Lucene search
K
UbuntucveRecent

68528 matches found

UbuntuCve
UbuntuCve
•added 2025/12/30 5:15 p.m.•3 views

CVE-2025-68618

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, using Magick to read a malicious SVG file resulted in a DoS attack. Version 7.1.2-12 fixes the issue...

7.5CVSS6.8AI score0.00552EPSS
Exploits1References4
UbuntuCve
UbuntuCve
•added 2025/12/30 5:15 p.m.•2 views

CVE-2025-69204

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, in the WriteSVGImage function, using an int variable to store numberattributes caused an integer overflow. This, in turn, triggered a buffer overflow and caused a DoS attack...

7.5CVSS7.1AI score0.00524EPSS
Exploits1References4
UbuntuCve
UbuntuCve
•added 2025/12/30 4:15 p.m.•5 views

CVE-2025-67746

Composer is a dependency manager for PHP. In versions on the 2.x branch prior to 2.2.26 and 2.9.3, attackers controlling remote sources that Composer downloads from might in some way inject ANSI control characters in the terminal output of various Composer commands, causing mangled output and...

5.3CVSS5.9AI score0.00405EPSS
Exploits0References6
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•4 views

CVE-2023-54181

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix issue in verifying allowptrleaks After we converted the capabilities of our networking-bpf program from capsysadmin to capnetadmin+capbpf, our networking-bpf program failed to start. Because it failed the bpf verifier, a...

5.7AI score0.00168EPSS
Exploits0References6
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•3 views

CVE-2023-54321

In the Linux kernel, the following vulnerability has been resolved: driver core: fix potential null-ptr-deref in deviceadd I got the following null-ptr-deref report while doing fault injection test: BUG: kernel NULL pointer dereference, address: 0000000000000058 CPU: 2 PID: 278 Comm: 37-i2c-ds248...

5.5CVSS5.9AI score0.00129EPSS
Exploits0References6
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•2 views

CVE-2022-50883

In the Linux kernel, the following vulnerability has been resolved: bpf: Prevent decltag from being referenced in funcproto arg Syzkaller managed to hit another decltag issue: btffuncprotocheck kernel/bpf/btf.c:4506 inline btfcheckalltypes kernel/bpf/btf.c:4734 inline btfparsetypesec+0x1175/0x198...

5.9AI score0.00167EPSS
Exploits0References8
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•3 views

CVE-2022-50864

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix shift-out-of-bounds due to too large exponent of block size If field slogblocksize of superblock data is corrupted and too large, initnilfs and loadnilfs still can trigger a shift-out-of-bounds warning followed by a...

5.9AI score0.00168EPSS
Exploits0References7
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•2 views

CVE-2023-54195

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix timeout of a call that hasn't yet been granted a channel afsmakecall calls rxrpckernelbegincall to begin a call which may get stalled in the background waiting for a connection to become available; it then calls...

5.7AI score0.00166EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•5 views

CVE-2023-54283

In the Linux kernel, the following vulnerability has been resolved: bpf: Address KCSAN report on bpflrulist KCSAN reported a data-race when accessing node-ref. Although node-ref does not have to be accurate, take this chance to use a more common READONCE and WRITEONCE pattern instead of datarace...

5.9AI score0.00177EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•4 views

CVE-2023-54294

In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix memleak of md thread In raid10run, if setupconf succeed and raid10run failed before setting 'mddev-thread', then in the error path 'conf-thread' is not freed. Fix the problem by setting 'mddev-thread' right after...

5.9AI score0.00177EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•3 views

CVE-2023-54247

In the Linux kernel, the following vulnerability has been resolved: bpf: Silence a warning in btftypeidsize syzbot reported a warning in 1 with the following stacktrace: WARNING: CPU: 0 PID: 5005 at kernel/bpf/btf.c:1988 btftypeidsize+0x2d9/0x9d0 kernel/bpf/btf.c:1988 ... RIP:...

5.7AI score0.00166EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•2 views

CVE-2023-54220

In the Linux kernel, the following vulnerability has been resolved: serial: 8250: Fix oops for port-pm on uartchangepm Unloading a hardware specific 8250 driver can produce error "Unable to handle kernel paging request at virtual address" about ten seconds after unloading the driver. This happens...

