EUVD-2025-203663

In the Linux kernel, the following vulnerability has been resolved: drm/tegra: Add call to putpid Add a call to putpid corresponding to gettaskpid. host1xmemorycontextalloc does not take ownership of the PID so we need to free it here to avoid leaking. [email protected]: reword commit message...

CVE-2025-68258

In the Linux kernel, the following vulnerability has been resolved: comedi: multiq3: sanitize config options in multiq3attach Syzbot identified an issue 1 in multiq3attach that induces a task timeout due to open or COMEDIDEVCONFIG ioctl operations, specifically, in the case of multiq3 driver. Thi...

UBUNTU-CVE-2025-68250

In the Linux kernel, the following vulnerability has been resolved: hungtask: fix warnings caused by unaligned lock pointers The blocker tracking mechanism assumes that lock pointers are at least 4-byte aligned to use their lower bits for type encoding. However, as reported by Eero Tamminen, some...

UBUNTU-CVE-2025-68240

In the Linux kernel, the following vulnerability has been resolved: nilfs2: avoid having an active sctimer before freeing sci Because kthreadstop did not stop sctask properly and returned -EINTR, the sctimer was not properly closed, ultimately causing the problem 1 reported by syzbot when freeing...

CVE-2025-68250

The CVE-2025-68250 entry is about a Linux kernel issue where the blocker tracking mechanism assumed 4-byte alignment for lock pointers to encode types in lower bits. On architectures like m68k with only 2-byte alignment for 32-bit values, two WARN_ON_ONCE checks could trigger. The fix silently ig...

CVE-2025-68250 hung_task: fix warnings caused by unaligned lock pointers

In the Linux kernel, the following vulnerability has been resolved: hungtask: fix warnings caused by unaligned lock pointers The blocker tracking mechanism assumes that lock pointers are at least 4-byte aligned to use their lower bits for type encoding. However, as reported by Eero Tamminen, some...

CVE-2025-68233

In the Linux kernel, the following vulnerability has been resolved: drm/tegra: Add call to putpid Add a call to putpid corresponding to gettaskpid. host1xmemorycontextalloc does not take ownership of the PID so we need to free it here to avoid leaking. [email protected]: reword commit message...

CVE-2025-68194

In the Linux kernel, the following vulnerability has been resolved: media: imon: make sendpacket more robust syzbot is reporting that imon has three problems which result in hung tasks due to forever holding device lock 1. First problem is that when usbrxcallbackintf0 once got -EPROTO error after...

UBUNTU-CVE-2025-68233

In the Linux kernel, the following vulnerability has been resolved: drm/tegra: Add call to putpid Add a call to putpid corresponding to gettaskpid. host1xmemorycontextalloc does not take ownership of the PID so we need to free it here to avoid leaking. [email protected]: reword commit message...

CVE-2025-68233

In the Linux kernel, the following vulnerability has been resolved: drm/tegra: Add call to putpid Add a call to putpid corresponding to gettaskpid. host1xmemorycontextalloc does not take ownership of the PID so we need to free it here to avoid leaking. [email protected]: reword commit message...

CVE-2025-68233

CVE-2025-68233 affects the Linux kernel's drm/tegra path. The fix adds a put_pid() call corresponding to get_task_pid() because host1x_memory_context_alloc() does not take ownership of the PID, preventing a PID leak. The commercial advisories (Ubuntu/SUSE/OpenSUSE/NASL plug-ins) list this CVE amo...

CVE-2025-68233 drm/tegra: Add call to put_pid()

In the Linux kernel, the following vulnerability has been resolved: drm/tegra: Add call to putpid Add a call to putpid corresponding to gettaskpid. host1xmemorycontextalloc does not take ownership of the PID so we need to free it here to avoid leaking. [email protected]: reword commit message...

PT-2025-51653

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue within the nilfs2 filesystem related to the handling of timers during segment constructor destruction. Specifically, the sc timer might remain active...

Linux Distros Unpatched Vulnerability : CVE-2025-40358

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - riscv: stacktrace: Disable KASAN checks for non-current tasks Unwinding the stack of a task other than current, KASAN would report BUG: KASAN: out-of-bounds in...

PT-2025-51584

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue related to the handling of the XFD state during signal delivery. Specifically, when a non-AMX task is preempted by an AMX-enabled task that modifies th...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an unpurified configuration option in comedi:multiq3, which could lead to a task timeout...

PT-2025-51745

Name of the Vulnerable Software and Affected Versions Rukovoditel version 3.4.1 Description Rukovoditel version 3.4.1 has multiple stored cross-site scripting issues. Authenticated attackers can inject malicious scripts into project task comments. This allows them to execute arbitrary JavaScript ...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an unaligned lock pointer in hungtask causing a warning that could affect the m68k architecture...

PT-2025-51663

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue related to the blocker tracking mechanism, which assumes 4-byte alignment of lock pointers. Some architectures, like m68k, only guarantee 2-byte...

airflow-balancer (>=0.7.0 <=0.7.6), airflow-clickhouse-plugin (=1.5.0) +20 more potentially affected by CVE-2025-66388 via apache-airflow-task-sdk (>=1.0.0rc4 <=1.1.4)

apache-airflow-task-sdk PYPI version =1.0.0rc4, =0.7.0, =0.6.1, =1.10.7, =0.1.0, =1.4.3, =1.2.10, =0.1.1, =3.0.0rc3, =3.0.0rc3, =1.6.0, =1.5.3, =1.25.0rc1, =3.12.0, =0.0.4, =0.0.6.dev1 and more Source cves: CVE-2025-66388 Source advisory: SNYK:PYTHON-APACHEAIRFLOWTASKSDK-14459396...