47 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-43098
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nfc: s3fwrn5: allocate rx skb before consuming bytes s3fwrn82uartread reports the number of accepted bytes to the serdev core. The current code consumes bytes...
Astra Linux - уязвимость в linux-5.10, linux, linux-5.15
A use-after-free flaw was discovered in ndlcremove in drivers/nfc/st-nci/ndlc.c within the Linux kernel. This flaw could allow an attacker to cause the system to crash due to a race condition...
nfc: pn533: allocate rx skb before consuming bytes
...
EUVD-2022-42292
Malicious code in bioql PyPI...
CVE-2022-39847
Use after free vulnerability in setnftpid and signalhandler function of NFC driver prior to SMR Oct-2022 Release 1 allows attackers to perform malicious actions...
CVE-2023-53119
In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: initialize struct pn533outarg properly struct pn533outarg used as a temporary context for outurb is not initialized properly. Its uninitialized 'phy' field can be dereferenced in error cases inside pn533outcomplete...
DEBIAN-CVE-2023-53106
In the Linux kernel, the following vulnerability has been resolved: nfc: st-nci: Fix use after free bug in ndlcremove due to race condition This bug influences both stncii2cremove and stncispiremove. Take stncii2cremove as an example. In stncii2cprobe, it called ndlcprobe and bound &ndlc-smwork...
CVE-2023-53106 nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition
In the Linux kernel, the following vulnerability has been resolved: nfc: st-nci: Fix use after free bug in ndlcremove due to race condition This bug influences both stncii2cremove and stncispiremove. Take stncii2cremove as an example. In stncii2cprobe, it called ndlcprobe and bound &ndlc-smwork...
UBUNTU-CVE-2022-49922
In the Linux kernel, the following vulnerability has been resolved: nfc: nfcmrvl: Fix potential memory leak in nfcmrvli2cncisend nfcmrvli2cncisend will be called by nfcmrvlncisend, and skb should be freed in nfcmrvli2cncisend. However, nfcmrvlncisend will only free skb when i2cmastersend return =...
CVE-2022-49923 nfc: nxp-nci: Fix potential memory leak in nxp_nci_send()
In the Linux kernel, the following vulnerability has been resolved: nfc: nxp-nci: Fix potential memory leak in nxpncisend nxpncisend will call nxpncii2cwrite, and only free skb when nxpncii2cwrite failed. However, even if the nxpncii2cwrite run succeeds, the skb will not be freed in nxpncii2cwrit...
CVE-2022-49923
In the Linux kernel, the following vulnerability has been resolved: nfc: nxp-nci: Fix potential memory leak in nxpncisend nxpncisend will call nxpncii2cwrite, and only free skb when nxpncii2cwrite failed. However, even if the nxpncii2cwrite run succeeds, the skb will not be freed in nxpncii2cwrit...
CVE-2022-49331
In the Linux kernel, the nfc: st21nfca driver was fixed to address memory leaks in EVT_TRANSACTION handling. The error paths did not free previously allocated memory, and the patch adds devm_kfree() to those failure paths to prevent leaks. The CVE entry CVE-2022-49331 reflects this fix. The avail...
Linux kernel null pointer dereference vulnerability (CNVD-2024-42104)
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel suffers from a null pointer dereference vulnerability that stems from the nciskballoc function in the nfc driver not checking when a memory allocation fails, which...
CLSA-2024-1722535359 Fix of 18 CVEs
CVE-url: https://ubuntu.com/security/CVE-2024-25739 - ubi: Check for too small LEB size in VTBL code Bionic update: upstream stable patchset 2021-06-01 LP: 1930472 // CVE- url: https://ubuntu.com/security/CVE-2021-46960 - cifs: Return correct error code from smb2getenckey CVE-url:...
CVE-2021-47180
In the Linux kernel, the following vulnerability has been resolved: NFC: nci: fix memory leak in nciallocatedevice nfcmrvldisconnect fails to free the hcidev field in struct ncidev. Fix this by freeing hcidev in ncifreedevice. BUG: memory leak unreferenced object 0xffff888111ea6800 size 1024: com...
USN-6300-1 linux, linux-aws, linux-aws-5.15, linux-gcp, linux-hwe-5.15, linux-ibm, linux-intel-iotg, linux-intel-iotg-5.15, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-oracle, linux-oracle-5.15, linux-raspi vulnerabilities
William Zhao discovered that the Traffic Control TC subsystem in the Linux kernel did not properly handle network packet retransmission in certain situations. A local attacker could use this to cause a denial of service kernel deadlock. CVE-2022-4269 It was discovered that the NTFS file system...
USN-6300-1: Linux kernel vulnerabilities
William Zhao discovered that the Traffic Control TC subsystem in the Linux kernel did not properly handle network packet retransmission in certain situations. A local attacker could use this to cause a denial of service kernel deadlock. CVE-2022-4269 It was discovered that the NTFS file system...
USN-6221-1: Linux kernel vulnerabilities
It was discovered that a race condition existed in the overlay file system implementation in the Linux kernel. A local attacker could use this to cause a denial of service system crash. CVE-2021-20321 It was discovered that the virtual terminal vt device implementation in the Linux kernel contain...
USN-6186-1: Linux kernel vulnerabilities
Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrar...
USN-6175-1: Linux kernel vulnerabilities
Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrar...