108 matches found
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: um: vector: Fixed a memory leak in vectorconfig. If the return value of the umlparsevectorifspec function is NULL, we should call kfreeparams to prevent the memory leak...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: um: initcputasks earlier. This issue is currently handled in umlfinishsetup. However, for example, when KCOV is enabled, this can cause crashes. This happens because some initialization code may call functions like memparse, whic...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: um: net: Do not use drvdata in release. The drvdata is not available in the release version. We should use containerof to obtain the umlnet instance. Otherwise, removing a network device will result in a crash: RIP:...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: um: virtiouml: Fixed a use-after-free after putdevice in probe. When registervirtiodevice fails in virtioumlprobe, the code sets vudev-registered = 1, even though the device was not successfully registered. This can lead to...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013799)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013799 advisory. In the Linux kernel, the following vulnerability has been resolved: um: vector: Fix memory leak in vectorconfig If the return value of the umlparsevectorifspec...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011066)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011066 advisory. In the Linux kernel, the following vulnerability has been resolved: um: vector: Fix memory leak in vectorconfig If the return value of the umlparsevectorifspec...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013031)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013031 advisory. In the Linux kernel, the following vulnerability has been resolved: um: virtiouml: Fix use-after-free after putdevice in probe When registervirtiodevice fails in...
USN-8177-1 linux, linux-realtime vulnerabilities
Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006740)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006740 advisory. In the Linux kernel, the following vulnerability has been resolved: um: virtiouml: Fix use-after-free after putdevice in probe When registervirtiodevice fails in...
USN-8033-5: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Nios II architecture; - Sun Sparc architecture; - User-Mode Linux UML; - x86 architecture; - Block layer subsystem;...
SUSE CVE-2025-71115
In the Linux kernel, the following vulnerability has been resolved: um: init cputasks earlier This is currently done in umlfinishsetup, but e.g. with KCOV enabled we'll crash because some init code can call into e.g. memparse, which has coverage annotations, and then the checks in checkkcovmode...
CVE-2025-71115
In the Linux kernel, the following vulnerability has been resolved: um: init cputasks earlier This is currently done in umlfinishsetup, but e.g. with KCOV enabled we'll crash because some init code can call into e.g. memparse, which has coverage annotations, and then the checks in checkkcovmode...
CVE-2025-71115
In the Linux kernel, the following vulnerability has been resolved: um: init cputasks earlier This is currently done in umlfinishsetup, but e.g. with KCOV enabled we'll crash because some init code can call into e.g. memparse, which has coverage annotations, and then the checks in checkkcovmode...
CVE-2025-71115
CVE-2025-71115 pertains to the Linux kernel where cpu_tasks[] is not initialized early enough, causing a NULL current in certain init paths (notably with KCOV enabled) and potential crashes. The available connected docs confirm the vulnerability arises from initializing cpu_tasks[] in uml_finishs...
CVE-2025-71115
In the Linux kernel, the following vulnerability has been resolved: um: init cputasks earlier This is currently done in umlfinishsetup, but e.g. with KCOV enabled we'll crash because some init code can call into e.g. memparse, which has coverage annotations, and then the checks in checkkcovmode...
CVE-2025-71115
In the Linux kernel, the following vulnerability has been resolved: um: init cputasks earlier This is currently done in umlfinishsetup, but e.g. with KCOV enabled we'll crash because some init code can call into e.g. memparse, which has coverage annotations, and then the checks in checkkcovmode...
CVE-2018-1000837
UML Designer version = 8.0.0 contains a XML External Entity XXE vulnerability in XML parser for plugins that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This attack appear to be exploitable via malicious plugins.xml file...
Stored XSS
Overview Affected versions of this package are vulnerable to Stored XSS due to insufficient sanitization of interactive attributes in GraphViz diagrams. As a result, a crafted PlantUML diagram can inject malicious JavaScript into generated SVG output, leading to arbitrary script execution in the...
SUSE CVE-2023-53745
In the Linux kernel, the following vulnerability has been resolved: um: vector: Fix memory leak in vectorconfig If the return value of the umlparsevectorifspec function is NULL, we should call kfreeparams to prevent memory leak...
Linux Distros Unpatched Vulnerability : CVE-2023-53745
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - um: vector: Fix memory leak in vectorconfig If the return value of the umlparsevectorifspec function is NULL, we should call kfreeparams to prevent memory leak...