Alertes de sécurité

A buffer overflow occurs in pytorch v2.7.0 when a PyTorch model consists of torch.nn.Conv2d, torch.nn.functional.hardshrink, and torch.Tensor.view-torch.mv() and is compiled by Inductor, leading to a Denial of Service (DoS).

A Name Error occurs in pytorch v2.7.0 when a PyTorch model consists of torch.cummin and is compiled by Inductor, leading to a Denial of Service (DoS).

A syntax error in the component proxy_tensor.py of pytorch v2.7.0 allows attackers to cause a Denial of Service (DoS).

accel/habanalabs: fix mem leak in capture user mappings

accel/habanalabs: postpone mem_mgr IDR destruction to hpriv_release()

ACPI: APEI: send SIGBUS to current task if synchronous memory error not recovered

ACPI: pfr_update: Fix the driver update version check

ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value

ACPI: processor: perflib: Move problematic pr->performance check

Agentic AI and Visual Studio Code Remote Code Execution Vulnerability

ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control

ALSA: usb-audio: Validate UAC3 cluster segment descriptors

ALSA: usb-audio: Validate UAC3 power domain descriptors, too

An issue in pytorch v2.7.0 can lead to a Denial of Service (DoS) when a PyTorch model consists of torch.Tensor.to_sparse() and torch.Tensor.to_dense() and is compiled by Inductor.

An issue in the component torch.linalg.lu of pytorch v2.8.0 allows attackers to cause a Denial of Service (DoS) when performing a slice operation.

Arbitary Code execution in Keras load_model()

Arbitrary Code execution in Keras Safe Mode

ARM: rockchip: fix kernel hang during smp initialization

ARM: tegra: Use I/O memcpy to write to IRAM

ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime()

atm: atmtcp: Prevent arbitrary write in atmtcp_recv_control().

ax25: properly unshare skbs in ax25_kiss_rcv()

axboe fio init.c __parse_jobs_ini use after free

axboe fio options.c str_buffer_pattern_cb null pointer dereference

Axios is vulnerable to DoS attack through lack of data size check

Azure Bot Service Elevation of Privilege Vulnerability

Azure Connected Machine Agent Elevation of Privilege Vulnerability

Azure Connected Machine Agent Elevation of Privilege Vulnerability

Azure Entra ID Elevation of Privilege Vulnerability

Azure Networking Elevation of Privilege Vulnerability

batman-adv: fix OOB read/write in network-coding decode

blk-cgroup: Reinit blkg_iostat_set after clearing in blkcg_reset_stats()

blk-mq: fix NULL dereference on q->elevator in blk_mq_elv_switch_none

block: avoid possible overflow for chunk_sectors check in blk_stack_limits()

block: be a bit more careful in checking for NULL bdev while polling

Bluetooth: Fix use-after-free in l2cap_sock_cleanup_listen()

Bluetooth: hci_core: Disable works on hci_unregister_dev

Bluetooth: vhci: Prevent use-after-free by removing debugfs files early

bnxt_en: Fix memory corruption when FW resources change during ifdown

bpf: Fix memleak due to fentry attach failure

bpf: Forget ranges when refining tnum after JSET

bpf: Tell memcg to use allow_spinning=false path in bpf_timer_init()

btrfs: abort transaction on unexpected eb generation at btrfs_copy_root()

btrfs: do not allow relocation of partially dropped subvolumes

btrfs: don't check PageError in __extent_writepage

btrfs: fix deadlock when aborting transaction during relocation with scrub

btrfs: fix use-after-free of new block group that became unused

btrfs: qgroup: fix race between quota disable and quota rescan ioctl

btrfs: set_page_extent_mapped after read_folio in btrfs_cont_expand

btrfs: subpage: keep TOWRITE tag until folio is cleaned