Linux Distros Unpatched Vulnerability : CVE-2022-49275

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - can: mcan: mcantxhandler: fix use after free of skb canputechoskb will clone skb then free the skb. Move the canputechoskb for the mcan version 3.0.x directly...

Linux Distros Unpatched Vulnerability : CVE-2022-49060

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net/smc: Fix NULL pointer dereference in smcpnetfindib devname was called with dev.parent as...

Linux Distros Unpatched Vulnerability : CVE-2024-47720

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amd/display: Add null check for setoutputgamma in dcn30setoutputtransferfunc This commit adds a null check for the setoutputgamma function pointer in the...

Linux Distros Unpatched Vulnerability : CVE-2024-35823

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vt: fix unicode buffer corruption when deleting characters This is the same issue that was fixed for the VGA text buffer in commit 39cdb68c64d8 vt: fix memory...

Linux Distros Unpatched Vulnerability : CVE-2024-46716

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dmaengine: altera-msgdma: properly free descriptor in msgdmafreedescriptor Remove listdel call in msgdmachandesccleanup, this should be the role of...

Linux Distros Unpatched Vulnerability : CVE-2024-46759

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: hwmon: adc128d818 Fix underflows seen when writing limit attributes DIVROUNDCLOSEST after...

Linux Distros Unpatched Vulnerability : CVE-2022-49451

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Fix list protocols enumeration in the base protocol While enumerating...

Linux Distros Unpatched Vulnerability : CVE-2021-47622

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: ufs: Fix a deadlock in the error handler The following deadlock has been observed on a test setup: - All tags allocated - The SCSI error handler calls...

CVE-2025-21824 gpu: host1x: Fix a use of uninitialized mutex

In the Linux kernel, the following vulnerability has been resolved: gpu: host1x: Fix a use of uninitialized mutex commit c8347f915e67 "gpu: host1x: Fix boot regression for Tegra" caused a use of uninitialized mutex leading to below warning when CONFIGDEBUGMUTEXES and CONFIGDEBUGLOCKALLOC are...

CVE-2025-21811 nilfs2: protect access to buffers with no active references

In the Linux kernel, the following vulnerability has been resolved: nilfs2: protect access to buffers with no active references nilfslookupdirtydatabuffers, which iterates through the buffers attached to dirty data folios/pages, accesses the attached buffers without locking the folios/pages. For...

AZL-62767 CVE-2024-58006 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: PCI: dwc: ep: Prevent changing BAR size/flags in pciepcsetbar In commit 4284c88fff0e "PCI: designware-ep: Allow pciepcsetbar update inbound map address" setbar was modified to support dynamically changing the backing physical...

CVE-2025-21770 iommu: Fix potential memory leak in iopf_queue_remove_device()

In the Linux kernel, the following vulnerability has been resolved: iommu: Fix potential memory leak in iopfqueueremovedevice The iopfqueueremovedevice helper removes a device from the per-iommu iopf queue when PRI is disabled on the device. It responds to all outstanding iopf's with an...

CVE-2025-21754

The CVE-2025-21754 affects Linux kernel btrfs behavior. When a direct IO write triggers a transaction abort, ordered extents are marked with BTRFS_ORDERED_IOERR, and if an ordered extent still has bytes remaining, btrfs_split_ordered_extent() asserts on flags. The documented root cause is an asse...

CVE-2025-21746 Input: synaptics - fix crash when enabling pass-through port

In the Linux kernel, the following vulnerability has been resolved: Input: synaptics - fix crash when enabling pass-through port When enabling a pass-through port an interrupt might come before psmouse driver binds to the pass-through port. However synaptics sub-driver tries to access psmouse...

CVE-2024-58013 Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmtremoveadvmonitorsync This fixes the following crash: ================================================================== BUG: KASAN: slab-use-after-free in...

CVE-2025-21727 padata: fix UAF in padata_reorder

In the Linux kernel, the following vulnerability has been resolved: padata: fix UAF in padatareorder A bug was found when run ltp test: BUG: KASAN: slab-use-after-free in padatafindnext+0x29/0x1a0 Read of size 4 at addr ffff88bbfe003524 by task kworker/u113:2/3039206 CPU: 0 PID: 3039206 Comm:...

CVE-2024-57987 Bluetooth: btrtl: check for NULL in btrtl_setup_realtek()

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btrtl: check for NULL in btrtlsetuprealtek If insert an USB dongle which chip is not maintained in icidtable, it will hit the NULL point accessed. Add a null point check to avoid the Kernel Oops...

CVE-2024-57984 i3c: dw: Fix use-after-free in dw_i3c_master driver due to race condition

In the Linux kernel, the following vulnerability has been resolved: i3c: dw: Fix use-after-free in dwi3cmaster driver due to race condition In dwi3ccommonprobe, &master-hjwork is bound with dwi3chjwork. And dwi3cmasterirqhandler can call dwi3cmasterirqhandleibis function to start the work. If we...

CVE-2024-57981 usb: xhci: Fix NULL pointer dereference on certain command aborts

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Fix NULL pointer dereference on certain command aborts If a command is queued to the final usable TRB of a ring segment, the enqueue pointer is advanced to the subsequent link TRB and no further. If the command is late...

CVE-2022-49444

In the Linux kernel, the following vulnerability has been resolved: module: fix eshstrndx.shsize=0 OOB access It is trivial to craft a module to trigger OOB access in this line: if info-secstringsstrhdr-shsize - 1 != '\0' BUG: unable to handle page fault for address: ffffc90000aa0fff PGD 10000006...