kernel: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix hugepmdunshare vs GUP-fast race hugepmdunshare drops a reference on a page table that may have previously been shared across processes, potentially turning it into a normal page table used in another process in...

EUVD-2025-176723

Malicious code in relay-dagda-sync-graviton npm...

EUVD-2025-179594

Malicious code in configstore-quark-sync-callback npm...

EUVD-2025-178526

Malicious code in hexo-restart-farout-sync npm...

EUVD-2025-177345

Malicious code in paleontology-sedna-enif-sync npm...

MAL-2025-188489 Malicious code in outercore-sync-fornax-lightyear (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e9e2e853eda7b0af152340f61eb4696e8f76559b416699655d34aa888bfc5f7c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189788 Malicious code in sync-vega-apex-prettier-plugin-markdown (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7049cee782d42510430e26832fb304bb48636354de220eb85f797b763b0df0d2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-176278

Malicious code in spawn-nova-antares-sync npm...

EUVD-2025-176653

Malicious code in restart-warp-webdriver-mocha-sync npm...

EUVD-2025-179062

Malicious code in eris-sync-loglevel-dorado npm...

EUVD-2025-176088

Malicious code in sync-uglify-js-rest-superagent npm...

EUVD-2025-177653

Malicious code in neptune-sync-holography-xenobiology npm...

EUVD-2025-178231

Malicious code in jwt-sync-ora-selenium npm...

EUVD-2025-176089

Malicious code in sync-taurus-cluster-webpack npm...

Malicious code in radiant-express-sync-tachyon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cc11ed6a8c3867ed71199224db53e25c2338a7f38da642038050bbef32d06101 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-176090

Malicious code in sync-hugo-xanadu-module npm...

MAL-2025-186820 Malicious code in eris-sync-loglevel-dorado (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eceef989feeada3339ec402d1445f185a3b004a1f1c1c4a71553971739a38d8a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186530 Malicious code in delphinus-tool-sync-geckodriver (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 309471f78b1f61e3fba41e092a36d4ae761dc2439a6686d82cea711c93a982ed This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-176224

Malicious code in standard-seismology-sync-native npm...

EUVD-2025-179817

Malicious code in centaurus-perseus-remark-sync npm...