CVE-2025-38074 vhost-scsi: protect vq->log_used with vq->mutex

In the Linux kernel, the following vulnerability has been resolved: vhost-scsi: protect vq-logused with vq-mutex The vhost-scsi completion path may access vq-logbase when vq-logused is already set to false. vhost-thread QEMU-thread vhostscsicompletecmdwork - vhostaddused - vhostaddusedn if...

CVE-2025-38074

CVE-2025-38074 affects the Linux kernel vhost-scsi path used by virtio-scsi/QEMU. The root cause is a race where vq->log_base can be accessed after vq->log_used is set to false, because the completion path may evaluate log_used and then access log_base before proper synchronization. The fix...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: VLAN: Enforcing the underlying device type Currently, VLAN devices can be created on top of non-Ethernet devices. Aside from the fact that this approach doesn’t make much sense, it also causes a bug that leads to the leakage of t...

kernel: net: gso: fix ownership in __udp_gso_segment

In the Linux kernel, the following vulnerability has been resolved: net: gso: fix ownership in udpgsosegment In udpgsosegment the skb destructor is removed before segmenting the skb but the socket reference is kept as-is. This is an issue if the original skb is later orphaned as we can hit the...

CVE-2025-1246 Mali GPU Userspace Driver allows an Out-of-Bounds access

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver allows a non-privileged user process to perform valid GPU processing operation...

ARM多款产品 缓冲区错误漏洞

ARM Bifrost GPU Userspace Driver is a userspace driver from ARM UK. A security vulnerability exists in various ARM products that stems from improperly restricted memory buffer boundaries, which could lead to out-of-bounds access. The following products and versions are affected: Arm Ltd Bifrost G...

SUSE CVE-2025-37998

In the Linux kernel, the following vulnerability has been resolved: openvswitch: Fix unsafe attribute parsing in outputuserspace This patch replaces the manual Netlink attribute iteration in outputuserspace with nlaforeachnested, which ensures that only well-formed attributes are processed...

UBUNTU-CVE-2025-37998

In the Linux kernel, the following vulnerability has been resolved: openvswitch: Fix unsafe attribute parsing in outputuserspace This patch replaces the manual Netlink attribute iteration in outputuserspace with nlaforeachnested, which ensures that only well-formed attributes are processed...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from insecure parsing of attributes in outputuserspace...

USN-7524-1: Linux kernel (Raspberry Pi) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - Supe...

Ubuntu 24.04 LTS : Linux kernel (Raspberry Pi) vulnerabilities (USN-7524-1)

"The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7524-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws i...

CVE-2024-23374

Memory corruption is possible when an attempt is made from userspace or console to write some haptics effects pattern to the haptics debugfs file...

CVE-2021-0946

The method PVRSRVBridgePMRPDumpSymbolicAddr allocates puiMemspaceNameInt on the heap, fills the contents of the buffer via PMRPDumpSymbolicAddr, and then copies the buffer to userspace. The method PMRPDumpSymbolicAddr may fail, and if it does the buffer will be left uninitialized and despite the...

CVE-2021-25369

An improper access control vulnerability in seclog file prior to SMR MAR-2021 Release 1 exposes sensitive kernel information to userspace...

CVE-2020-3674

Information can leak into userspace due to improper transfer of data from kernel to userspace in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in Nicobar, QCS405, Saipan, SC8180X, SDX55,...

CVE-2020-25577

In FreeBSD 12.2-STABLE before r368250, 11.4-STABLE before r368253, 12.2-RELEASE before p1, 12.1-RELEASE before p11 and 11.4-RELEASE before p5 rtsold8 does not verify that the RDNSS option does not extend past the end of the received packet before processing its contents. While the kernel currentl...

CVE-2018-11967

Signature verification of the skel library could potentially be disabled as the memory region on the remote subsystem in which the library is loaded is allocated from userspace currently in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industria...

CVE-2010-3386

usttrace in LTTng Userspace Tracer aka UST 0.7 places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

UBUNTU-CVE-2025-37936

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel: KVM: Mask PEBSENABLE loaded for guest with vCPU's value. When generating the MSRIA32PEBSENABLE value that will be loaded on VM-Entry to a KVM guest, mask the value with the vCPU's desired PEBSENABLE value...

CVE-2025-37936 perf/x86/intel: KVM: Mask PEBS_ENABLE loaded for guest with vCPU's value.

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel: KVM: Mask PEBSENABLE loaded for guest with vCPU's value. When generating the MSRIA32PEBSENABLE value that will be loaded on VM-Entry to a KVM guest, mask the value with the vCPU's desired PEBSENABLE value...