tegra194 There is a long-standing issue with the Synopsys DWC Ethernet driver for Tegra194 where random system crashes have been observed 0. The problem occurs when the split header...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the btrfssplitorderedextent function not properly handling the BTRFSORDEREDIOERR flag when handling a...

DEBIAN-CVE-2022-49642

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: dwc-qos: Disable split header for Tegra194 There is a long-standing issue with the Synopsys DWC Ethernet driver for Tegra194 where random system crashes have been observed 0. The problem occurs when the split header...

UBUNTU-CVE-2022-49642

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: dwc-qos: Disable split header for Tegra194 There is a long-standing issue with the Synopsys DWC Ethernet driver for Tegra194 where random system crashes have been observed 0. The problem occurs when the split header...

CVE-2022-49642

CVE-2022-49642 concerns the Linux kernel: the Synopsys DWC Ethernet driver (net: stmmac: dwc-qos) on Tegra194 can crash the system when the split header feature is enabled, due to an unexpected buffer length that can overflow the total buffer length calculation. NVIDIA feedback indicates split he...