1171 matches found
Linux Distros Unpatched Vulnerability : CVE-2019-20632
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstrated by MP4Box. It contains an invalid pointer dereference in gfodfdeletedescriptor in...
thunderbird: firefox: Sandbox escape due to invalid pointer in the Audio/Video: GMP component
A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: An attacker is able to perform memory corruption in the GMP process which process encrypted media. This process is also heavily sandboxed, but represents slightly different...
thunderbird: firefox: Sandbox escape due to invalid pointer in the Audio/Video: GMP component
A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: An attacker is able to perform memory corruption in the GMP process which process encrypted media. This process is also heavily sandboxed, but represents slightly different...
thunderbird: firefox: Sandbox escape due to invalid pointer in the Audio/Video: GMP component
A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: An attacker is able to perform memory corruption in the GMP process which process encrypted media. This process is also heavily sandboxed, but represents slightly different...
Linux Distros Unpatched Vulnerability : CVE-2020-36224
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service...
Linux Distros Unpatched Vulnerability : CVE-2025-38092
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: use listfirstentryornull for opinfogetlist The listfirstentry macro never returns NULL. If the list is empty then it returns an invalid pointer. Use...
AZL-65714 CVE-2025-38456 affecting package kernel for versions less than 6.6.104.2-1
In the Linux kernel, the following vulnerability has been resolved: ipmi:msghandler: Fix potential memory corruption in ipmicreateuser The "intf" list iterator is an invalid pointer if the correct "intf-intfnum" is not found. Calling atomicdec&intf-nrusers on and invalid pointer will lead to memo...
CVE-2025-38456
CVE-2025-38456 concerns Linux kernel ipmi:msghandler memory corruption in ipmi_create_user(). The bug is triggered when the ipmi interface iterator (intf) pointer is invalid (correct intf_num not found); calling atomic_dec on this invalid pointer can corrupt memory. A fix updates the intf path (i...
CVE-2025-38456 ipmi:msghandler: Fix potential memory corruption in ipmi_create_user()
In the Linux kernel, the following vulnerability has been resolved: ipmi:msghandler: Fix potential memory corruption in ipmicreateuser The "intf" list iterator is an invalid pointer if the correct "intf-intfnum" is not found. Calling atomicdec&intf-nrusers on and invalid pointer will lead to memo...
CVE-2025-38433
In the Linux kernel, the following vulnerability has been resolved: riscv: fix runtime constant support for nommu kernels the runtimefixup32 function does not handle the case where val is zero correctly as might occur when patching a nommu kernel and referring to a physical address below the 4GiB...
PT-2025-30840 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The runtime fixup 32 function does not correctly handle cases where val is zero, potentially leading to an invalid pointer and a kernel panic when accessing it. This occurs because the...
CVE-2025-38328
In the Linux kernel, the following vulnerability has been resolved: jffs2: check jffs2preallocrawnoderefs result in few other places Fuzzing hit another invalid pointer dereference due to the lack of checking whether jffs2preallocrawnoderefs completed successfully. Subsequent logic implies that t...
CVE-2025-38328 jffs2: check jffs2_prealloc_raw_node_refs() result in few other places
In the Linux kernel, the following vulnerability has been resolved: jffs2: check jffs2preallocrawnoderefs result in few other places Fuzzing hit another invalid pointer dereference due to the lack of checking whether jffs2preallocrawnoderefs completed successfully. Subsequent logic implies that t...
CVE-2025-38266
CVE-2025-38266 affects the Linux kernel pinctrl/mediatek EINT path. The root cause was an invalid dereference: a function (mtk_eint_do_init) could be called with a version of struct mtk_pinctrl that lacks the required soc field when using v1 drivers, leading to a potential crash on certain boards...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an invalid pointer dereference issue in pinctrl-mediatek, which could cause a system crash...
PT-2025-28986 · Mediatek +1 · Mt8365 +2
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: This issue involves an invalid pointer dereference in the pinctrl: mediatek: eint subsystem for platforms using version 1 of the common driver. A commit introduced access to the soc...
PT-2025-35977
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to read-copy-update RCU. During CPU online preparation, if the creation of an rcuop kthread fails, the rdp's-nocb cb kthread pointer may not be...
CVE-2025-38092 ksmbd: use list_first_entry_or_null for opinfo_get_list()
In the Linux kernel, the following vulnerability has been resolved: ksmbd: use listfirstentryornull for opinfogetlist The listfirstentry macro never returns NULL. If the list is empty then it returns an invalid pointer. Use listfirstentryornull to check if the list is empty...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a failure to check if a list is empty, which could lead to invalid pointer references...
CVE-2022-50132 usb: cdns3: change place of 'priv_ep' assignment in cdns3_gadget_ep_dequeue(), cdns3_gadget_ep_enable()
In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: change place of 'privep' assignment in cdns3gadgetepdequeue, cdns3gadgetepenable If 'ep' is NULL, result of eptocdns3epep is invalid pointer and its dereference with privep-cdns3dev may cause panic. Found by Linux...