5.7AI score0.00177EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•3 views

CVE-2023-54293

In the Linux kernel, the following vulnerability has been resolved: bcache: fixup btreecachewait list damage We get a kernel crash about "listadd corruption. next-prev should be prev ffff9c801bc01210, but was ffff9c77b688237c. next=ffffae586d8afe68." crash struct listhead 0xffff9c801bc01210 struc...

5.9AI score0.00175EPSS
Exploits0References7
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•1 views

CVE-2023-54311

In the Linux kernel, the following vulnerability has been resolved: ext4: fix deadlock when converting an inline directory in nojournal mode In no journal mode, ext4finishconvertinlinedir can self-deadlock by calling ext4handledirtydirblock when it already has taken the directory lock. There is a...

5.9AI score0.00168EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•2 views

CVE-2023-54255

In the Linux kernel, the following vulnerability has been resolved: sh: dma: Fix DMA channel offset calculation Various SoCs of the SH3, SH4 and SH4A family, which use this driver, feature a differing number of DMA channels, which can be distributed between up to two DMAC modules. The existing...

5.8AI score0.00177EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•1 views

CVE-2023-54312

In the Linux kernel, the following vulnerability has been resolved: samples/bpf: Fix buffer overflow in tcpbasertt Using sizeofnv or strlennv+1 is correct...

6.1AI score0.00182EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•4 views

CVE-2023-54178

In the Linux kernel, the following vulnerability has been resolved: of: unittest: fix null pointer dereferencing in ofunittestfindnodebyname when kmalloc fail to allocate memory in kasprintf, name or fullname will be NULL, strcmp will cause null pointer dereference...

5.9AI score0.00195EPSS
Exploits0References11
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•1 views

CVE-2023-54186

In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmodes/displayport: fix pinassignmentshow This patch fixes negative indexing of buf array in pinassignmentshow when getcurrentpinassignments returns 0 i.e. no compatible pin assignments are found. BUG: KASAN:...

6.1AI score0.00173EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•6 views

CVE-2023-54211

In the Linux kernel, the following vulnerability has been resolved: tracing: Fix warning in tracebufferedeventdisable Warning happened in tracebufferedeventdisable at WARNONONCE!tracebufferedeventref Call Trace: ? warn+0xa5/0x1b0 ? tracebufferedeventdisable+0x189/0x1b0...

5.9AI score0.00177EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•4 views

CVE-2023-54234

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix missing mrioc-evtackcmds initialization Commit c1af985d27da "scsi: mpi3mr: Add Event acknowledgment logic" introduced an array mrioc-evtackcmds but initialization of the array elements was missed. They are just...

5.7AI score0.00166EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•4 views

CVE-2022-50886

In the Linux kernel, the following vulnerability has been resolved: mmc: toshsd: fix return value check of mmcaddhost mmcaddhost may return error, if we ignore its return value, the memory that allocated in mmcallochost will be leaked and it will lead a kernel crash because of deleting not added...

5.8AI score0.00195EPSS
Exploits0References11
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•3 views

CVE-2023-54306

In the Linux kernel, the following vulnerability has been resolved: net: tls: avoid hanging tasks on the txlock syzbot sent a hung task report and Eric explains that adversarial receiver may keep RWIN at 0 for a long time, so we are not guaranteed to make forward progress. Thread which took txloc...

5.9AI score0.0018EPSS
Exploits0References8
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•5 views

CVE-2023-54307

In the Linux kernel, the following vulnerability has been resolved: ptpqoriq: fix memory leak in probe Smatch complains that: drivers/ptp/ptpqoriq.c ptpqoriqprobe warn: 'base' from ioremap not released. Fix this by revising the parameter from 'ptpqoriq-base' to 'base'. This is only a bug if...

5.9AI score0.00173EPSS
Exploits0References8
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•1 views

CVE-2023-54245

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: tx-macro: Fix for KASAN: slab-out-of-bounds When we run syzkaller we get below Out of Bound. "KASAN: slab-out-of-bounds Read in regcacheflatread" Below is the backtrace of the issue: dumpbacktrace+0x0/0x4c8...

