954 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-38613
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - staging: gpib: fix unset padding field copy back to userspace The introduction of a padding field in the gpibboardinfoioctl is showing up as initialized data on...
Linux Distros Unpatched Vulnerability : CVE-2023-50711
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vmm-sys-util is a collection of modules that provides helpers and utilities used by multiple rust-vmm components. Starting in version 0.5.0 and prior to version...
CVE-2025-38514
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix oops due to non-existence of prealloc backlog struct If an AFRXRPC service socket is opened and bound, but calls are preallocated, then rxrpcallocincomingcall will oops because the rxrpcbacklog struct doesn't get...
CVE-2025-38514
The CVE-2025-38514 issue affects the Linux kernel RxRPC: when an AF_RXRPC service socket is opened/bound and calls are preallocated, rxrpc_alloc_incoming_call() can oops because rxrpc_backlog may not be allocated until the first preallocation. The fix is to return NULL from rxrpc_alloc_incoming_c...
Linux Distros Unpatched Vulnerability : CVE-2025-37805
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sound/virtio: Fix cancelsync warnings on uninitialized workstructs Betty reported hitting the following warning: 8.709131 T221 WARNING: CPU: 2 PID: 221 at...
brick-browser (>=0.0.0 <=0.0.14), brick-node (>=0.0.0 <=0.0.17) +11 more potentially affected by unknown CVE via new-struct (>=0.0.4 <=0.1.1)
new-struct NPM version =0.0.4, =0.0.0, =0.0.0, =0.5.0-alpha.2, =0.0.0, =2.0.0, =0.0.0, =0.0.0, =0.0.0, =0.0.0, =0.0.0, =0.0.2, =0.0.0, =2.0.0, =2.0.1 Source cves: unknown CVE Source advisory: OSV:MAL-2025-27369...
MAL-2025-27369 Malicious code in new-struct (npm)
The package new-struct was found to contain malicious code...
Malicious code in new-struct (npm)
The package new-struct was found to contain malicious code...
Linux Distros Unpatched Vulnerability : CVE-2024-58096
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: ath11k: add srng-lock for ath11khalsrng in monitor mode ath11khalsrng should be used with srng-lock to protect srng data. For ath11kdprxmondestprocess and...
UBUNTU-CVE-2025-38476
In the Linux kernel, the following vulnerability has been resolved: rpl: Fix use-after-free in rpldosrhinline. Running lwtdstcacherefloop.sh in selftest with KASAN triggers the splat below 0. rpldosrhinline fetches ipv6hdrskb and accesses it after skbcowhead, which is illegal as the header could ...
CVE-2025-38266 pinctrl: mediatek: eint: Fix invalid pointer dereference for v1 platforms
In the Linux kernel, the following vulnerability has been resolved: pinctrl: mediatek: eint: Fix invalid pointer dereference for v1 platforms Commit 3ef9f710efcb "pinctrl: mediatek: Add EINT support for multiple addresses" introduced an access to the 'soc' field of struct mtkpinctrl in...
CVE-2025-38167 fs/ntfs3: handle hdr_first_de() return value
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: handle hdrfirstde return value The hdrfirstde function returns a pointer to a struct NTFSDE. This pointer may be NULL. To handle the NULL error effectively, it is important to implement an error handler. This will help...
SUSE CVE-2004-0427
The dofork function in Linux 2.4.x before 2.4.26, and 2.6.x before 2.6.6, does not properly decrement the mmcount counter when an error occurs after the mmstruct for a child process has been activated, which triggers a memory leak that allows local users to cause a denial of service memory...
CVE-2022-50128
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2022-49990
In the Linux kernel, the following vulnerability has been resolved: s390: fix double free of GS and RI CBs on fork failure The pointers for guarded storage and runtime instrumentation control blocks are stored in the threadstruct of the associated task. These pointers are initially copied on fork...
DEBIAN-CVE-2022-49990
In the Linux kernel, the following vulnerability has been resolved: s390: fix double free of GS and RI CBs on fork failure The pointers for guarded storage and runtime instrumentation control blocks are stored in the threadstruct of the associated task. These pointers are initially copied on fork...
CVE-2022-49990
CVE-2022-49990 affects the Linux kernel (s390) where guarded storage and runtime instrumentation control blocks stored in thread_struct are copied during fork via arch_dup_task_struct() and then cleared in copy_thread(). If fork() fails after the initial task dup and before copy_thread(), free_ta...
CVE-2025-38067 rseq: Fix segfault on registration when rseq_cs is non-zero
In the Linux kernel, the following vulnerability has been resolved: rseq: Fix segfault on registration when rseqcs is non-zero The rseqcs field is documented as being set to 0 by user-space prior to registration, however this is not currently enforced by the kernel. This can result in a segfault ...
CVE-2025-38067 rseq: Fix segfault on registration when rseq_cs is non-zero
In the Linux kernel, the following vulnerability has been resolved: rseq: Fix segfault on registration when rseqcs is non-zero The rseqcs field is documented as being set to 0 by user-space prior to registration, however this is not currently enforced by the kernel. This can result in a segfault ...
CVE-2025-38028
CVE-2025-38028 : Linux kernel local vulnerability in NFS/localio due to a race in nfs_local_open_fh. After clp->cl_uuid.lock is dropped, another CPU could free the recently added nfsd_file. The fix uses an RCU read lock before dropping the spin lock to prevent dangling pointers. Exploitation i...