Aggregator

CVE-2022-49397 | Linux Kernel up to 5.18.2 qcom-qmp clk memory leak (Nessus ID 234545 / WID-SEC-2025-2107)

Vuldb Updates
1 month 3 weeks ago
A vulnerability marked as problematic has been reported in Linux Kernel up to 5.18.2. Affected is the function clk of the component qcom-qmp. Performing a manipulation results in memory leak. This vulnerability is identified as CVE-2022-49397. The attack can only be performed from the local network. There is not any exploit available. It is suggested to upgrade the affected component.
vuldb.com

CVE-2022-49350 | Linux Kernel up to 5.18.3 mdio_bus_init initialization (Nessus ID 241018 / WID-SEC-2025-2107)

Vuldb Updates
1 month 3 weeks ago
A vulnerability labeled as critical has been found in Linux Kernel up to 5.18.3. This issue affects the function mdio_bus_init. Such manipulation leads to improper initialization. This vulnerability is traded as CVE-2022-49350. Access to the local network is required for this attack to succeed. There is no exploit available. The affected component should be upgraded.
vuldb.com

CVE-2022-49379 | Linux Kernel up to 5.10.121/5.15.46/5.17.14/5.18.3 wait_for_device_probe deadlock (Nessus ID 241018 / WID-SEC-2025-2107)

Vuldb Updates
1 month 3 weeks ago
A vulnerability described as problematic has been identified in Linux Kernel up to 5.10.121/5.15.46/5.17.14/5.18.3. The impacted element is the function wait_for_device_probe. The manipulation results in deadlock. This vulnerability is reported as CVE-2022-49379. The attacker must have access to the local network to execute the attack. No exploit exists. Upgrading the affected component is recommended.
vuldb.com

CVE-2022-49393 | Linux Kernel up to 5.18.2 list_for_each_entry denial of service (WID-SEC-2025-2107)

Vuldb Updates
1 month 3 weeks ago
A vulnerability labeled as critical has been found in Linux Kernel up to 5.18.2. Affected by this vulnerability is the function list_for_each_entry. Such manipulation leads to denial of service. This vulnerability is listed as CVE-2022-49393. The attack must be carried out from within the local network. There is no available exploit. The affected component should be upgraded.
vuldb.com

CVE-2022-49337 | Linux Kernel up to 5.18.2 dlmfs fs/ocfs2/dlmfs/userdlm.c user_dlm_destroy_lock use after free (WID-SEC-2025-2107)

Vuldb Updates
1 month 3 weeks ago
A vulnerability classified as critical has been found in Linux Kernel up to 5.18.2. This impacts the function user_dlm_destroy_lock of the file fs/ocfs2/dlmfs/userdlm.c of the component dlmfs. The manipulation leads to use after free. This vulnerability is referenced as CVE-2022-49337. The attack needs to be initiated within the local network. No exploit is available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2022-49339 | Linux Kernel up to 5.18.3 ipv6.ko seg6_hmac_init initialization (WID-SEC-2025-2107)

Vuldb Updates
1 month 3 weeks ago
A vulnerability was found in Linux Kernel up to 5.18.3. It has been declared as problematic. Affected by this vulnerability is the function seg6_hmac_init in the library ipv6.ko. Executing a manipulation can lead to improper initialization. This vulnerability is registered as CVE-2022-49339. The attack requires access to the local network. No exploit is available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2022-49345 | Linux Kernel up to 5.18.3 xfrm4_protocol_init initialization (Nessus ID 241018 / WID-SEC-2025-2107)

Vuldb Updates
1 month 3 weeks ago
A vulnerability categorized as problematic has been discovered in Linux Kernel up to 5.18.3. This affects the function xfrm4_protocol_init. The manipulation results in improper initialization. This vulnerability is reported as CVE-2022-49345. The attacker must have access to the local network to execute the attack. No exploit exists. It is advisable to upgrade the affected component.
vuldb.com

CVE-2022-49347 | Linux Kernel up to 5.18.2 ext4 fs/ext4/inode.c bug_on allocation of resources (Nessus ID 238226 / WID-SEC-2025-2107)

