1573 matches found
CVE-2022-49863 can: af_can: fix NULL pointer dereference in can_rx_register()
In the Linux kernel, the following vulnerability has been resolved: can: afcan: fix NULL pointer dereference in canrxregister It causes NULL pointer dereference when testing as following: a use syscallNRsocket, 0x10ul, 3ul, 0 to create netlink socket. b use syscallNRsendmsg, ... to create bond li...
CVE-2022-49828 hugetlbfs: don't delete error page from pagecache
In the Linux kernel, the following vulnerability has been resolved: hugetlbfs: don't delete error page from pagecache This change is very similar to the change that was made for shmem 1, and it solves the same problem but for HugeTLBFS instead. Currently, when poison is found in a HugeTLB page, t...
PT-2025-16924 · Google · Kernel
Name of the Vulnerable Software and Affected Versions: ChromeOS Kernel versions prior to 6.1 ChromeOS Kernel version 5.4 Description: A race condition Use-After-Free vulnerability exists in the virtio transport space update function. Concurrent allocation and freeing of the virtio vsock sock...
CVE-2025-22046
In the Linux kernel, the following vulnerability has been resolved: uprobes/x86: Harden uretprobe syscall trampoline check Jann reported a possible issue when trampolinecheckip returns address near the bottom of the address space that is allowed to call into the syscall if uretprobes are not set...
CVE-2025-22046 uprobes/x86: Harden uretprobe syscall trampoline check
In the Linux kernel, the following vulnerability has been resolved: uprobes/x86: Harden uretprobe syscall trampoline check Jann reported a possible issue when trampolinecheckip returns address near the bottom of the address space that is allowed to call into the syscall if uretprobes are not set...
CVE-2025-22046
CVE-2025-22046: In the Linux kernel, the uprobes/x86 uretprobe trampoline check was hardened to prevent a trampoline_check_ip path that could allow a call into the syscall from memory addresses near the bottom of the address space if uretprobes were not set up. Root cause: trampoline_check_ip cou...
CVE-2025-22046
In the Linux kernel, the following vulnerability has been resolved: uprobes/x86: Harden uretprobe syscall trampoline check Jann reported a possible issue when trampolinecheckip returns address near the bottom of the address space that is allowed to call into the syscall if uretprobes are not set...
CVE-2025-22046 uprobes/x86: Harden uretprobe syscall trampoline check
In the Linux kernel, the following vulnerability has been resolved: uprobes/x86: Harden uretprobe syscall trampoline check Jann reported a possible issue when trampolinecheckip returns address near the bottom of the address space that is allowed to call into the syscall if uretprobes are not set...
PT-2025-16686 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A possible issue was reported in the Linux kernel when the trampoline check ip returns an address near the bottom of the address space that is allowed to call into the syscall if...
Exploit for CVE-2025-0401
CVE-2025-0401 - Local Privilege Escalation via SUID Binary Abu...
The vulnerability of the bpf_link_show_fdinfo() function in the kernel/bpf/syscall.c module of the Linux operating system allows a attacker to compromise the confidentiality and accessibility of the protected information.
The vulnerability of the bpflinkshowfdinfo function in the kernel/bpf/syscall.c module of the Linux operating system is related to reading beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to compromise the confidentiality and accessibility of the protected...
PT-2025-20532
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A issue in the Linux kernel has been identified where the sched yield syscall may not cause scheduling in time-travel mode, potentially leading to extreme slowdown or deadlock. This is d...
Linux 5.6 Cred Refcount Overflow
Linux 5.6 suffers from a cred refcount overflow at approximately 39 gigs of memory usage via iouring. see also my related prior bug reports about overflowing refcounts with lots of RAM usage: https://crbug.com/project-zero/809: BPF program refcount, with 32GiB RAM...
Linux 6.5 Kernel Pointer Leak
The Linux cachestat syscall introduced in 6.5 has a read-after-type-change of folio that leads to a kernel pointer leak...
CVE-2025-21834 seccomp: passthrough uretprobe systemcall without filtering
In the Linux kernel, the following vulnerability has been resolved: seccomp: passthrough uretprobe systemcall without filtering When attaching uretprobes to processes running inside docker, the attached process is segfaulted when encountering the retprobe. The reason is that now that uretprobe is...
Linux Distros Unpatched Vulnerability : CVE-2025-21691
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: cachestat: fix page cache statistics permission checking When the 'cachestat' system call wa...
Linux Distros Unpatched Vulnerability : CVE-2024-53137
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ARM: fix cacheflush with PAN It seems that the cacheflush syscall got broken when PAN for LP...
Linux Distros Unpatched Vulnerability : CVE-2023-0045
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall. The ibprctlset function updates the Thread Information...
Linux Distros Unpatched Vulnerability : CVE-2022-49077
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mmmremap.c: avoid pointless invalidaterangestart/end on mremapoldsize=0 If an mremap syscall with oldsize=0 ends up in movepagetables, it will call...
SUSE CVE-2022-49520
In the Linux kernel, the following vulnerability has been resolved: arm64: compat: Do not treat syscall number as ESRELx for a bad syscall If a compat process tries to execute an unknown system call above the ARMNRCOMPATEND number, the kernel sends a SIGILL signal to the offending process...