12633 matches found
CVE-2023-53383 irqchip/gicv3: Workaround for NVIDIA erratum T241-FABRIC-4
In the Linux kernel, the following vulnerability has been resolved: irqchip/gicv3: Workaround for NVIDIA erratum T241-FABRIC-4 The T241 platform suffers from the T241-FABRIC-4 erratum which causes unexpected behavior in the GIC when multiple transactions are received simultaneously from different...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the skbpartialcsumset function not properly handling the transfer header special value 0xFFFF, which could...
GLSA-202509-05 : Plex Media Server: Incorrect resource transfer
The remote host is affected by the vulnerability described in GLSA-202509-05 Plex Media Server: Incorrect resource transfer A vulnerability has been discovered in glibc. Please review the CVE identifier referenced below for details. Tenable has extracted the preceding description block directly...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an unseparated transfer when fcoeifinit fails, which could lead to a crash when the module is reinserted...
Information Exposure
Overview Affected versions of this package are vulnerable to Information Exposure via the gRPC API and HTTP APIs, which allow peers to send requests that cause the recipient to create files in arbitrary file system locations and read arbitrary files. An attacker can access sensitive data or execu...
Information Exposure
Overview Affected versions of this package are vulnerable to Information Exposure via the gRPC API and HTTP APIs, which allow peers to send requests that cause the recipient to create files in arbitrary file system locations and read arbitrary files. An attacker can access sensitive data or execu...
CVE-2025-59410 Dragonfly tiny file download uses hard coded HTTP protocol
Dragonfly is an open source P2P-based file distribution and image acceleration system. Prior to 2.1.0, the code in the scheduler for downloading a tiny file is hard coded to use the HTTP protocol, rather than HTTPS. This means that an attacker could perform a Man-in-the-Middle attack, changing th...
Dragonfly 安全漏洞
Dragonfly is an open source framework from DragonflyDB that allows dynamic processing of any content type. A security vulnerability exists in Dragonfly versions prior to 2.1.0, which stems from a hard-coded use of the HTTP protocol instead of HTTPS when downloading small files in the scheduler...
Linux Distros Unpatched Vulnerability : CVE-2023-53325
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/mediatek: dp: Change logging to dev for mtkdpauxtransfer Change logging from drmerr,info to deverr,info in functions mtkdpauxtransfer and mtkdpauxdotransfer...
SUSE CVE-2022-50272
In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: az6027: fix null-ptr-deref in az6027i2cxfer Wei Chen reports a kernel bug as blew: general protection fault, probably for non-canonical address KASAN: null-ptr-deref in range 0x0000000000000010-0x0000000000000017...
CVE-2023-53307
In the Linux kernel, the following vulnerability has been resolved: rbd: avoid use-after-free in dorbdadd when rbddevcreate fails If getting an ID or setting up a work queue in rbddevcreate fails, use-after-free on rbddev-rbdclient, rbddev-spec and rbddev-opts is triggered in dorbdadd. The root...
CVE-2023-53325
In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: dp: Change logging to dev for mtkdpauxtransfer Change logging from drmerr,info to deverr,info in functions mtkdpauxtransfer and mtkdpauxdotransfer: this will be essential to avoid getting NULL pointer kernel panics ...
CVE-2023-53307
In the Linux kernel, the following vulnerability has been resolved: rbd: avoid use-after-free in dorbdadd when rbddevcreate fails If getting an ID or setting up a work queue in rbddevcreate fails, use-after-free on rbddev-rbdclient, rbddev-spec and rbddev-opts is triggered in dorbdadd. The root...
DEBIAN-CVE-2023-53307
In the Linux kernel, the following vulnerability has been resolved: rbd: avoid use-after-free in dorbdadd when rbddevcreate fails If getting an ID or setting up a work queue in rbddevcreate fails, use-after-free on rbddev-rbdclient, rbddev-spec and rbddev-opts is triggered in dorbdadd. The root...
CVE-2023-53325 drm/mediatek: dp: Change logging to dev for mtk_dp_aux_transfer()
In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: dp: Change logging to dev for mtkdpauxtransfer Change logging from drmerr,info to deverr,info in functions mtkdpauxtransfer and mtkdpauxdotransfer: this will be essential to avoid getting NULL pointer kernel panics ...
CVE-2023-53307
CVE-2023-53307: In the Linux kernel rbd subsystem, do_rbd_add() can trigger a use-after-free if rbd_dev_create() fails after transferring ownership of rbd_dev fields (rbd_client, spec, opts) to the rbd_dev. The root cause is that these structures are freed when rbd_dev_create() calls rbd_dev_free...
CVE-2023-53307
In the Linux kernel, the following vulnerability has been resolved: rbd: avoid use-after-free in dorbdadd when rbddevcreate fails If getting an ID or setting up a work queue in rbddevcreate fails, use-after-free on rbddev-rbdclient, rbddev-spec and rbddev-opts is triggered in dorbdadd. The root...
CVE-2023-53307 rbd: avoid use-after-free in do_rbd_add() when rbd_dev_create() fails
In the Linux kernel, the following vulnerability has been resolved: rbd: avoid use-after-free in dorbdadd when rbddevcreate fails If getting an ID or setting up a work queue in rbddevcreate fails, use-after-free on rbddev-rbdclient, rbddev-spec and rbddev-opts is triggered in dorbdadd. The root...
CVE-2023-53307 rbd: avoid use-after-free in do_rbd_add() when rbd_dev_create() fails
In the Linux kernel, the following vulnerability has been resolved: rbd: avoid use-after-free in dorbdadd when rbddevcreate fails If getting an ID or setting up a work queue in rbddevcreate fails, use-after-free on rbddev-rbdclient, rbddev-spec and rbddev-opts is triggered in dorbdadd. The root...
CVE-2025-39828 atm: atmtcp: Prevent arbitrary write in atmtcp_recv_control().
In the Linux kernel, the following vulnerability has been resolved: atm: atmtcp: Prevent arbitrary write in atmtcprecvcontrol. syzbot reported the splat below. 0 When atmtcpvopen or atmtcpvclose is called via connect or close, atmtcpsendcontrol is called to send an in-kernel special message. The...