CVE-2026-23127

CVE-2026-23127 affects the Linux kernel perf subsystem. The issue is caused by a refcount warning in perf_mmap_rb() when updating event->mmap_count during group-member mmap creation with PERF_FLAG_FD_OUTPUT. Specifically, refcount_inc(&event->mmap_count) can run when mmap_count is 0, trigge...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-407380)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-407380 advisory. In the Linux kernel, the following vulnerability has been resolved: firmware: armscpi: Check the DVFS OPP count returned by the firmware Fix a kernel crash with the...

DEBIAN-CVE-2025-39887

In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Fix null-ptr-deref in bitmapparselist A crash was observed with the following output: BUG: kernel NULL pointer dereference, address: 0000000000000010 Oops: Oops: 0000 1 SMP NOPTI CPU: 2 UID: 0 PID: 92 Comm:...

CVE-2025-39887

In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Fix null-ptr-deref in bitmapparselist A crash was observed with the following output: BUG: kernel NULL pointer dereference, address: 0000000000000010 Oops: Oops: 0000 1 SMP NOPTI CPU: 2 UID: 0 PID: 92 Comm:...

CVE-2025-39887 tracing/osnoise: Fix null-ptr-deref in bitmap_parselist()

In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Fix null-ptr-deref in bitmapparselist A crash was observed with the following output: BUG: kernel NULL pointer dereference, address: 0000000000000010 Oops: Oops: 0000 1 SMP NOPTI CPU: 2 UID: 0 PID: 92 Comm:...

CVE-2025-39887

CVE-2025-39887 concerns a Linux kernel issue in tracing/osnoise where bitmap_parselist() could dereference a NULL pointer when handling a cpulist input in osnoise_cpus_write() (e.g., writing "0-2" to /sys/kernel/debug/tracing/osnoise/cpus with count=0). The vulnerability affected the kernel path ...

kernel: iommu/vt-d: Fix potential lockup if qi_submit_sync called with 0 count

This CVE has been marked as Rejected by the assigning CNA...

UBUNTU-CVE-2022-49900

In the Linux kernel, the following vulnerability has been resolved: i2c: piix4: Fix adapter not be removed in piix4remove In piix4probe, the piix4 adapter will be registered in: piix4probe piix4addadapterssb800 / piix4addadapter i2caddadapter Based on the probed device type, piix4addadapterssb800...

DEBIAN-CVE-2022-49278

In the Linux kernel, the following vulnerability has been resolved: remoteproc: Fix count check in rproccoredumpwrite Check count for 0, to avoid a potential underflow. Make the check the same as the one in rprocrecoverywrite...

UBUNTU-CVE-2024-56716

In the Linux kernel, the following vulnerability has been resolved: netdevsim: prevent bad user input in nsimdevhealthbreakwrite If either a zero count or a large one is provided, kernel can crash...

AZL-54933 CVE-2024-53157 affecting package kernel for versions less than 6.6.64.2-1

In the Linux kernel, the following vulnerability has been resolved: firmware: armscpi: Check the DVFS OPP count returned by the firmware Fix a kernel crash with the below call trace when the SCPI firmware returns OPP count of zero. dvfsinfo.oppcount may be zero on some platforms during the reboot...

AZL-54948 CVE-2024-53157 affecting package kernel for versions less than 5.15.176.3-1

In the Linux kernel, the following vulnerability has been resolved: firmware: armscpi: Check the DVFS OPP count returned by the firmware Fix a kernel crash with the below call trace when the SCPI firmware returns OPP count of zero. dvfsinfo.oppcount may be zero on some platforms during the reboot...

PT-2024-25019 · Unknown · Go-Ethereum

Name of the Vulnerable Software and Affected Versions: go-ethereum geth versions prior to 1.13.15 Description: A vulnerable node can be made to consume very large amounts of memory when handling specially crafted p2p messages sent from an attacker node, potentially resulting in a denial of servic...

AZL-53935 CVE-2022-48635 affecting package kernel for versions less than 5.15.176.3-1

In the Linux kernel, the following vulnerability has been resolved: fsdax: Fix infinite loop in daxiomaprw I got an infinite loop and a WARNING report when executing a tail command in virtiofs. WARNING: CPU: 10 PID: 964 at fs/iomap/iter.c:34 iomapiter+0x3a2/0x3d0 Modules linked in: CPU: 10 PID: 9...

PT-2024-8464 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.19.0-rc7 Description: The issue is related to an infinite loop in the dax iomap rw function when the read system call is invoked with a count of 0. This can cause a WARNING report and an infinite loop. The iom...

CVE-2014-0205

The futexwait function in kernel/futex.c in the Linux kernel before 2.6.37 does not properly maintain a certain reference count during requeue operations, which allows local users to cause a denial of service use-after-free and system crash or possibly gain privileges via a crafted application th...