PT-2025-26448 · Redoxos · Redoxos Kernel

Name of the Vulnerable Software and Affected Versions: redoxOS kernel versions before commit 5d41cd7c Description: The issue allows a local attacker to cause a denial of service via the setitimer syscall. Recommendations: For versions before commit 5d41cd7c, update to a version that includes the...

CVE-2025-46158

CVE-2025-46158 affects the redoxOS kernel prior to commit 5d41cd7c. The vulnerability is triggered by the setitimer syscall, allowing a local attacker to cause a denial of service. Documents consistently reference redoxOS kernel versions before 5d41cd7c as vulnerable and indicate a fix is needed ...

DEBIAN-CVE-2022-49979

In the Linux kernel, the following vulnerability has been resolved: net: fix refcount bug in skpsockget 2 Syzkaller reports refcount bug as follows: ------------ cut here ------------ refcountt: saturated; leaking memory. WARNING: CPU: 1 PID: 3605 at lib/refcount.c:19...

UBUNTU-CVE-2022-49979

In the Linux kernel, the following vulnerability has been resolved: net: fix refcount bug in skpsockget 2 Syzkaller reports refcount bug as follows: ------------ cut here ------------ refcountt: saturated; leaking memory. WARNING: CPU: 1 PID: 3605 at lib/refcount.c:19...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: cachestat: fixed the permission checking for page cache statistics. When the cachestat system call was added in commit cf264e1329fb “cachestat: implement cachestat syscall”, it was intended to be a much more convenient and...

Symlink Attack

Overview std/syscall is a Go standard library package std/syscall Affected versions of this package are vulnerable to Symlink Attack. Go Vulnerability Report:os.OpenFilepath, os.OCREATE|OEXCL behaved differently on Unix and Windows systems when the target path was a dangling symlink. On Unix...

CVE-2025-5869

A vulnerability, which was classified as critical, was found in RT-Thread 5.1.0. Affected is the function sysrecvfrom of the file rt-thread/components/lwp/lwpsyscall.c. The manipulation of the argument from leads to memory corruption...

CVE-2025-5868

A vulnerability, which was classified as critical, has been found in RT-Thread 5.1.0. This issue affects the function systhreadsigprocmask of the file rt-thread/components/lwp/lwpsyscall.c. The manipulation of the argument how leads to improper validation of array index...

CVE-2025-5867

A vulnerability classified as critical was found in RT-Thread 5.1.0. This vulnerability affects the function csyssendto of the file rt-thread/components/lwp/lwpsyscall.c. The manipulation of the argument to leads to null pointer dereference...

RT-Thread 安全漏洞

RT-Thread is an open source IoT real-time operating system RTOS from RT-Thread Open Source. A security vulnerability exists in RT-Thread version 5.1.0, which stems from a null pointer dereference due to the operation of the parameter to in the file rt-thread/components/lwp/lwpsyscall.c. The...

K000151739: Linux kernel vulnerability CVE-2024-47745

Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: mm: call the securitymmapfile LSM hook in remapfilepages The remapfilepages syscall handler calls dommap directly, which doesn't contain the LSM security check. And if the process has called...

CVE-2023-21671

Memory Corruption in Core during syscall for Sectools Fuse comparison feature...

CVE-2022-41716

Due to unsanitized NUL values, attackers may be able to maliciously set environment variables on Windows. In syscall.StartProcess and os/exec.Cmd, invalid environment variable values containing NUL values are not properly checked for. A malicious environment variable value can exploit this behavi...

CVE-2020-11221

Usage of syscall by non-secure entity can allow extraction of secure QTEE diagnostic information in clear text form due to insufficient checks in the syscall handler and leads to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT,...

CVE-2011-5330

Distributed Ruby aka DRuby 1.8 mishandles the sending of syscalls...

SUSE CVE-2022-49764

In the Linux kernel, the following vulnerability has been resolved: bpf: Prevent bpf program recursion for raw tracepoint probes We got report from sysbot 1 about warnings that were caused by bpf program attached to contentionbegin raw tracepoint triggering the same tracepoint by using...

DEBIAN-CVE-2022-49828

In the Linux kernel, the following vulnerability has been resolved: hugetlbfs: don't delete error page from pagecache This change is very similar to the change that was made for shmem 1, and it solves the same problem but for HugeTLBFS instead. Currently, when poison is found in a HugeTLB page, t...

DEBIAN-CVE-2022-49764

In the Linux kernel, the following vulnerability has been resolved: bpf: Prevent bpf program recursion for raw tracepoint probes We got report from sysbot 1 about warnings that were caused by bpf program attached to contentionbegin raw tracepoint triggering the same tracepoint by using...

AZL-69716 CVE-2022-49764 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: bpf: Prevent bpf program recursion for raw tracepoint probes We got report from sysbot 1 about warnings that were caused by bpf program attached to contentionbegin raw tracepoint triggering the same tracepoint by using...

UBUNTU-CVE-2022-49764

In the Linux kernel, the following vulnerability has been resolved: bpf: Prevent bpf program recursion for raw tracepoint probes We got report from sysbot 1 about warnings that were caused by bpf program attached to contentionbegin raw tracepoint triggering the same tracepoint by using...