CVE-2025-21864 tcp: drop secpath at the same time as we currently drop dst
Information published. Continue reading CVE-2025-21864 tcp: drop secpath at the same time as we currently drop dst
CVE-2025-21855 ibmvnic: Don’t reference skb after sending to VIOS
Information published. Continue reading CVE-2025-21855 ibmvnic: Don’t reference skb after sending to VIOS
CVE-2024-46773 drm/amd/display: Check denominator pbn_div before used
Information published. Continue reading CVE-2024-46773 drm/amd/display: Check denominator pbn_div before used
CVE-2024-46840 btrfs: clean up our handling of refs == 0 in snapshot delete
Information published. Continue reading CVE-2024-46840 btrfs: clean up our handling of refs == 0 in snapshot delete
CVE-2022-27780 The curl URL parser wrongly accepts percent-encoded URL separators like ‘/’when decoding the host name part of a URL making it a *different* URL usingthe wrong host name when it is later retrieved.For example a URL like `http://example.com%2F127.0.0.1/` would be allowed bythe parser and get transposed into `http://example.com/127.0.0.1/`. This flawcan be used to circumvent filters checks and more.
CVE-2024-50073 tty: n_gsm: Fix use-after-free in gsm_cleanup_mux
Information published. Continue reading CVE-2024-50073 tty: n_gsm: Fix use-after-free in gsm_cleanup_mux
CVE-2024-49882 ext4: fix double brelse() the buffer of the extents path
Information published. Continue reading CVE-2024-49882 ext4: fix double brelse() the buffer of the extents path
CVE-2024-31228 Denial-of-service due to unbounded pattern matching in Redis
Information published. Continue reading CVE-2024-31228 Denial-of-service due to unbounded pattern matching in Redis