3215 matches found
USN-7775-3 linux-azure-5.15 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA...
CVE-2025-39900
In the Linux kernel, the following vulnerability has been resolved: netsched: genestimator: fix esttimer vs CONFIGPREEMPTRT=y syzbot reported a WARNING in esttimer 1 Problem here is that with CONFIGPREEMPTRT=y, timer callbacks can be preempted. Adopt preemptdisablenested/preemptenablenested to fi...
UBUNTU-CVE-2025-39900
In the Linux kernel, the following vulnerability has been resolved: netsched: genestimator: fix esttimer vs CONFIGPREEMPTRT=y syzbot reported a WARNING in esttimer 1 Problem here is that with CONFIGPREEMPTRT=y, timer callbacks can be preempted. Adopt preemptdisablenested/preemptenablenested to fi...
CVE-2025-39900 net_sched: gen_estimator: fix est_timer() vs CONFIG_PREEMPT_RT=y
In the Linux kernel, the following vulnerability has been resolved: netsched: genestimator: fix esttimer vs CONFIGPREEMPTRT=y syzbot reported a WARNING in esttimer 1 Problem here is that with CONFIGPREEMPTRT=y, timer callbacks can be preempted. Adopt preemptdisablenested/preemptenablenested to fi...
CVE-2025-39900 net_sched: gen_estimator: fix est_timer() vs CONFIG_PREEMPT_RT=y
In the Linux kernel, the following vulnerability has been resolved: netsched: genestimator: fix esttimer vs CONFIGPREEMPTRT=y syzbot reported a WARNING in esttimer 1 Problem here is that with CONFIGPREEMPTRT=y, timer callbacks can be preempted. Adopt preemptdisablenested/preemptenablenested to fi...
CVE-2025-39900
In the Linux kernel, the following vulnerability has been resolved: netsched: genestimator: fix esttimer vs CONFIGPREEMPTRT=y syzbot reported a WARNING in esttimer 1 Problem here is that with CONFIGPREEMPTRT=y, timer callbacks can be preempted. Adopt preemptdisablenested/preemptenablenested to fi...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a race condition between the esttimer and CONFIGPREEMPTRT configurations, which could result in a null pointer...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to use a synchronization mechanism when deleting timers in the smpexecutetasksg function, which...
PT-2025-40107
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the libsas component of the Linux kernel, specifically within the smp execute task sg function. This occurs when an SMP task execution fails, and the del...
PT-2025-40074
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the net sched subsystem, specifically in the est timer function when CONFIG PREEMPT RT is enabled. This configuration can lead to preemption of...
CVE-2025-8200
The Mega Elements – Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Countdown Timer widget in all versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
CVE-2025-8200
The Mega Elements – Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Countdown Timer widget in all versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
CVE-2025-8200
CVE-2025-8200 affects Mega Elements – Addons for Elementor (WordPress): Stored Cross-Site Scripting via the Countdown Timer widget in all versions up to 1.3.2, caused by insufficient input sanitization and output escaping on user-supplied attributes. Exploitation requires at least contributor-lev...
CVE-2025-8200 Mega Elements – Addons for Elementor <= 1.3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Timer Widget
The Mega Elements – Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Countdown Timer widget in all versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
PT-2025-39479
Name of the Vulnerable Software and Affected Versions Mega Elements – Addons for Elementor plugin for WordPress versions up to and including 1.3.2 Description The software contains a Stored Cross-Site Scripting issue within the Countdown Timer widget. Insufficient input sanitization and output...
USN-7776-1 linux-oracle-5.15 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA...
Linux Distros Unpatched Vulnerability : CVE-2025-39859
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ptp: ocp: fix use-after-free bugs causing by ptpocpwatchdog The ptpocpdetach only shuts down the watchdog timer if it is pending. However, if the timer handler ...
bpf: Tell memcg to use allow_spinning=false path in bpf_timer_init()
...
SUSE CVE-2025-39886
In the Linux kernel, the following vulnerability has been resolved: bpf: Tell memcg to use allowspinning=false path in bpftimerinit Currently, calling bpfmapkmallocnode from bpfasyncinit can cause various locking issues; see the following stack trace edited for style as one example: ... 10.011566...
CVE-2025-39886
In the Linux kernel, the following vulnerability has been resolved: bpf: Tell memcg to use allowspinning=false path in bpftimerinit Currently, calling bpfmapkmallocnode from bpfasyncinit can cause various locking issues; see the following stack trace edited for style as one example: ... 10.011566...