12 matches found
EUVD-2025-5221
Malicious code in bioql PyPI...
EUVD-2025-13020
Malicious code in bioql PyPI...
CVE-2022-49840
In the Linux kernel, the following vulnerability has been resolved: bpf, testrun: Fix alignment problem in bpfprogtestrunskb We got a syzkaller problem because of aarch64 alignment fault if KFENCE enabled. When the size from user bpf program is an odd number, like 399, 407, etc, it will cause the...
CVE-2023-52935 mm/khugepaged: fix ->anon_vma race
In the Linux kernel, the following vulnerability has been resolved: mm/khugepaged: fix -anonvma race If an -anonvma is attached to the VMA, collapseandfreepmd requires it to be locked. Page table traversal is allowed under any one of the mmap lock, the anonvma lock if the VMA is associated with a...
CVE-2023-52935
In the Linux kernel, the following vulnerability has been resolved: mm/khugepaged: fix -anonvma race If an -anonvma is attached to the VMA, collapseandfreepmd requires it to be locked. Page table traversal is allowed under any one of the mmap lock, the anonvma lock if the VMA is associated with a...
CVE-2024-54458
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: bsg: Set bsgqueue to NULL after removal Currently, this does not cause any issues, but I believe it is necessary to set bsgqueue to NULL after removing it to prevent potential use-after-free UAF access...
CVE-2024-54458 scsi: ufs: bsg: Set bsg_queue to NULL after removal
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: bsg: Set bsgqueue to NULL after removal Currently, this does not cause any issues, but I believe it is necessary to set bsgqueue to NULL after removing it to prevent potential use-after-free UAF access...
CVE-2024-54458
The CVE-2024-54458 issue is in the Linux kernel, involving the SCSI/ufs subsystem (bsg path). The root cause is not fully described beyond the fix: after removing the bsg_queue, it should be set to NULL to avoid potential use-after-free (UAF). The advisory states this vulnerability has been resol...
CVE-2024-54458 scsi: ufs: bsg: Set bsg_queue to NULL after removal
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: bsg: Set bsgqueue to NULL after removal Currently, this does not cause any issues, but I believe it is necessary to set bsgqueue to NULL after removing it to prevent potential use-after-free UAF access...
CVE-2024-27934 *const c_void / ExternalPointer unsoundness leading to use-after-free
Deno is a JavaScript, TypeScript, and WebAssembly runtime. Starting in version 1.36.2 and prior to version 1.40.3, use of inherently unsafe const cvoid and ExternalPointer leads to use-after-free access of the underlying structure, resulting in arbitrary code execution. Use of inherently unsafe...
SUSE: Security Advisory (SUSE-SU-2023:1687-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2018:0655-1 Security update for glibc
This update for glibc fixes the following issues: - CVE-2017-12133: Avoid use-after-free read access in clntudpcall bsc1081556...