Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: rcu/nocb: Fix rcuog wake-up from offline softirq After a CPU has set itself offline and before it eventually calls rcutreereportcpudead, there are still opportunities for callbacks to be enqueued, for example from a softirq. When...

CVE-2021-35103

Possible out of bound write due to improper validation of number of timer values received from firmware while syncing timers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and...

Important: kernel-livepatch-6.1.115-126.197

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: Fix use after free in lineinfochangednotify CVE-2024-36899 In the Linux kernel, the following vulnerability has been resolved: ext4: fix timer use-after-free on failed mount CVE-2024-49960 In the...

Important: kernel-livepatch-5.10.228-219.884

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix slab-use-after-free in gfs2qddealloc CVE-2023-52760 In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: Fix use after free in lineinfochangednotify CVE-2024-36899 In the...

Important: kernel-livepatch-5.10.233-223.887

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix slab-use-after-free in gfs2qddealloc CVE-2023-52760 In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: Fix use after free in lineinfochangednotify CVE-2024-36899 In the...

rtc: check if __rtc_read_time was successful in rtc_timer_do_work()

...

PT-2025-9007

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel's hrtimers infrastructure allows wakeups to be performed by an outgoing CPU after the CPUHP AP HRTIMERS DYING stage, potentially resulting in bandwidt...

PT-2025-9966

Name of the Vulnerable Software and Affected Versions Linux kernel versions 5.15 through 6.12 Description A vulnerability in the Linux kernel has been identified, related to the handling of bpf timers. The issue arises when the hrtimer cancel function attempts to acquire a lock that is already...

CVE-2025-23699

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in techmix Event Countdown Timer Plugin by TechMix event-countdown-timer allows Reflected XSS.This issue affects Event Countdown Timer Plugin by TechMix: from n/a through = 1.4...

CVE-2025-23699

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in techmix Event Countdown Timer Plugin by TechMix event-countdown-timer allows Reflected XSS.This issue affects Event Countdown Timer Plugin by TechMix: from n/a through = 1.4...

CVE-2025-23699 WordPress Event Countdown Timer Plugin by TechMix plugin <= 1.4 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in techmix Event Countdown Timer Plugin by TechMix event-countdown-timer allows Reflected XSS.This issue affects Event Countdown Timer Plugin by TechMix: from n/a through = 1.4...

CVE-2025-23699 WordPress Event Countdown Timer Plugin by TechMix plugin <= 1.4 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in TechMix Event Countdown Timer Plugin by TechMix allows Reflected XSS.This issue affects Event Countdown Timer Plugin by TechMix: from n/a through 1.4...

CVE-2025-23699

CVE-2025-23699 — Reflected XSS in TechMix Event Countdown Timer Plugin for WordPress (Event Countdown Timer by TechMix). Affected: Plugin versions up to 1.4 (and possibly n/a), vulnerable code path during web page generation allowing Reflected XSS. CVSS v3.1: AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L; ...

WordPress Event Countdown Timer Plugin by TechMix plugin <= 1.4 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Muhamad Agil Fachrian in WordPress Plugin Event Countdown Timer Plugin by TechMix versions = 1.4...

WordPress plugin Event Countdown Timer Plugin by TechMix 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in the WordPres...

CLSA-2025-1736778412 kernel: Fix of 17 CVEs

tracing: Free buffers when a used dynamic event is removed CVE-2022-49006 - ASoC: ops: Check bounds for second channel in sndsocputvolswsx CVE-2022-48951 - ext4: fix slab-use-after-free in ext4splitextentat CVE-2024-49884 - ext4: fix bug on in ext4escacheextent as ext4splitextentat failed...

CLSA-2025-1736783731 kernel: Fix of 10 CVEs

media: edia: dvbdev: fix a use-after-free CVE-2024-27043 - vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans CVE-2024-50264 - net/sched: stop qdisctreereducebacklog on TCHROOT CVE-2024-53057 - bpf: Fix out-of-bounds write in triegetnextkey CVE-2024-50262 - KVM: nSVM:...

CVE-2024-54683 netfilter: IDLETIMER: Fix for possible ABBA deadlock

In the Linux kernel, the following vulnerability has been resolved: netfilter: IDLETIMER: Fix for possible ABBA deadlock Deletion of the last rule referencing a given idletimer may happen at the same time as a read of its file in sysfs: | ====================================================== |...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates in the netfilter: IDLETIMER module that can cause an ABBA deadlock when deleting rules and reading sysfs fil...

The vulnerabilities of the `__mod_timer()` and `kvfree_call_rcu()` functions in the Linux operating system allow a hacker to trigger a service failure.

The vulnerability of the modtimer and kvfreecallrcu functions in the Linux operating system is related to synchronization errors when using shared resources „Race Conditions“. Exploiting this vulnerability can allow an attacker to cause a service failure...