1115 matches found
CVE-2022-50873
In the Linux kernel, the following vulnerability has been resolved: vdpa/vpvdpa: fix kfree a wrong pointer in vpvdparemove In vpvdparemove, the code kfree&vpvdpamgtdev-mgtdev.idtable uses a reference of pointer as the argument of kfree, which is the wrong pointer and then may hit crash like this:...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from releasing the wrong pointer, which could lead to a system crash...
PT-2025-53991
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the vdpa/vp vdpa component. Specifically, the vp vdpa remove function incorrectly uses a pointer as an argument for the kfree function, potentiall...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a wrong-path failure to perform a destroy operation, which could lead to a memory leak...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from unfree memory in the wrong path, which could lead to a memory leak...
PT-2025-53154
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a memory leak in the ntfs3 filesystem when the ntfs read mft function fails under specific conditions. The issue arises from inconsistencies in setting flags...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from the release of an uninitialized kszirq in the wrong path, which could result in a null pointer dereference...
CVE-2025-14763
Missing cryptographic key commitment in the Amazon S3 Encryption Client for Java may allow a user with write access to the S3 bucket to introduce a new EDK that decrypts to different plaintext when the encrypted data key is stored in an "instruction file" instead of S3's metadata record. To...
EUVD-2025-202585
It was discovered that processcrash in data/apport in Canonical's Apport crash reporting tool may create crash files with incorrect group ownership, possibly exposing crash information beyond expected or intended groups...
CVE-2025-5467
Technical details for CVE-2025-5467 are not publicly available in the provided documents. No affected products, root cause, or remediation are specified here. Monitor for updates from upstream advisories and connected sources.
SUSE CVE-2025-40333
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix infinite loop in insertextenttree When we get wrong extent info data, and look up extentnode in rb tree, it will cause infinite loop CONFIGF2FSCHECKFS=n. Avoiding this by return NULL and print some kernel messages in th...
EUVD-2025-201869
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix infinite loop in insertextenttree When we get wrong extent info data, and look up extentnode in rb tree, it will cause infinite loop CONFIGF2FSCHECKFS=n. Avoiding this by return NULL and print some kernel messages in th...
UBUNTU-CVE-2025-40333
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix infinite loop in insertextenttree When we get wrong extent info data, and look up extentnode in rb tree, it will cause infinite loop CONFIGF2FSCHECKFS=n. Avoiding this by return NULL and print some kernel messages in th...
CVE-2022-50658
In the Linux kernel, the following vulnerability has been resolved: cpufreq: qcom: fix memory leak in error path If for some reason the speedbin length is incorrect, then there is a memory leak in the error path because we never free the speedbin buffer. This commit fixes the error path to always...
CVE-2022-50654
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix panic due to wrong pageattr of im-image In the scenario where livepatch and kretfunc coexist, the pageattr of im-image is rox after archpreparebpftrampoline in bpftrampolineupdate, and then modifyfentry or registerfentry...
CVE-2022-50654 bpf: Fix panic due to wrong pageattr of im->image
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix panic due to wrong pageattr of im-image In the scenario where livepatch and kretfunc coexist, the pageattr of im-image is rox after archpreparebpftrampoline in bpftrampolineupdate, and then modifyfentry or registerfentry...
CVE-2025-14262
A wrong permission check in KNIME Business Hub before version 1.17.0 allowed an authenticated user to save jobs of other users as if there were saved by the job owner. The attacker must have permissions to access the jobs but then they were saved into the catalog service using the wrong owner...
EUVD-2025-201697
A wrong permission check in KNIME Business Hub before version 1.17.0 allowed an authenticated user to save jobs of other users as if there were saved by the job owner. The attacker must have permissions to access the jobs but then they were saved into the catalog service using the wrong owner...
SUSE CVE-2025-66200
moduserdir+suexec bypass via AllowOverride FileInfo vulnerability in Apache HTTP Server. Users with access to use the RequestHeader directive in htaccess can cause some CGI scripts to run under an unexpected userid. This issue affects Apache HTTP Server: from 2.4.7 through 2.4.65. Users are...
AZL-71528 CVE-2025-66200 affecting package httpd for versions less than 2.4.66-1
moduserdir+suexec bypass via AllowOverride FileInfo vulnerability in Apache HTTP Server. Users with access to use the RequestHeader directive in htaccess can cause some CGI scripts to run under an unexpected userid. This issue affects Apache HTTP Server: from 2.4.7 through 2.4.65. Users are...