CVE-2025-39728 clk: samsung: Fix UBSAN panic in samsung_clk_init()

In the Linux kernel, the following vulnerability has been resolved: clk: samsung: Fix UBSAN panic in samsungclkinit With UBSANARRAYBOUNDS=y, I'm hitting the below panic due to dereferencing ctx-clkdata.hws before setting ctx-clkdata.num = nrclks. Move that up to fix the crash. UBSAN: array index...

CVE-2025-39728

The CVE-2025-39728 issue is in the Linux kernel clock framework for Samsung clocks. With UBSAN_ARRAY_BOUNDS=y, code dereferences ctx->clk_data.hws before setting ctx->clk_data.num, causing an UBSAN array bounds panic. The fix moves the assignment of nr_clks (ctx->clk_data.num) before der...

CVE-2025-39728 clk: samsung: Fix UBSAN panic in samsung_clk_init()

In the Linux kernel, the following vulnerability has been resolved: clk: samsung: Fix UBSAN panic in samsungclkinit With UBSANARRAYBOUNDS=y, I'm hitting the below panic due to dereferencing ctx-clkdata.hws before setting ctx-clkdata.num = nrclks. Move that up to fix the crash. UBSAN: array index...

webkitgtk: Processing maliciously crafted web content may lead to memory corruption

A flaw was found in WebKitGTK. Processing malicious web content can cause a buffer overflow due to an improper validation of the index to access an array, resulting in memory corruption...

LSN-0111-1 Kernel Live Patch Security Notice

It was discovered that the watchqueue event notification system contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service or escalate their privileges.CVE-2022-0995 In the Linux kernel, the following vulnerability has been resolved: smb: client:...

CVE-2025-21447 Improper Validation of Array Index in Computer Vision

Memory corruption may occur while processing device IO control call for session control...

CVE-2025-21447

CVE-2025-21447 affects Qualcomm Snapdragon chipsets. The issue is memory corruption occurring when processing a device IOCTL call for session control, caused by an underlying vulnerability in the IOCTL handling path. The provided sources (NVD/Red Hat/CVE record and related feeds) confirm the memo...

CVE-2025-21447 Improper Validation of Array Index in Computer Vision

Memory corruption may occur while processing device IO control call for session control...

CVE-2025-21423

CVE-2025-21423 affects Qualcomm chipsets; memory corruption occurs when handling client calls to EnableTestMode through an Escape call. The CVSS-3.1 metrics indicate a LOCAL attack vector, LOW privileges required, no user interaction, with HIGH confidentiality, integrity, and availability impact....

CVE-2025-21423 Improper Validation of Array Index in Display

Memory corruption occurs when handling client calls to EnableTestMode through an Escape call...

CVE-2025-21985 drm/amd/display: Fix out-of-bound accesses

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix out-of-bound accesses WHAT & HOW hpostreamtolinkencodermapping has size MAXHPODP2ENCODERS=4, but location can have size up to 6. As a result, it is necessary to check location against MAXHPODP2ENCODERS...

SUSE CVE-2023-53000

In the Linux kernel, the following vulnerability has been resolved: netlink: prevent potential spectre v1 gadgets Most netlink attributes are parsed and validated from nlavalidateparse or validatenla u16 type = nlatypenla; if type == 0 || type maxtype / error or continue / @type is then used as a...

CVE-2025-0313

Rejected reason: REJECT DO NOT USE THIS CVE ID NUMBER. The Rejected CVE Record is a duplicate of CVE-2024-12055. Notes: All CVE users should reference CVE-2024-12055 instead of this CVE Record. All references and descriptions in this candidate have been removed to prevent accidental usage...

CVE-2025-0313

...

CVE-2025-0313

...

Improper Validation Of Array Index

github.com/onosproject/onos-lib-go is vulnerable to Improper Validation of Array Index. The vulnerability is due to an index out-of-range error in the GetBitString function. An attacker can cause a denial of service by sending crafted input that specifies a zero value for numBits...

Improper Validation of Array Index

Overview Affected versions of this package are vulnerable to Improper Validation of Array Index due to an index out-of-range error in the GetBitString function. An attacker can cause a denial of service by sending crafted input that specifies a zero value for numBits. PoC golang package main impo...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-56595)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-56595 advisory. - In the Linux kernel, the following vulnerability has been resolved: jfs: add a check to prevent array-...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-56598)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-56598 advisory. - In the Linux kernel, the following vulnerability has been resolved: jfs: array-index-out-of-bounds fix in...

Azure Linux 3.0 Security Update: kernel (CVE-2024-53156)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-53156 advisory. - In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: add range check for...