CVE-2025-38423

CVE-2025-38423 — Linux kernel, ASoC: codecs: wcd9375. The issue occurs in the probe path where regulator supplies are obtained with devm_regulator_bulk_get() and could be freed twice if regulator_bulk_free() is called in error paths, leading to a potential double-free situation. The published fix...

PT-2025-30828 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A double free issue exists in the ASoC codecs for wcd9375. The driver obtains regulator supplies via devm regulator bulk get, and should not call regulator bulk free in error or remova...

SUSE CVE-2025-38259

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd9335: Fix missing free of regulator supplies Driver gets and enables all regulator supplies in probe path wcd9335parsedt and wcd9335poweronreset, but does not cleanup in final error paths and in unbind missing...

CVE-2025-38259

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd9335: Fix missing free of regulator supplies Driver gets and enables all regulator supplies in probe path wcd9335parsedt and wcd9335poweronreset, but does not cleanup in final error paths and in unbind missing...

CVE-2025-38259 ASoC: codecs: wcd9335: Fix missing free of regulator supplies

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd9335: Fix missing free of regulator supplies Driver gets and enables all regulator supplies in probe path wcd9335parsedt and wcd9335poweronreset, but does not cleanup in final error paths and in unbind missing...

[SECURITY] Fedora 41 Update: libvpx-1.15.0-3.fc41

libvpx provides the VP8/VP9 SDK, which allows you to integrate your applicati ons with the VP8 and VP9 video codecs, high quality, royalty free, open source co decs deployed on millions of computers and devices worldwide...

[SECURITY] Fedora 42 Update: libvpx-1.15.0-3.fc42

libvpx provides the VP8/VP9 SDK, which allows you to integrate your applicati ons with the VP8 and VP9 video codecs, high quality, royalty free, open source co decs deployed on millions of computers and devices worldwide...

CVE-2020-0965

A remoted code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory, aka 'Microsoft Windows Codecs Library Remote Code Execution Vulnerability'...

CVE-2020-1457

A remote code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory, aka 'Microsoft Windows Codecs Library Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1425...

CVE-2019-14012

Possibility of null pointer deference as the array of video codecs from media info is referenced without null checking while processing SDP messages in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MSM8905,...

CVE-2025-37941 ASoC: codecs: wcd937x: fix a potential memory leak in wcd937x_soc_codec_probe()

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd937x: fix a potential memory leak in wcd937xsoccodecprobe When sndsocdapmnewcontrols or sndsocdapmaddroutes fails, wcd937xsoccodecprobe returns without releasing 'wcd937x-clshinfo', which is allocated by...

The vulnerability of the Codecs components of Google Chrome and Microsoft Edge allows a hacker to execute arbitrary code.

The vulnerability of the Codecs components in Google Chrome and Microsoft Edge is related to buffer overflows in dynamic memory. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...

SUSE CVE-2025-23157

In the Linux kernel, the following vulnerability has been resolved: media: venus: hfiparser: add check to avoid out of bound access There is a possibility that initcodecs is invoked multiple times during manipulated payload from video firmware. In such case, if codecscount can get incremented to...

DEBIAN-CVE-2025-23157

In the Linux kernel, the following vulnerability has been resolved: media: venus: hfiparser: add check to avoid out of bound access There is a possibility that initcodecs is invoked multiple times during manipulated payload from video firmware. In such case, if codecscount can get incremented to...

UBUNTU-CVE-2025-23157

In the Linux kernel, the following vulnerability has been resolved: media: venus: hfiparser: add check to avoid out of bound access There is a possibility that initcodecs is invoked multiple times during manipulated payload from video firmware. In such case, if codecscount can get incremented to...

CVE-2025-23157

CVE-2025-23157 affects the Linux kernel’s media/venus/hfi_parser. Root cause: init_codecs can be invoked multiple times by manipulated video firmware payload, causing codecs_count to exceed MAX_CODEC_NUM and trigger an out-of-bounds access. The fix resets the counter to start from the beginning t...

CVE-2025-23157 media: venus: hfi_parser: add check to avoid out of bound access

In the Linux kernel, the following vulnerability has been resolved: media: venus: hfiparser: add check to avoid out of bound access There is a possibility that initcodecs is invoked multiple times during manipulated payload from video firmware. In such case, if codecscount can get incremented to...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from multiple calls to initcodecs that do not reset the count, which could lead to out-of-bounds access...

SUSE CVE-2025-3619

Heap buffer overflow in Codecs in Google Chrome on Windows prior to 135.0.7049.95 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...

DEBIAN-CVE-2025-3619

Heap buffer overflow in Codecs in Google Chrome on Windows prior to 135.0.7049.95 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...