5.5
CVE-2025-21881 - uprobes: Reject the shared zeropage in uprobe_write_opcode()
In the Linux kernel, the following vulnerability has been resolved: uprobes: Reject the shared zeropage in uprobe_write_opcode() We triggered the following crash in syzkaller tests: BUG: Bad page state in process syz.7.38 pfn:1eff3 page: refcount:0 mapcount:0 mapping:0000000000000000 index:β¦
5.5
CVE-2023-52979 - kernel: squashfs: harden sanity check in squashfs_read_xattr_id_table
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
5.5
CVE-2023-52981 - drm/i915: Fix request ref counting during error capture & debugfs dump
In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix request ref counting during error capture & debugfs dump When GuC support was added to error capture, the reference counting around the request object was broken. Fix it up. The context based search manages the spiβ¦
7.1
CVE-2022-49738 - f2fs: fix to do sanity check on i_extra_isize in is_alive()
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on i_extra_isize in is_alive() syzbot found a f2fs bug: BUG: KASAN: slab-out-of-bounds in data_blkaddr fs/f2fs/f2fs.h:2891 [inline] BUG: KASAN: slab-out-of-bounds in is_alive fs/f2fs/gc.c:1117 [inlinβ¦
7.6
CVE-2024-55073 -
A Broken Object Level Authorization vulnerability in the component /api/users/{user-id} of hay-kot mealie v2.2.0 allows users to edit their own profile in order to give themselves more permissions or to change their household.
4.7
CVE-2023-53020 - l2tp: close all race conditions in l2tp_tunnel_register()
In the Linux kernel, the following vulnerability has been resolved: l2tp: close all race conditions in l2tp_tunnel_register() The code in l2tp_tunnel_register() is racy in several ways: 1. It modifies the tunnel socket _after_ publishing it. 2. It calls setup_udp_tunnel_sock() on an existing soβ¦
8.1
CVE-2025-30093 -
HTCondor 23.0.x before 23.0.22, 23.10.x before 23.10.22, 24.0.x before 24.0.6, and 24.6.x before 24.6.1 allows authenticated attackers to bypass authorization restrictions.
7.0
CVE-2023-53025 - kernel: NFSD: fix use-after-free in nfsd4_ssc_setup_dul()
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
5.5
CVE-2023-52992 - bpf: Skip task with pid=1 in send_signal_common()
In the Linux kernel, the following vulnerability has been resolved: bpf: Skip task with pid=1 in send_signal_common() The following kernel panic can be triggered when a task with pid=1 attaches a prog that attempts to send killing signal to itself, also see [1] for more details: Kernel panic -β¦
7.8
CVE-2023-52935 - mm/khugepaged: fix ->anon_vma race
In the Linux kernel, the following vulnerability has been resolved: mm/khugepaged: fix ->anon_vma race If an ->anon_vma is attached to the VMA, collapse_and_free_pmd() requires it to be locked. Page table traversal is allowed under any one of the mmap lock, the anon_vma lock (if the VMA is assocβ¦