SUSE CVE-2023-52499

In the Linux kernel, the following vulnerability has been resolved: powerpc/47x: Fix 47x syscall return crash Eddie reported that newer kernels were crashing during boot on his 476 FSP2 system: kernel tried to execute user page b7ee2000 - exploit attempt? uid: 0 BUG: Unable to handle kernel...

CVE-2025-21687

In the Linux kernel, the following vulnerability has been resolved: vfio/platform: check the bounds of read/write syscalls count and offset are passed from user space and not checked, only offset is capped to 40 bits, which can be used to read/write out of bounds of the device...

SUSE CVE-2025-21691

In the Linux kernel, the following vulnerability has been resolved: cachestat: fix page cache statistics permission checking When the 'cachestat' system call was added in commit cf264e1329fb "cachestat: implement cachestat syscall", it was meant to be a much more convenient and performant version...

DEBIAN-CVE-2025-21691

In the Linux kernel, the following vulnerability has been resolved: cachestat: fix page cache statistics permission checking When the 'cachestat' system call was added in commit cf264e1329fb "cachestat: implement cachestat syscall", it was meant to be a much more convenient and performant version...

CVE-2025-21687

In the Linux kernel, the following vulnerability has been resolved: vfio/platform: check the bounds of read/write syscalls count and offset are passed from user space and not checked, only offset is capped to 40 bits, which can be used to read/write out of bounds of the device...

UBUNTU-CVE-2025-21691

In the Linux kernel, the following vulnerability has been resolved: cachestat: fix page cache statistics permission checking When the 'cachestat' system call was added in commit cf264e1329fb "cachestat: implement cachestat syscall", it was meant to be a much more convenient and performant version...

CVE-2025-21691

In the Linux kernel, the following vulnerability has been resolved: cachestat: fix page cache statistics permission checking When the 'cachestat' system call was added in commit cf264e1329fb "cachestat: implement cachestat syscall", it was meant to be a much more convenient and performant version...

CVE-2025-21687

In the Linux kernel, the following vulnerability has been resolved: vfio/platform: check the bounds of read/write syscalls count and offset are passed from user space and not checked, only offset is capped to 40 bits, which can be used to read/write out of bounds of the device...

CVE-2025-21687 vfio/platform: check the bounds of read/write syscalls

In the Linux kernel, the following vulnerability has been resolved: vfio/platform: check the bounds of read/write syscalls count and offset are passed from user space and not checked, only offset is capped to 40 bits, which can be used to read/write out of bounds of the device...

CVE-2025-1115

A vulnerability classified as problematic was found in RT-Thread up to 5.1.0. Affected by this vulnerability is the function...

PT-2025-6016 · Rt-Thread · Rt-Thread

Name of the Vulnerable Software and Affected Versions: RT-Thread versions up to 5.1.0 Description: A problematic vulnerability was found in RT-Thread. The issue affects the sys thread create function of the file rt-thread/components/lwp/lwp syscall.c. The manipulation of the argument arg0 leads t...

PT-2026-8175

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw where the syscall number, a user-controlled value, is used to index into the syscall table. This can lead to speculative out-of-bounds access and potenti...

PT-2025-34375 · Spim +1 · Spim +1

Name of the Vulnerable Software and Affected Versions: spim versions prior to 9.1.24 Description: spimsimulator spim is susceptible to a buffer overflow in the READ STRING SYSCALL function. Recommendations: Update to a version newer than 9.1.24...

CVE-2024-53212

In the Linux kernel, the following vulnerability has been resolved: netlink: fix false positive warning in extack during dumps Commit under fixes extended extack reporting to dumps. It works under normal conditions, because extack errors are usually reported during -start or the first -dump, it's...

AZL-67605 CVE-2024-53219 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: virtiofs: use pages instead of pointer for kernel direct IO When trying to insert a 10MB kernel module kept in a virtio-fs with cache disabled, the following warning was reported: ------------ cut here ------------ WARNING: CPU: ...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-50039)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-50039 advisory. - In the Linux kernel, the following vulnerability has been resolved: net/sched: accept TCASTAB only for root...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-50182)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-50182 advisory. - In the Linux kernel, the following vulnerability has been resolved: secretmem: disable memfdsecret if arch...

CVE-2024-53137 ARM: fix cacheflush with PAN

In the Linux kernel, the following vulnerability has been resolved: ARM: fix cacheflush with PAN It seems that the cacheflush syscall got broken when PAN for LPAE was implemented. User access was not enabled around the cache maintenance instructions, causing them to fault...

CVE-2024-53118 vsock: Fix sk_error_queue memory leak

In the Linux kernel, the following vulnerability has been resolved: vsock: Fix skerrorqueue memory leak Kernel queues MSGZEROCOPY completion notifications on the error queue. Where they remain, until explicitly recved. To prevent memory leaks, clean up the queue when the socket is destroyed...

CVE-2024-50182

In the Linux kernel, the following vulnerability has been resolved: secretmem: disable memfdsecret if arch cannot set direct map Return -ENOSYS from memfdsecret syscall if !cansetdirectmap. This is the case for example on some arm64 configurations, where marking 4k PTEs in the direct map not...