1086 matches found
CVE-2023-54134 autofs: fix memory leak of waitqueues in autofs_catatonic_mode
In the Linux kernel, the following vulnerability has been resolved: autofs: fix memory leak of waitqueues in autofscatatonicmode Syzkaller reports a memory leak: BUG: memory leak unreferenced object 0xffff88810b279e00 size 96: comm "syz-executor399", pid 3631, jiffies 4294964921 age 23.870s hex...
CVE-2023-54124 f2fs: fix to drop all dirty pages during umount() if cp_error is set
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to drop all dirty pages during umount if cperror is set xfstest generic/361 reports a bug as below: f2fsbugonsbi, sbi-fsyncnodenum; kernel BUG at fs/f2fs/super.c:1627! RIP: 0010:f2fsputsuper+0x3a8/0x3b0 Call Trace:...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not waiting for a page write-back to complete, which could result in multiple write-backs of the same page and...
Linux Distros Unpatched Vulnerability : CVE-2023-54134
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - autofs: fix memory leak of waitqueues in autofscatatonicmode Syzkaller reports a memory leak: BUG: memory leak unreferenced object 0xffff88810b279e00 size 96:...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an unreleased wait queue in autofscatatonicmode, which could lead to a memory leak...
PT-2025-53201
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to drop all dirty pages during umount if cp error is set xfstest generic/361 reports a bug as below: f2fs bug onsbi, sbi-fsync node num; kernel BUG at fs/f2fs/super.c:1627! RIP: 0010:f2fs put super+0x3a8/0x3b0 Call Trac...
Unity Linux 20.1050e Security Update: kernel (UTSA-2025-991279)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991279 advisory. In the Linux kernel, the following vulnerability has been resolved: net: If sock is dead don't access sock's skwq in skstreamwaitmemory Fixes the below NULL pointer...
SUSE CVE-2025-68223
In the Linux kernel, the following vulnerability has been resolved: drm/radeon: delete radeonfenceprocess in issignaled, no deadlock Delete the attempt to progress the queue when checking if fence is signaled. This avoids deadlock. dma-fenceops::signaled can be called with the fence lock in unkno...
SUSE CVE-2025-68314
In the Linux kernel, the following vulnerability has been resolved: drm/msm: make sure lastfence is always updated Update lastfence in the vm-bind path instead of kernel managed path. lastfence is used to wait for work to finish in vmbind contexts but not used for kernel managed contexts. This...
UBUNTU-CVE-2025-68314
In the Linux kernel, the following vulnerability has been resolved: drm/msm: make sure lastfence is always updated Update lastfence in the vm-bind path instead of kernel managed path. lastfence is used to wait for work to finish in vmbind contexts but not used for kernel managed contexts. This...
CVE-2025-68314
The CVE-2025-68314 entry concerns the Linux kernel component drm/msm. The vulnerability stems from last_fence not being updated in the vm-bind path, causing last_fence to not be waited on at context close for certain contexts, which can lead to faults as resources are freed while still in use. A ...
UBUNTU-CVE-2025-68223
In the Linux kernel, the following vulnerability has been resolved: drm/radeon: delete radeonfenceprocess in issignaled, no deadlock Delete the attempt to progress the queue when checking if fence is signaled. This avoids deadlock. dma-fenceops::signaled can be called with the fence lock in unkno...
CVE-2025-68223
In the Linux kernel, the following vulnerability has been resolved: drm/radeon: delete radeonfenceprocess in issignaled, no deadlock Delete the attempt to progress the queue when checking if fence is signaled. This avoids deadlock. dma-fenceops::signaled can be called with the fence lock in unkno...
CVE-2025-68223 drm/radeon: delete radeon_fence_process in is_signaled, no deadlock
In the Linux kernel, the following vulnerability has been resolved: drm/radeon: delete radeonfenceprocess in issignaled, no deadlock Delete the attempt to progress the queue when checking if fence is signaled. This avoids deadlock. dma-fenceops::signaled can be called with the fence lock in unkno...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates from an uninitialized TxBlock0.waitor wait queue, which could lead to a system crash...
PT-2025-51620
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s DRM/XE/GUC subsystem where a Dead CT worker may not be properly synchronized during device unbinding. This can lead to the worker attempting to use...
ALSA-2025:23241 Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns CVE-2025-38499 kernel: iommufd: Fix race during abort for file descriptors CVE-2025-39966 kernel: tls: wait for...
Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns CVE-2025-38499 kernel: iommufd: Fix race during abort for file descriptors CVE-2025-39966 kernel: tls: wait for...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP7 kernel was updated to fix various security issues The following security issues were fixed: CVE-2022-50253: bpf: make sure skb-len != 0 when redirecting to a tunneling device bsc1249912. CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in...
CVE-2025-67648 Shopware's inproper input validation can lead to Reflected XSS through Storefront Login Page
Shopware is an open commerce platform. Versions 6.4.6.0 through 6.6.10.9 and 6.7.0.0 through 6.7.5.0 have a Reflected XSS vulnerability in AuthController.php. A request parameter from the login page URL is directly rendered within the Twig template of the Storefront login page without further...