312 matches found
CVE-2023-53259 VMCI: check context->notify_page after call to get_user_pages_fast() to avoid GPF
In the Linux kernel, the following vulnerability has been resolved: VMCI: check context-notifypage after call to getuserpagesfast to avoid GPF The call to getuserpagesfast in vmcihostsetupnotify can return NULL context-notifypage causing a GPF. To avoid GPF check if context-notifypage == NULL and...
CLSA-2025-1757693980 kernel: Fix of 40 CVEs
x86/kvm: Disable kvmclock on all CPUs on shutdown CVE-2021-47110 - posix-cpu-timers: fix race between handleposixcputimers and posixcputimerdel CVE-2025-38352 - cifs: fix double free race when mount fails in cifsgetroot CVE-2022-48919 - aio: mark AIO pseudo-fs noexec CVE-2016-10044 - cifs:...
OESA-2025-2270 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: cifs: Fix integer overflow while processing closetimeo mount option User-provided mount parameter closetimeo of type u32 is intended to have an upper limit, but...
OESA-2025-2269 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: rapidio: fix an API misues when rioaddnet fails rioaddnet calls deviceregister and fails when deviceregister fails. Thus, putdevice should be used rather than...
Linux Distros Unpatched Vulnerability : CVE-2025-38611
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vmci: Prevent the dispatching of uninitialized payloads The reproducer executes the host's unlockedioctl call in two different tasks. When initcontext fails, th...
RHEL 7 : kernel (RHSA-2025:14748)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:14748 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: media: uvcvideo: Fix double...
RHEL 7 : kernel-rt (RHSA-2025:14746)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:14746 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism...
kernel: misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram()
In the Linux kernel, the following vulnerability has been resolved: misc/vmwvmci: fix an infoleak in vmcihostdoreceivedatagram struct vmcieventqp allocated by qpnotifypeer contains padding, which may carry uninitialized data to the userspace, as observed by KMSAN: BUG: KMSAN: kernel-infoleak in...
kernel: misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram()
In the Linux kernel, the following vulnerability has been resolved: misc/vmwvmci: fix an infoleak in vmcihostdoreceivedatagram struct vmcieventqp allocated by qpnotifypeer contains padding, which may carry uninitialized data to the userspace, as observed by KMSAN: BUG: KMSAN: kernel-infoleak in...
Important: Red Hat Security Advisory: kernel-rt security update
An update for kernel-rt is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...
Moderate: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
kernel: misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram()
In the Linux kernel, the following vulnerability has been resolved: misc/vmwvmci: fix an infoleak in vmcihostdoreceivedatagram struct vmcieventqp allocated by qpnotifypeer contains padding, which may carry uninitialized data to the userspace, as observed by KMSAN: BUG: KMSAN: kernel-infoleak in...
Linux Distros Unpatched Vulnerability : CVE-2022-49759
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - VMCI: Use threaded irqs instead of tasklets The vmcidispatchdgs tasklet function calls vmcireaddata which uses waitevent resulting in invalid sleep in an atomic...
RHEL 8 : kernel (RHSA-2025:14136)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:14136 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: media: uvcvideo: Fix double...
CVE-2025-38611
...
kernel: misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram()
In the Linux kernel, the following vulnerability has been resolved: misc/vmwvmci: fix an infoleak in vmcihostdoreceivedatagram struct vmcieventqp allocated by qpnotifypeer contains padding, which may carry uninitialized data to the userspace, as observed by KMSAN: BUG: KMSAN: kernel-infoleak in...
kernel: misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram()
In the Linux kernel, the following vulnerability has been resolved: misc/vmwvmci: fix an infoleak in vmcihostdoreceivedatagram struct vmcieventqp allocated by qpnotifypeer contains padding, which may carry uninitialized data to the userspace, as observed by KMSAN: BUG: KMSAN: kernel-infoleak in...
RHEL 8 : kernel (RHSA-2025:13776)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:13776 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: media: uvcvideo: Remove...
kernel: misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram()
In the Linux kernel, the following vulnerability has been resolved: misc/vmwvmci: fix an infoleak in vmcihostdoreceivedatagram struct vmcieventqp allocated by qpnotifypeer contains padding, which may carry uninitialized data to the userspace, as observed by KMSAN: BUG: KMSAN: kernel-infoleak in...
Linux Distros Unpatched Vulnerability : CVE-2025-38403
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vsock/vmci: Clear the vmci transport packet properly when initializing it In vmcitransportpacketinit memset the vmcitransportpacket before populating the fields...