5.7AI score0.00168EPSS
Exploits0References6
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•2 views

CVE-2023-54164

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: fix isoconn related locking and validity issues sk-skstate indicates whether isopisk-conn is valid. Operations that check/update skstate and access conn should hold locksock, otherwise they can race. The order of...

5.7AI score0.00166EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•3 views

CVE-2023-54173

In the Linux kernel, the following vulnerability has been resolved: bpf: Disable preemption in bpfeventoutput We received report 1 of kernel crash, which is caused by using nesting protection without disabled preemption. The bpfeventoutput can be called by programs executed by bpfprogrunarraycg...

6AI score0.00168EPSS
Exploits0References7
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•7 views

CVE-2023-54206

In the Linux kernel, the following vulnerability has been resolved: net/sched: flower: fix filter idr initialization The cited commit moved idr initialization too early in flchange which allows concurrent users to access the filter that is still being initialized and is in inconsistent state,...

5.7AI score0.00155EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•4 views

CVE-2023-54224

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix lockdep splat and potential deadlock after failure running delayed items When running delayed items we are holding a delayed node's mutex and then we will attempt to modify a subvolume btree to insert/update/delete the...

5.9AI score0.00168EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•1 views

CVE-2022-50869

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix slab-out-of-bounds in rpage When PAGESIZE is 64K, if readlogpage is called by logreadrst for the first time, the size of buffer would be equal to DefaultLogPageSize4K.But for buffer operations like memcpy, if the...

5.9AI score0.00168EPSS
Exploits0References6
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•6 views

CVE-2023-54177

In the Linux kernel, the following vulnerability has been resolved: quota: fix warning in dqgrab There's issue as follows when do fault injection: WARNING: CPU: 1 PID: 14870 at include/linux/quotaops.h:51 dquotdisable+0x13b7/0x18c0 Modules linked in: CPU: 1 PID: 14870 Comm: fsconfig Not tainted...

5.9AI score0.00191EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•0 views

CVE-2023-54203

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-out-of-bounds in initsmb2rsphdr When smb1 mount fails, KASAN detect slab-out-of-bounds in initsmb2rsphdr like the following one. For smb1 negotiate56bytes , initsmb2rsphdr for smb2 is called. The issue occurs whil...

5.7AI score0.00168EPSS
Exploits0References6
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•3 views

CVE-2022-50877

In the Linux kernel, the following vulnerability has been resolved: net: broadcom: bcm4908enet: update TX stats after actual transmission Queueing packets doesn't guarantee their transmission. Update TX stats after hardware confirms consuming submitted data. This also fixes a possible race and NU...

5.7AI score0.00166EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•0 views

CVE-2023-54277

In the Linux kernel, the following vulnerability has been resolved: fbdev: udlfb: Fix endpoint check The syzbot fuzzer detected a problem in the udlfb driver, caused by an endpoint not having the expected type: usb 1-1: Read EDID byte 0 failed: -71 usb 1-1: Unable to get valid EDID from...

5.7AI score0.00173EPSS
Exploits0References8
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•2 views

CVE-2023-54260

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix lost destroy smbd connection when MR allocate failed If the MR allocate failed, the smb direct connection info is NULL, then smbddestroy will directly return, then the connection info will be leaked. Let's set the smb...

5.9AI score0.00173EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•1 views

CVE-2023-54242

In the Linux kernel, the following vulnerability has been resolved: block, bfq: Fix division by zero error on zero wsum When the weighted sum is zero the calculation of limit causes a division by zero error. Fix this by continuing to the next level. This was discovered by running as root: stress-...

5.7AI score0.00166EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•3 views

CVE-2023-54213

In the Linux kernel, the following vulnerability has been resolved: USB: sisusbvga: Add endpoint checks The syzbot fuzzer was able to provoke a WARNING from the sisusbvga driver: ------------ cut here ------------ usb 1-1: BOGUS urb xfer, pipe 3 != type 1 WARNING: CPU: 1 PID: 26 at...

5.9AI score0.00177EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•1 views

CVE-2023-54215

In the Linux kernel, the following vulnerability has been resolved: virtio-vdpa: Fix cpumask memory leak in virtiovdpafindvqs Free the cpumask allocated by createaffinitymasks before returning from the function...

