Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Fixed the issue of tracepoints being reset upon removal of the timerlat tracer. If a timerlat tracer is started with the osnoise option OSNOISEWORKLOAD disabled, but then that option is enabled again and the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: The crash in timerlatdumpstack has been fixed. We have observed kernel panics when using timerlat with stack saving, with the following dmesg output: memcpy: detected buffer overflow: 88 bytes written to a buffer...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: rtla: Avoid dereferencing a NULL pointer. The following null/derefnull.cocci errors have also been fixed: ./tools/tracing/rtla/src/osnoisehist.c:870:31-36: Error: The record is NULL, but it was dereferenced...

Azure Linux 3.0 Security Update: kernel (CVE-2024-46845)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-46845 advisory. - In the Linux kernel, the following vulnerability has been resolved: tracing/timerlat: Only clear timer if a...

Azure Linux 3.0 Security Update: kernel (CVE-2024-49976)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-49976 advisory. - In the Linux kernel, the following vulnerability has been resolved: tracing/timerlat: Drop interfacelock in...

EUVD-2025-5192

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-38493

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Fix crash in timerlatdumpstack We have observed kernel panics when using...

Linux Distros Unpatched Vulnerability : CVE-2024-26703

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: tracing/timerlat: Move hrtimerinit to timerlatfd open Currently, the timerlat's hrtimer is...

SUSE CVE-2025-38493

In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Fix crash in timerlatdumpstack We have observed kernel panics when using timerlat with stack saving, with the following dmesg output: memcpy: detected buffer overflow: 88 byte write of buffer size 0 WARNING: CPU:...

AZL-65946 CVE-2025-38493 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Fix crash in timerlatdumpstack We have observed kernel panics when using timerlat with stack saving, with the following dmesg output: memcpy: detected buffer overflow: 88 byte write of buffer size 0 WARNING: CPU:...

DEBIAN-CVE-2025-38493

In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Fix crash in timerlatdumpstack We have observed kernel panics when using timerlat with stack saving, with the following dmesg output: memcpy: detected buffer overflow: 88 byte write of buffer size 0 WARNING: CPU:...

UBUNTU-CVE-2025-38493

In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Fix crash in timerlatdumpstack We have observed kernel panics when using timerlat with stack saving, with the following dmesg output: memcpy: detected buffer overflow: 88 byte write of buffer size 0 WARNING: CPU:...

CVE-2025-38493

CVE-2025-38493 concerns the Linux kernel vulnerability in tracing/osnoise, specifically timerlat_dump_stack(). The root cause is a faulty memcpy that uses a size field containing garbage from the ring buffer, which can trigger a buffer overflow and kernel panic when stack data is dumped. The vuln...

CVE-2025-38493

In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Fix crash in timerlatdumpstack We have observed kernel panics when using timerlat with stack saving, with the following dmesg output: memcpy: detected buffer overflow: 88 byte write of buffer size 0 WARNING: CPU:...

CVE-2025-38493 tracing/osnoise: Fix crash in timerlat_dump_stack()

In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Fix crash in timerlatdumpstack We have observed kernel panics when using timerlat with stack saving, with the following dmesg output: memcpy: detected buffer overflow: 88 byte write of buffer size 0 WARNING: CPU:...

PT-2025-31089

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.15.3-200.fc42 Description A flaw exists in the Linux kernel’s timerlat dump stack function within the tracing/osnoise subsystem. The issue stems from an incorrect order of operations when constructing the ftrac...

CVE-2025-22035 tracing: Fix use-after-free in print_graph_function_flags during tracer switching

In the Linux kernel, the following vulnerability has been resolved: tracing: Fix use-after-free in printgraphfunctionflags during tracer switching Kairui reported a UAF issue in printgraphfunctionflags during ftrace stress testing 1. This issue can be reproduced if puting a 'mdelay10' after...

Linux Distros Unpatched Vulnerability : CVE-2024-46845

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: tracing/timerlat: Only clear timer if a kthread exists The timerlat tracer can use user spac...

SUSE CVE-2025-21733

In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Fix resetting of tracepoints If a timerlat tracer is started with the osnoise option OSNOISEWORKLOAD disabled, but then that option is enabled and timerlat is removed, the tracepoints that were enabled on timerla...

CVE-2025-21733

In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Fix resetting of tracepoints If a timerlat tracer is started with the osnoise option OSNOISEWORKLOAD disabled, but then that option is enabled and timerlat is removed, the tracepoints that were enabled on timerla...