SUSE CVE-2025-39705

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix a Null pointer dereference vulnerability Why A null pointer dereference vulnerability exists in the AMD display driver's DC module cleanup function dcdestruct. When display control context dc-ctx construction...

UBUNTU-CVE-2025-39705

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix a Null pointer dereference vulnerability Why A null pointer dereference vulnerability exists in the AMD display driver's DC module cleanup function dcdestruct. When display control context dc-ctx construction...

CVE-2025-39705

The CVE-2025-39705 entry concerns a NULL pointer dereference in the AMD display driver (DC module) for the Linux kernel. Root cause: during cleanup in dc_destruct(), if dc->ctx construction failed, dc->ctx is NULL but code dereferenced dc->ctx->perf_trace. The fix added a NULL check f...

CVE-2025-39705 drm/amd/display: fix a Null pointer dereference vulnerability

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix a Null pointer dereference vulnerability Why A null pointer dereference vulnerability exists in the AMD display driver's DC module cleanup function dcdestruct. When display control context dc-ctx construction...

CVE-2025-38612 staging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc()

In the Linux kernel, the following vulnerability has been resolved: staging: fbtft: fix potential memory leak in fbtftframebufferalloc In the error paths after fbinfo structure is successfully allocated, the memory allocated in fbdeferredioinit for info-pagerefs is not freed. Fix that by adding t...

Linux Distros Unpatched Vulnerability : CVE-2021-47356

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mISDN: fix possible use-after-free in HFCcleanup This module's remove path calls deltimer. However, that function does not wait until the timer handler finishes...

DEBIAN-CVE-2025-38384

In the Linux kernel, the following vulnerability has been resolved: mtd: spinand: fix memory leak of ECC engine conf Memory allocated for the ECC engine conf is not released during spinand cleanup. Below kmemleak trace is seen for this memory leak: unreferenced object 0xffffff80064f00e0 size 8:...

UBUNTU-CVE-2025-38384

In the Linux kernel, the following vulnerability has been resolved: mtd: spinand: fix memory leak of ECC engine conf Memory allocated for the ECC engine conf is not released during spinand cleanup. Below kmemleak trace is seen for this memory leak: unreferenced object 0xffffff80064f00e0 size 8:...

PT-2025-33754

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a use-after-free issue within the composite dev cleanup function. This occurs because a pointer, cdev-os desc req, may not be set to NULL after a kmalloc...

PT-2025-33810

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A memory leak was resolved in the fbtft framebuffer alloc function within the staging area of the Linux kernel. Specifically, memory allocated for info-pagerefs in fb deferred io init...

CVE-2022-50135 RDMA/rxe: Fix BUG: KASAN: null-ptr-deref in rxe_qp_do_cleanup

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix BUG: KASAN: null-ptr-deref in rxeqpdocleanup The function rxecreateqp calls rxeqpfrominit. If some error occurs, the error handler of function rxeqpfrominit will set both scq and rcq to NULL. Then rxecreateqp calls...

BIT-MARIADB-MIN-2022-27377

MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component Itemfuncin::cleanup, which is exploited via specially crafted SQL statements...

SUSE CVE-2025-37842

In the Linux kernel, the following vulnerability has been resolved: spi: fsl-qspi: use devm function instead of driver remove Driver use devm APIs to manage clk/irq/resources and register the spi controller, but the legacy remove function will be called first during device detach and trigger kern...

UBUNTU-CVE-2025-37847

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix deadlock in ivpumscleanup Fix deadlock in ivpumscleanup by preventing runtime resume after filepriv-mslock is acquired. During a failure in runtime resume, a cold boot is executed, which calls ivpumscleanupall. Th...

UBUNTU-CVE-2023-53098

In the Linux kernel, the following vulnerability has been resolved: media: rc: gpio-ir-recv: add remove function In case runtime PM is enabled, do runtime PM clean up to remove cpu latency qos request, otherwise driver removal may have below kernel dump: 19.463299 Unable to handle kernel NULL...

CVE-2022-49926

In the Linux kernel, the following vulnerability has been resolved: net: dsa: Fix possible memory leaks in dsaloopinit kmemleak reported memory leaks in dsaloopinit: kmemleak: 12 new suspected memory leaks unreferenced object 0xffff8880138ce000 size 2048: comm "modprobe", pid 390, jiffies...

CVE-2022-49904 net, neigh: Fix null-ptr-deref in neigh_table_clear()

In the Linux kernel, the following vulnerability has been resolved: net, neigh: Fix null-ptr-deref in neightableclear When IPv6 module gets initialized but hits an error in the middle, kenel panic with: KASAN: null-ptr-deref in range 0x0000000000000598-0x000000000000059f CPU: 1 PID: 361 Comm:...

PT-2025-20498

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A deadlock issue in the Linux kernel has been resolved. The problem occurred in the ivpu ms cleanup function, which is called by ivpu ms cleanup all during a cold boot after a failure in...

Directory Traversal

Overview aim is a super-easy way to record, search and compare AI experiments. Affected versions of this package are vulnerable to Directory Traversal via the LocalFileManager.cleanup function, by crafting a malicious glob-pattern that is not verified to be within the directory managed by...

CVE-2022-49651

In the Linux kernel, the following vulnerability has been resolved: srcu: Tighten cleanupsrcustruct GP checks Currently, cleanupsrcustruct checks for a grace period in progress, but it does not check for a grace period that has not yet started but which might start at any time. Such a situation...