5.7AI score0.00155EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•1 views

CVE-2023-54324

In the Linux kernel, the following vulnerability has been resolved: dm: fix a race condition in retrievedeps There's a race condition in the multipath target when retrievedeps races with multipathmessage calling dmgetdevice and dmputdevice. retrievedeps walks the list of open devices without...

6.2AI score0.00169EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•2 views

CVE-2023-54251

In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: Limit TCATAPRIOATTRSCHEDCYCLETIME to INTMAX. syzkaller found zero division error 0 in divs64rem called from getcycletimeelapsed, where sched-cycletime is the divisor. We have tests in parsetaprioschedule so tha...

5.7AI score0.00168EPSS
Exploits0References6
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•5 views

CVE-2023-54233

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: avoid a NULL dereference with unsupported widgets If an IPC4 topology contains an unsupported widget, its .moduleinfo field won't be set, then sofipc4routesetup will cause a kernel Oops trying to dereference it. Add a...

5.7AI score0.00156EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•3 views

CVE-2023-54244

In the Linux kernel, the following vulnerability has been resolved: ACPI: EC: Fix oops when removing custom query handlers When removing custom query handlers, the handler might still be used inside the EC query workqueue, causing a kernel oops if the module holding the callback function was...

6.1AI score0.00177EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•3 views

CVE-2023-54222

In the Linux kernel, the following vulnerability has been resolved: hte: tegra-194: Fix off by one in tegrahtemaptolineid The "mapsz" is the number of elements in the "m" array so the comparison needs to be changed to = to prevent an out of bounds read...

5.7AI score0.00168EPSS
Exploits0References6
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•3 views

CVE-2023-54218

In the Linux kernel, the following vulnerability has been resolved: net: Fix load-tearing on sk-skstamp in sockrecvcmsgs. KCSAN found a data race in sockrecvcmsgs where the read access to sk-skstamp needs READONCE. BUG: KCSAN: data-race in packetrecvmsg / packetrecvmsg write marked to...

5.9AI score0.00177EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•2 views

CVE-2022-50856

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix xid leak in cifssesaddchannel Before return, should free the xid, otherwise, the xid will be leaked...

5.9AI score0.00168EPSS
Exploits0References6
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•2 views

CVE-2023-54295

In the Linux kernel, the following vulnerability has been resolved: mtd: spi-nor: Fix shift-out-of-bounds in spinorseterasetype spinorseterasetype was used either to set or to mask out an erase type. When we used it to mask out an erase type a shift-out-of-bounds was hit: UBSAN: shift-out-of-boun...

6AI score0.00168EPSS
Exploits0References7
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•7 views

CVE-2022-50870

In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: avoid device tree lookups in rtasosterm rtasosterm is called during panic. Its behavior depends on a couple of conditions in the /rtas node of the device tree, the traversal of which entails locking and local IRQ...

5.9AI score0.00177EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•3 views

CVE-2023-54225

In the Linux kernel, the following vulnerability has been resolved: net: ipa: only reset hashed tables when supported Last year, the code that manages GSI channel transactions switched from using spinlock-protected linked lists to using indexes into the ring buffer used for a channel. Recently,...

5.9AI score0.00166EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•4 views

CVE-2023-54261

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Add missing gfx11 MQD manager callbacks mqdstride function was introduced in commit 2f77b9a242a2 "drm/amdkfd: Update MQD management on multi XCC setup" but not assigned for gfx11. Fixes a NULL dereference in debugfs...

5.7AI score0.00163EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•8 views

CVE-2023-54258

In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential oops in cifsoplockbreak With deferred close we can have closes that race with lease breaks, and so with the current checks for whether to send the lease response, oplockresponse, this can mean that an unmount...

5.7AI score0.00168EPSS
Exploits0References6
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•3 views

CVE-2023-54302

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix data race on CQP completion stats CQP completion statistics is read lockesly in irdmawaitevent and irdmacheckcqpprogress while it can be updated in the completion thread irdmascccqgetcqeinfo on another CPU as KCSA...

5.7AI score0.00168EPSS
Exploits0References6
Total number of security vulnerabilities68528