146 matches found
Azure Linux 3.0 Security Update: kernel (CVE-2024-42160)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-42160 advisory. - In the Linux kernel, the following vulnerability has been resolved: f2fs: check validation of fault attrs in...
CVE-2023-54240
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtkethsoc: fix possible NULL pointer dereference in mtkhwlrogetfdirall rulelocs is allocated in ethtoolgetrxnfc and the size is determined by rulecnt from user space. So rulecnt needs to be check before using...
CVE-2023-53988
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix slab-out-of-bounds read in hdrdeletede Here is a BUG report from syzbot: BUG: KASAN: slab-out-of-bounds in hdrdeletede+0xe0/0x150 fs/ntfs3/index.c:806 Read of size 16842960 at addr ffff888079cc0600 by task...
mcp-server-git argument injection in git_diff and git_checkout functions allows overwriting local files
In mcp-server-git versions prior to 2025.12.18, the gitdiff and gitcheckout functions passed user-controlled arguments directly to git CLI commands without sanitization. Flag-like values e.g., --output=/path/to/file for gitdiff would be interpreted as command-line options rather than git refs,...
DEBIAN-CVE-2023-53748
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fix potential array out-of-bounds in decoder queuesetup variable nplanes is provided by user via system call argument. The possible value of qdata-fmt-numplanes is 1-3, while the value of nplanes can be...
CVE-2025-40287 exfat: fix improper check of dentry.stream.valid_size
In the Linux kernel, the following vulnerability has been resolved: exfat: fix improper check of dentry.stream.validsize We found an infinite loop bug in the exFAT file system that can lead to a Denial-of-Service DoS condition. When a dentry in an exFAT filesystem is malformed, the following syst...
CVE-2025-40110
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix a null-ptr access in the cursor snooper Check that the resource which is converted to a surface exists before trying to use the cursor snooper on it. vmwcmdrescheck allows explicit invalid SVGA3DINVALIDID...
CVE-2025-40110
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix a null-ptr access in the cursor snooper Check that the resource which is converted to a surface exists before trying to use the cursor snooper on it. vmwcmdrescheck allows explicit invalid SVGA3DINVALIDID...
CVE-2025-40085
Affected software: Linux kernel (ALSA: usb-audio).Issue: NULL pointer dereference in try_to_register_card when usb_ifnum_to_if() returns NULL and is passed to usb_interface_claimed() without a NULL check.Impact: NULL pointer dereference during creation of an invalid USB audio device (potential cr...
CVE-2023-53722 md: raid1: fix potential OOB in raid1_remove_disk()
In the Linux kernel, the following vulnerability has been resolved: md: raid1: fix potential OOB in raid1removedisk If rddev-raiddisk is greater than mddev-raiddisks, there will be an out-of-bounds in raid1removedisk. We have already found similar reports as follows: 1 commit d17f744e883b...
EUVD-2017-9444
Malware in sbrugna...
EUVD-2009-0047
Malware in sbrugna...
EUVD-2019-2422
Malware in sbrugna...
EUVD-2018-3861
Malware in sbrugna...
CVE-2022-50475
In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Make sure "ibport" is valid when access sysfs node The "ibport" structure must be set before adding the sysfs kobject, and reset after removing it, otherwise it may crash when accessing the sysfs node: Unable to handle...
EUVD-2021-7399
Malicious code in bioql PyPI...
EUVD-2025-4664
Malicious code in bioql PyPI...
CVE-2023-53513
In the Linux kernel, the following vulnerability has been resolved: nbd: fix incomplete validation of ioctl arg We tested and found an alarm caused by nbdioctl arg without verification. The UBSAN warning calltrace like below: UBSAN: Undefined behaviour in fs/buffer.c:1709:35 signed integer...
CVE-2023-53513 nbd: fix incomplete validation of ioctl arg
In the Linux kernel, the following vulnerability has been resolved: nbd: fix incomplete validation of ioctl arg We tested and found an alarm caused by nbdioctl arg without verification. The UBSAN warning calltrace like below: UBSAN: Undefined behaviour in fs/buffer.c:1709:35 signed integer...
UBUNTU-CVE-2025-39917
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix out-of-bounds dynptr write in bpfcryptocrypt Stanislav reported that in bpfcryptocrypt the destination dynptr's size is not validated to be at least as large as the source dynptr's size before calling into the crypto...