Security Warnings

A buffer overflow occurs in pytorch v2.7.0 when a PyTorch model consists of torch.nn.Conv2d, torch.nn.functional.hardshrink, and torch.Tensor.view-torch.mv() and is compiled by Inductor, leading to a Denial of Service (DoS).

A Name Error occurs in pytorch v2.7.0 when a PyTorch model consists of torch.cummin and is compiled by Inductor, leading to a Denial of Service (DoS).

A syntax error in the component proxy_tensor.py of pytorch v2.7.0 allows attackers to cause a Denial of Service (DoS).

Agentic AI and Visual Studio Code Remote Code Execution Vulnerability

ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control

ALSA: usb-audio: Validate UAC3 cluster segment descriptors

ALSA: usb-audio: Validate UAC3 power domain descriptors, too

An issue in pytorch v2.7.0 can lead to a Denial of Service (DoS) when a PyTorch model consists of torch.Tensor.to_sparse() and torch.Tensor.to_dense() and is compiled by Inductor.

An issue in the component torch.linalg.lu of pytorch v2.8.0 allows attackers to cause a Denial of Service (DoS) when performing a slice operation.

Arbitary Code execution in Keras load_model()

Arbitrary Code execution in Keras Safe Mode

atm: atmtcp: Prevent arbitrary write in atmtcp_recv_control().

Axios is vulnerable to DoS attack through lack of data size check

Azure Connected Machine Agent Elevation of Privilege Vulnerability

Azure Connected Machine Agent Elevation of Privilege Vulnerability

Bluetooth: Fix use-after-free in l2cap_sock_cleanup_listen()

Bluetooth: vhci: Prevent use-after-free by removing debugfs files early

bnxt_en: Fix memory corruption when FW resources change during ifdown

btrfs: fix use-after-free of new block group that became unused

bus: mhi: host: Detect events pointing to unexpected TREs

cacheinfo: Fix shared_cpu_map to handle shared caches at different levels

can: xilinx_can: xcan_write_frame(): fix use-after-free of transmitted SKB

Capability Access Management Service (camsvc) Elevation of Privilege Vulnerability

cifs: prevent NULL pointer dereference in UTF16 conversion

CoreDNS: DNS Cache Pinning via etcd Lease ID Confusion

crypto: qat - flush misc workqueue during device shutdown

cups has Authentication bypass with AuthType Negotiate

DirectX Graphics Kernel Elevation of Privilege Vulnerability

drm/xe: Make dma-fences compliant with the safe access rules

Dynamics 365 FastTrack Implementation Assets Information Disclosure Vulnerability

efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare

exfat: add cluster chain loop check for dir

ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr

fbdev: fix potential buffer overflow in do_register_framebuffer()

fbdev: Fix vmalloc out-of-bounds write in fast_imageblit

fs: writeback: fix use-after-free in __mark_inode_dirty()

fs/buffer: fix use-after-free when call bh_read() helper

ftrace: Also allocate and copy hash for reading of filter files

gfs2: Validate i_depth for exhash directories

Graphics Kernel Remote Code Execution Vulnerability

gve: prevent ethtool ops after shutdown

HID: asus: fix UAF via HID_CLAIMED_INPUT validation

HID: multitouch: fix slab out-of-bounds access in mt_report_fixup()

HTTP.sys Denial of Service Vulnerability

i40e: Fix potential invalid access when MAC list is empty

iomap: iomap: fix memory corruption when recording errors during writeback

iommufd: Prevent ALIGN() overflow

ipv6: sr: Fix MAC comparison to be constant-time

jfs: Regular file corruption check

jfs: upper bound check of tree index in dbAllocAG