9100 matches found
CVE-2024-58096
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: add srng-lock for ath11khalsrng in monitor mode ath11khalsrng should be used with srng-lock to protect srng data. For ath11kdprxmondestprocess and ath11kdpfullmonprocessrx, they use ath11khalsrng for many times but...
DEBIAN-CVE-2024-58096
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: add srng-lock for ath11khalsrng in monitor mode ath11khalsrng should be used with srng-lock to protect srng data. For ath11kdprxmondestprocess and ath11kdpfullmonprocessrx, they use ath11khalsrng for many times but...
UBUNTU-CVE-2024-58096
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: add srng-lock for ath11khalsrng in monitor mode ath11khalsrng should be used with srng-lock to protect srng data. For ath11kdprxmondestprocess and ath11kdpfullmonprocessrx, they use ath11khalsrng for many times but...
CVE-2025-22119
CVE-2025-22119 concerns the Linux kernel wireless stack. The issue occurs in cfg80211 where wiphy_work is not fully initialized before rfkill allocation, allowing cfg80211_dev_free to access uninitialized wiphy_work data via a race with the rfkill path. The root cause is an uninitialized wiphy_wo...
CVE-2025-22119 wifi: cfg80211: init wiphy_work before allocating rfkill fails
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: init wiphywork before allocating rfkill fails syzbort reported a uninitialize wiphyworklock in cfg80211devfree. 1 After rfkill allocation fails, the wiphy release process will be performed, which will cause...
CVE-2025-22119 wifi: cfg80211: init wiphy_work before allocating rfkill fails
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: init wiphywork before allocating rfkill fails syzbort reported a uninitialize wiphyworklock in cfg80211devfree. 1 After rfkill allocation fails, the wiphy release process will be performed, which will cause...
CVE-2025-22116 idpf: check error for register_netdev() on init
In the Linux kernel, the following vulnerability has been resolved: idpf: check error for registernetdev on init Current init logic ignores the error code from registernetdev, which will cause WARNON on attempt to unregister it, if there was one, and there is no info for the user that the creatio...
CVE-2025-22116
In the Linux kernel, the following vulnerability has been resolved: idpf: check error for registernetdev on init Current init logic ignores the error code from registernetdev, which will cause WARNON on attempt to unregister it, if there was one, and there is no info for the user that the creatio...
CVE-2025-22110
CVE-2025-22110 affects the Linux kernel nfnetlink_queue path under netfilter. The vulnerability arises because a local message buffer ctx (lsmctx) could be read/used before proper initialization in nfqnl_build_packet_message(), since initialization occurs only after nfqnl_get_sk_secctx(). The pat...
CVE-2025-22110 netfilter: nfnetlink_queue: Initialize ctx to avoid memory allocation error
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: Initialize ctx to avoid memory allocation error It is possible that ctx in nfqnlbuildpacketmessage could be used before it is properly initialize, which is only initialized by nfqnlgetsksecctx. This pat...
CVE-2025-22110 netfilter: nfnetlink_queue: Initialize ctx to avoid memory allocation error
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: Initialize ctx to avoid memory allocation error It is possible that ctx in nfqnlbuildpacketmessage could be used before it is properly initialize, which is only initialized by nfqnlgetsksecctx. This pat...
CVE-2025-22110
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: Initialize ctx to avoid memory allocation error It is possible that ctx in nfqnlbuildpacketmessage could be used before it is properly initialize, which is only initialized by nfqnlgetsksecctx. This pat...
CVE-2025-22099
CVE-2025-22099 affects the Linux kernel (drm: xlnx: zynqmp_dpsub) where devm_kasprintf() can return NULL and the NULL result wasn’t checked in zynqmp_audio_init(), risking a NULL dereference. The fix adds a NULL check in zynqmp_audio_init() to avoid dereferencing null pointers. Astra Linux securi...
CVE-2025-22097 drm/vkms: Fix use after free and double free on init error
In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix use after free and double free on init error If the driver initialization fails, the vkmsexit function might access an uninitialized or freed defaultconfig pointer and it might double free it. Fix both possible erro...
CVE-2025-22097
CVE-2025-22097 affects the Linux kernel vkms (drm/vkms). The vulnerability is a use-after-free and potential double-free of the default_config pointer when driver init fails, because vkms_exit() may access an uninitialized/freed default_config. The fix: initialize default_config only if the drive...
CVE-2025-22097 drm/vkms: Fix use after free and double free on init error
In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix use after free and double free on init error If the driver initialization fails, the vkmsexit function might access an uninitialized or freed defaultconfig pointer and it might double free it. Fix both possible erro...
CVE-2025-22097 drm/vkms: Fix use after free and double free on init error
In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix use after free and double free on init error If the driver initialization fails, the vkmsexit function might access an uninitialized or freed defaultconfig pointer and it might double free it. Fix both possible erro...
CVE-2025-22097
In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix use after free and double free on init error If the driver initialization fails, the vkmsexit function might access an uninitialized or freed defaultconfig pointer and it might double free it. Fix both possible erro...
CVE-2024-58092
In the Linux kernel, the following vulnerability has been resolved: nfsd: fix legacy client tracking initialization Get rid of the nfsd4legacytrackingops-init call in checkforlegacymethods. That will be handled in the caller nfsd4clienttrackinginit. Otherwise, we'll wind up calling...
DEBIAN-CVE-2024-58092
In the Linux kernel, the following vulnerability has been resolved: nfsd: fix legacy client tracking initialization Get rid of the nfsd4legacytrackingops-init call in checkforlegacymethods. That will be handled in the caller nfsd4clienttrackinginit. Otherwise, we'll wind up calling...