11468 matches found
DEBIAN-CVE-2022-50559
In the Linux kernel, the following vulnerability has been resolved: clk: imx: scu: fix memleak on platformdeviceadd fails No error handling is performed when platformdeviceadd fails. Add error processing before return, and modified the return value...
DEBIAN-CVE-2022-50557
In the Linux kernel, the following vulnerability has been resolved: pinctrl: thunderbay: fix possible memory leak in thunderbaybuildfunctions The thunderbayaddfunctions will free memory of thunderbayfuncs when everything is ok, but thunderbayfuncs will not be freed when thunderbayaddfunctions...
UBUNTU-CVE-2022-50559
In the Linux kernel, the following vulnerability has been resolved: clk: imx: scu: fix memleak on platformdeviceadd fails No error handling is performed when platformdeviceadd fails. Add error processing before return, and modified the return value...
CVE-2022-50578 class: fix possible memory leak in __class_register()
In the Linux kernel, the following vulnerability has been resolved: class: fix possible memory leak in classregister If classaddgroups returns error, the 'cp-subsys' need be unregister, and the 'cp' need be freed. We can not call ksetunregister here, because the 'cls' will be freed in callback...
CVE-2022-50568 usb: gadget: f_hid: fix f_hidg lifetime vs cdev
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fhid: fix fhidg lifetime vs cdev The embedded struct cdev does not have its lifetime correctly tied to the enclosing struct fhidg, so there is a use-after-free if /dev/hidgN is held open while the gadget is deleted...
CVE-2022-50566
CVE-2022-50566 affects the Linux kernel MTD subsystem. The description reports a fix for a device name leak that occurs when register_device() fails in add_mtd_device(), which can lead to a kmemleak unreferenced object being left (example: mtd0). The backtrace shows allocations and naming via kob...
CVE-2022-50559 clk: imx: scu: fix memleak on platform_device_add() fails
In the Linux kernel, the following vulnerability has been resolved: clk: imx: scu: fix memleak on platformdeviceadd fails No error handling is performed when platformdeviceadd fails. Add error processing before return, and modified the return value...
CVE-2022-50559
CVE-2022-50559 affects the Linux kernel component clock: imx (scu). The issue is caused by missing error handling when platform_device_add() fails, leading to a memleak. The fix adds proper error processing before returning and adjusts the return value to reflect the error. The connected sources ...
CVE-2022-50559 clk: imx: scu: fix memleak on platform_device_add() fails
In the Linux kernel, the following vulnerability has been resolved: clk: imx: scu: fix memleak on platformdeviceadd fails No error handling is performed when platformdeviceadd fails. Add error processing before return, and modified the return value...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an invalid timer ID search loop limit in the posixtimeradd function, which could lead to an infinite loop...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from regmapaddirqchipfwnode not using the numconfigregs attribute, which could result in a null pointer dereference...
JLSEC-2025-174 An issue was discovered in GNU gettext 0.19.8
An issue was discovered in GNU gettext 0.19.8. There is a double free in defaultaddmessage in read-catalog.c, related to an invalid free in pogramparse in po-gram-gen.y, as demonstrated by lt-msgfmt...
AlmaLinux 8 : kernel-rt (ALSA-2025:18298)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:18298 advisory. kernel: ALSA: usb-audio: Validate UAC3 cluster segment descriptors CVE-2025-39757 kernel: ALSA: hda/ca0132: Fix buffer overflow in addtuningcontrol...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987716)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987716 advisory. In the Linux kernel, the following vulnerability has been resolved: Revert wifi: mac80211: fix memory leak in ieee80211ifadd This reverts commit...
CVE-2025-11946
A security flaw has been discovered in LogicalDOC Community Edition up to 9.2.1. This issue affects some unknown processing of the file /frontend.jsp of the component Add Contact Page. Performing manipulation of the argument First Name/Last Name/Company/Address/Phone/Mobile results in cross site...
CVE-2025-62425
MAS Matrix Authentication Service is a user management and authentication service for Matrix homeservers, written and maintained by Element. A logic flaw in matrix-authentication-service 0.20.0 through 1.4.0 allows an attacker with access to an authenticated MAS session to perform sensitive...
EUVD-2025-35010
A security flaw has been discovered in LogicalDOC Community Edition up to 9.2.1. This issue affects some unknown processing of the file /frontend.jsp of the component Add Contact Page. Performing manipulation of the argument First Name/Last Name/Company/Address/Phone/Mobile results in cross site...
JLSEC-2025-155 GNOME GLib before 2.65.3 has an integer overflow, that might lead to an out-of-bounds write, in g_op...
GNOME GLib before 2.65.3 has an integer overflow, that might lead to an out-of-bounds write, in goptiongroupaddentries. NOTE: the vendor's position is "Realistically this is not a security issue. The standard pattern is for callers to provide a static list of option entries in a fixed number of...
CVE-2025-11946
A security flaw has been discovered in LogicalDOC Community Edition up to 9.2.1. This issue affects some unknown processing of the file /frontend.jsp of the component Add Contact Page. Performing manipulation of the argument First Name/Last Name/Company/Address/Phone/Mobile results in cross site...
CVE-2025-11946 LogicalDOC Community Edition Add Contact frontend.jsp cross site scripting
A security flaw has been discovered in LogicalDOC Community Edition up to 9.2.1. This issue affects some unknown processing of the file /frontend.jsp of the component Add Contact Page. Performing manipulation of the argument First Name/Last Name/Company/Address/Phone/Mobile results in cross site...