CVE-2023-53218

The CVE-2023-53218 entry concerns the Linux kernel rxrpc path. A call created by sendmsg() could be aborted only after a connection assignment, but interrupted scheduling could cause subsequent sendmsg() calls to fail with EBUSY until an assignment occurs. The fix ensures that such a waiting rxrp...

CVE-2023-53189

In the Linux kernel, the following vulnerability has been resolved: ipv6/addrconf: fix a potential refcount underflow for idev Now in addrconfmodrstimer, reference idev depends on whether rstimer is not pending. Then modify rstimer timeout. There is a time gap in 1, during which if the pending...

DEBIAN-CVE-2023-53189

In the Linux kernel, the following vulnerability has been resolved: ipv6/addrconf: fix a potential refcount underflow for idev Now in addrconfmodrstimer, reference idev depends on whether rstimer is not pending. Then modify rstimer timeout. There is a time gap in 1, during which if the pending...

UBUNTU-CVE-2023-53189

In the Linux kernel, the following vulnerability has been resolved: ipv6/addrconf: fix a potential refcount underflow for idev Now in addrconfmodrstimer, reference idev depends on whether rstimer is not pending. Then modify rstimer timeout. There is a time gap in 1, during which if the pending...

UBUNTU-CVE-2022-50251

In the Linux kernel, the following vulnerability has been resolved: mmc: vub300: fix return value check of mmcaddhost mmcaddhost may return error, if we ignore its return value, the memory that allocated in mmcallochost will be leaked and it will lead a kernel crash because of deleting not added...

CVE-2023-53189 ipv6/addrconf: fix a potential refcount underflow for idev

In the Linux kernel, the following vulnerability has been resolved: ipv6/addrconf: fix a potential refcount underflow for idev Now in addrconfmodrstimer, reference idev depends on whether rstimer is not pending. Then modify rstimer timeout. There is a time gap in 1, during which if the pending...

CVE-2023-53189 ipv6/addrconf: fix a potential refcount underflow for idev

In the Linux kernel, the following vulnerability has been resolved: ipv6/addrconf: fix a potential refcount underflow for idev Now in addrconfmodrstimer, reference idev depends on whether rstimer is not pending. Then modify rstimer timeout. There is a time gap in 1, during which if the pending...

CVE-2022-50251 mmc: vub300: fix return value check of mmc_add_host()

In the Linux kernel, the following vulnerability has been resolved: mmc: vub300: fix return value check of mmcaddhost mmcaddhost may return error, if we ignore its return value, the memory that allocated in mmcallochost will be leaked and it will lead a kernel crash because of deleting not added...

Important: Red Hat Security Advisory: kpatch-patch-5_14_0-570_17_1 and kpatch-patch-5_14_0-570_39_1 security update

An update for multiple packages is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

kernel: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del()

A race condition was found in the Linux kernel’s POSIX CPU timer handling, where handleposixcputimers may run concurrently with posixcputimerdel on an exiting task which could result in use-after-free scenarios. An attacker with local user access could use this flaw to crash or escalate their...

PT-2025-37660

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a use-after-free issue within the netup unidvb driver when a Universal DVB card is detached. Specifically, the del timer function may not successfully stop th...

PT-2025-37505

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The mmc add host function may return an error, and ignoring this return value can lead to a memory leak. This memory leak occurs because memory allocated in mmc alloc host is not freed...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not properly stopping the dma-timeout timer, which could lead to reuse after release...

Oracle Linux 9 : kernel (ELSA-2025-15740)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-15740 advisory. - ipv6: mcast: Delay put pmc-idev in mlddeldelrec CKI Backport Bot RHEL-111149 CVE-2025-38550 - posix-cpu-timers: fix race between handleposixcputimers and...

Linux Distros Unpatched Vulnerability : CVE-2025-39765

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ALSA: timer: fix idafree call while not allocated In the sndutimercreate function, if the kasprintf function return NULL, sndutimerputid will be called, finally...

CVE-2025-58142

A NULL pointer dereference vulnerability exists in Xen’s viridian implementation by assuming the synthetic interrupt message SIM page is mapped when delivering a synthetic timer message. A malicious x86 HVM guest with the stimer viridian extension enabled could trigger this flaw, leading to a hos...

CVE-2025-8445

The Countdown Timer for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'countdownlabel' Parameter in all versions up to, and including, 1.3.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

SUSE SLED15: xen / xen-devel / xen-libs / xen-tools / xen-tools-domU / etc (SUSE-SU-2025:03172-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03172-1 advisory. Security issues fixed: - CVE-2025-27466: NULL pointer dereference in the Viridian interface when updating the...

SUSE CVE-2025-39765

In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: fix idafree call while not allocated In the sndutimercreate function, if the kasprintf function return NULL, sndutimerputid will be called, finally use idafree to free the unallocated id 0. the syzkaller reported the...

CVE-2025-39773

In the Linux kernel, the following vulnerability has been resolved: net: bridge: fix soft lockup in brmulticastqueryexpired When set multicastqueryinterval to a large value, the local variable 'time' in brmulticastsendquery may overflow. If the time is smaller than jiffies, the timer will expire...