Vuldb Updates
1 month 3 weeks ago
A vulnerability labeled as problematic has been found in Linux Kernel up to 5.18.2. Affected by this issue is the function bug_on of the file fs/ext4/inode.c of the component ext4. The manipulation results in allocation of resources. This vulnerability is known as CVE-2022-49347. Access to the local network is required for this attack. No exploit is available. The affected component should be upgraded.
vuldb.com

CVE-2022-49330 | Linux Kernel up to 5.18.3 tcp_mtu_probe information disclosure (Nessus ID 241018 / WID-SEC-2025-2107)

Vuldb Updates
1 month 3 weeks ago
A vulnerability has been found in Linux Kernel up to 5.18.3 and classified as problematic. Affected is the function tcp_mtu_probe. This manipulation causes information disclosure. This vulnerability is registered as CVE-2022-49330. The attack requires access to the local network. No exploit is available. The affected component should be upgraded.
vuldb.com

CVE-2022-49325 | Linux Kernel up to 5.15.46/5.17.14/5.18.3 TCP information disclosure (Nessus ID 237099 / WID-SEC-2025-2107)

Vuldb Updates
1 month 3 weeks ago
A vulnerability was found in Linux Kernel up to 5.15.46/5.17.14/5.18.3. It has been declared as problematic. Impacted is an unknown function of the component TCP. The manipulation results in information disclosure. This vulnerability is reported as CVE-2022-49325. The attacker must have access to the local network to execute the attack. No exploit exists. It is recommended to upgrade the affected component.
vuldb.com

CVE-2022-49320 | Linux Kernel up to 5.4.197/5.10.121/5.15.46/5.17.14/5.18.3 zynqmp_dma zynqmp_dma_alloc/free_chan_resources buffer overflow (Nessus ID 240812 / WID-SEC-2025-2107)

Vuldb Updates
1 month 3 weeks ago
A vulnerability has been found in Linux Kernel up to 5.4.197/5.10.121/5.15.46/5.17.14/5.18.3 and classified as critical. This affects the function zynqmp_dma_alloc/free_chan_resources of the component zynqmp_dma. Performing a manipulation results in buffer overflow. This vulnerability is cataloged as CVE-2022-49320. The attack must originate from the local network. There is no exploit available. The affected component should be upgraded.
vuldb.com

2025 年 Linux 内核十大技术创新|年终盘点

宋宝华
1 month 3 weeks ago
目前 6.17 合入的是一个 baby step,支持 P1 和 P2 本身在一个 CPU 上的时候的代理执行,目前显然没有实际意义,因为哪怕手机只有 8 个核,P1 和 P2 在同一个 CPU 的机会也很渺茫。由于 swap table 的显著优势来源于查询路径的缩短、locality 的提升、lock contention 的减小,相对 xarray 加速了 swapcache 的查询、修改等操作,属于基础设施的改善,其优势在服务器等场景会呈现较大的实用价值,对一些关键业务的吞吐量带来提升。
21cnbao

杀死那只鹦鹉 —— 「白话文」讲解一种探测 XTLS VLESS REALITY 的手段

Sukka's Blog
1 month 3 weeks ago
让我们抛弃传统的「猫鼠游戏」对抗思维,不去费力寻找 VLESS 和 REALITY 协议在密码学上可能存在的深奥缺陷,而去关注一个更具决定性且无法逾越的变量:@RPRX 在代码工程实现层面所表现出的、近乎结构性的认知局限。通过针对性地审计 XTLS 的实现代码,我们可以在不触碰任何高深算法的前提下,实现对 XTLS VLESS REALITY 代理服务的手术刀式探测与精准识别。
Sukka

Chrome 0-Day Vulnerability Actively Exploited by Attackers in the Wild

Cyber Security News
1 month 3 weeks ago

Google has urgently patched a high-severity zero-day vulnerability in Chrome, confirming active exploitation in the wild. Tracked as CVE-2026-2441, the flaw is a use-after-free bug in the browser’s CSS handling, reported by independent researcher Shaheen Fazim just five days ago on February 11, 2026. The company disclosed the issue alongside its latest Stable channel update, […]

The post Chrome 0-Day Vulnerability Actively Exploited by Attackers in the Wild appeared first on Cyber Security News.

Guru Baran

SLH

Dark Feed IO
1 month 3 weeks ago

You must login to view this content

cohenido

Managed ad