SUSE CVE-2022-49524

In the Linux kernel, the following vulnerability has been resolved: media: pci: cx23885: Fix the error handling in cx23885initdev When the driver fails to call the dmasetmask, the driver will get the following splat: 55.853884 BUG: KASAN: use-after-free in processremoveddriver+0x3c/0x240 55.85448...

SUSE CVE-2022-49540

In the Linux kernel, the following vulnerability has been resolved: rcu-tasks: Fix race in schedule and flush work While booting secondary CPUs, cpusreadlock/unlock is not keeping online cpumask stable. The transient online mask results in below calltrace. 0.324121 CPU1: Booted secondary processo...

CVE-2024-57983

In the Linux kernel, the following vulnerability has been resolved: mailbox: th1520: Fix memory corruption due to incorrect array size The functions th1520mboxsuspendnoirq and th1520mboxresumenoirq are intended to save and restore the interrupt mask registers in the MBOX ICU0. However, the array...

UBUNTU-CVE-2024-57983

In the Linux kernel, the following vulnerability has been resolved: mailbox: th1520: Fix memory corruption due to incorrect array size The functions th1520mboxsuspendnoirq and th1520mboxresumenoirq are intended to save and restore the interrupt mask registers in the MBOX ICU0. However, the array...

CVE-2024-57983 mailbox: th1520: Fix memory corruption due to incorrect array size

In the Linux kernel, the following vulnerability has been resolved: mailbox: th1520: Fix memory corruption due to incorrect array size The functions th1520mboxsuspendnoirq and th1520mboxresumenoirq are intended to save and restore the interrupt mask registers in the MBOX ICU0. However, the array...

CVE-2024-57983

The CVE-2024-57983 issue concerns the Linux kernel mailbox support (th1520) for ICU0. The vulnerability arose from an incorrectly sized array used to save and restore interrupt mask registers, leading to memory corruption when accessing all four registers during suspend and resume. The connected ...

CVE-2024-57983 mailbox: th1520: Fix memory corruption due to incorrect array size

In the Linux kernel, the following vulnerability has been resolved: mailbox: th1520: Fix memory corruption due to incorrect array size The functions th1520mboxsuspendnoirq and th1520mboxresumenoirq are intended to save and restore the interrupt mask registers in the MBOX ICU0. However, the array...

CVE-2024-57983

In the Linux kernel, the following vulnerability has been resolved: mailbox: th1520: Fix memory corruption due to incorrect array size The functions th1520mboxsuspendnoirq and th1520mboxresumenoirq are intended to save and restore the interrupt mask registers in the MBOX ICU0. However, the array...

PT-2025-8770 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A memory corruption issue in the Linux kernel has been identified, specifically in the mailbox component, th1520. The functions th1520 mbox suspend noirq and th1520 mbox resume noirq a...

Security update for xwayland

This update for xwayland fixes the following issues: CVE-2025-26594: Use-after-free of the root cursor bsc1237427. CVE-2025-26595: Buffer overflow in XkbVModMaskText bsc1237429. CVE-2025-26596: Heap overflow in XkbWriteKeySyms bsc1237430. CVE-2025-26597: Buffer overflow in XkbChangeTypesOfKey...

DEBIAN-CVE-2022-49592

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix dma queue left shift overflow issue When queue number is 4, left shift overflows due to 32 bits integer variable. Mask calculation is wrong for MTLRXQDMAMAP1. If CONFIGUBSAN is enabled, kernel dumps below warning...

CVE-2022-49524

In the Linux kernel, the following vulnerability has been resolved: media: pci: cx23885: Fix the error handling in cx23885initdev When the driver fails to call the dmasetmask, the driver will get the following splat: 55.853884 BUG: KASAN: use-after-free in processremoveddriver+0x3c/0x240 55.85448...

DEBIAN-CVE-2022-49524

In the Linux kernel, the following vulnerability has been resolved: media: pci: cx23885: Fix the error handling in cx23885initdev When the driver fails to call the dmasetmask, the driver will get the following splat: 55.853884 BUG: KASAN: use-after-free in processremoveddriver+0x3c/0x240 55.85448...

UBUNTU-CVE-2022-49524

In the Linux kernel, the following vulnerability has been resolved: media: pci: cx23885: Fix the error handling in cx23885initdev When the driver fails to call the dmasetmask, the driver will get the following splat: 55.853884 BUG: KASAN: use-after-free in processremoveddriver+0x3c/0x240 55.85448...

UBUNTU-CVE-2022-49592

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix dma queue left shift overflow issue When queue number is 4, left shift overflows due to 32 bits integer variable. Mask calculation is wrong for MTLRXQDMAMAP1. If CONFIGUBSAN is enabled, kernel dumps below warning...

DEBIAN-CVE-2022-49197

In the Linux kernel, the following vulnerability has been resolved: afnetlink: Fix shift out of bounds in group mask calculation When a netlink message is received, netlinkrecvmsg fills in the address of the sender. One of the fields is the 32-bit bitfield nlgroups, which carries the multicast...

DEBIAN-CVE-2022-49099

In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Fix initialization of device object in vmbusdeviceregister Initialize the device's dmamask,parms pointers and the device's dmamask value before invoking deviceregister. Address the following trace with 5.17-rc...

UBUNTU-CVE-2022-49197

In the Linux kernel, the following vulnerability has been resolved: afnetlink: Fix shift out of bounds in group mask calculation When a netlink message is received, netlinkrecvmsg fills in the address of the sender. One of the fields is the 32-bit bitfield nlgroups, which carries the multicast...

UBUNTU-CVE-2022-49099

In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Fix initialization of device object in vmbusdeviceregister Initialize the device's dmamask,parms pointers and the device's dmamask value before invoking deviceregister. Address the following trace with 5.17-rc...

SUSE CVE-2025-26601

A use-after-free flaw was found in X.Org and Xwayland. When changing an alarm, the values of the change mask are evaluated one after the other, changing the trigger values as requested, and eventually, SyncInitTrigger is called. If one of the changes triggers an error, the function will return...