378 matches found
kernel: ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up
A use after free vulnerability exists in the linux kernel such that dputupper is being called before ovldentryupdatereval, while upper-dflags was still accessed in ovldentryremote...
UBUNTU-CVE-2025-38433
In the Linux kernel, the following vulnerability has been resolved: riscv: fix runtime constant support for nommu kernels the runtimefixup32 function does not handle the case where val is zero correctly as might occur when patching a nommu kernel and referring to a physical address below the 4GiB...
CVE-2025-38433
In the Linux kernel, the following vulnerability has been resolved: riscv: fix runtime constant support for nommu kernels the runtimefixup32 function does not handle the case where val is zero correctly as might occur when patching a nommu kernel and referring to a physical address below the 4GiB...
kernel: ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up
A use after free vulnerability exists in the linux kernel such that dputupper is being called before ovldentryupdatereval, while upper-dflags was still accessed in ovldentryremote...
CVE-2022-50156
In the Linux kernel, the following vulnerability has been resolved: HID: cp2112: prevent a buffer overflow in cp2112xfer Smatch warnings: drivers/hid/hid-cp2112.c:793 cp2112xfer error: memcpy 'data-block1' too small 33 vs 255 drivers/hid/hid-cp2112.c:793 cp2112xfer error: memcpy 'buf' too small 6...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: net: dsa: fixed the issue where dereferencing the netdevpriv variable occurred before the type check, in cases where the event is triggered on non-DSA network devices. After the bug was reported, we began handling this...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: ovl: Fixed a UAF Use-After-Free in ovldentryupdatereval by moving the dput function within ovllinkup. The issue arose because dputupper was called before ovldentryupdatereval, while upper-dflags was still accessed in...
The Cost of Restaking Vs. Proof-Of-Stake
We compare the efficiency of restaking and Proof-of-Stake PoS protocols in terms of stake requirements. First, we consider the sufficient condition for the restaking graph to be secure. We show that the condition implies that it is always possible to transform such a restaking graph into secure P...
CVE-2019-14027
Buffer overflow due to lack of upper bound check on channel length which is used for a loop. in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and...
kernel: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_init_flow()
In the Linux kernel, the following vulnerability has been resolved: ipv4: iptunnel: Fix suspicious RCU usage warning in iptunnelinitflow There are code paths from which the function is called without holding the RCU read lock, resulting in a suspicious RCU usage warning 1. Fix by using...
USN-7505-1 abseil vulnerability
It was discovered that Abseil incorrectly handled memory with the upper bound of the size argument. An attacker could possibly use this issue to cause a denial of service or memory corruption...
New Capacity Bounds for PIR on Graph and Multigraph-Based Replicated Storage
In this paper, we study the problem of private information retrieval PIR in both graph-based and multigraph-based replication systems, where each file is stored on exactly two servers, and any pair of servers shares at most $r$ files. We derive upper bounds on the PIR capacity for such systems an...
PT-2025-35970
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to an upper bound check of the tree index in the dbAllocAG function within the JFS filesystem. Specifically, the code does not verify if the...
SUSE CVE-2025-21887
In the Linux kernel, the following vulnerability has been resolved: ovl: fix UAF in ovldentryupdatereval by moving dput in ovllinkup The issue was caused by dputupper being called before ovldentryupdatereval, while upper-dflags was still accessed in ovldentryremote. Move dputupper after its last...
01os (>=0.0.1 <=0.0.13), aeiva (>=0.8.1 <=0.8.2.6) +145 more potentially affected by CVE-2024-8984 via litellm (>=1.0.0 <=1.56.10)
litellm PYPI version =1.0.0, =0.0.1, =0.8.1, =0.14.1a0, =0.0.5, =1.1.2, =0.0.4, =0.1.1, =0.5.0, =1.0.3, =0.2.10, =0.29.0, =0.59.1, =0.1.5, =1.1.1 - aigrok =0.2.1 - aijson-ml =0.1.1 and more Source cves: CVE-2024-8984 Source advisory: SNYK:PYTHON-LITELLM-9511163...
Linux Stale TLB Use-After-Free
Linux stable versions 5.4 and 5.10 suffer from a page use-after-free condition via a stale TLB entry caused by rmap lock not being held during PUD move...
CVE-2025-1942
When String.toUpperCase caused a string to get longer it was possible for uninitialized memory to be incorporated into the result string This vulnerability affects Firefox 136 and Thunderbird 136...
DEBIAN-CVE-2022-49732
In the Linux kernel, the following vulnerability has been resolved: sock: redo the psock vs ULP protection check Commit 8a59f9d1e3d4 "sock: Introduce sk-skprot-psockupdateskprot" has moved the inetcskhasulpsk check from skpsockinit to the new tcpbpfupdateproto function. I'm guessing that this was...
UBUNTU-CVE-2022-49067
In the Linux kernel, the following vulnerability has been resolved: powerpc: Fix virtaddrvalid for 64-bit Book3E & 32-bit mpe: On 64-bit Book3E vmalloc space starts at 0x8000000000000000. Because of the way pa works we have: pa0x8000000000000000 == 0, and therefore virttopfn0x8000000000000000 == ...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the sock module not properly handling ULP protection checks during psock initialization...