CVE-2022-48857

CVE-2022-48857 affects the Linux kernel NFC port100 driver (drivers/nfc/port100.c). The vulnerability is a use-after-free in port100_send_complete caused by freed devm memory on probe failure due to missing usb_kill_urb() calls on the error path. Impact is described as use-after-free; remediation...

CVE-2022-48857 NFC: port100: fix use-after-free in port100_send_complete

In the Linux kernel, the following vulnerability has been resolved: NFC: port100: fix use-after-free in port100sendcomplete Syzbot reported UAF in port100sendcomplete. The root case is in missing usbkillurb calls on error handling path of -probe function. port100sendcomplete accesses devm allocat...

CVE-2022-48857 NFC: port100: fix use-after-free in port100_send_complete

In the Linux kernel, the following vulnerability has been resolved: NFC: port100: fix use-after-free in port100sendcomplete Syzbot reported UAF in port100sendcomplete. The root case is in missing usbkillurb calls on error handling path of -probe function. port100sendcomplete accesses devm allocat...

UBUNTU-CVE-2021-47583

In the Linux kernel, the following vulnerability has been resolved: media: mxl111sf: change mutexinit location Syzbot reported, that mxl111sfctrlmsg uses uninitialized mutex. The problem was in wrong mutexinit location. Previous mutexinit&state-msglock call was in -init function, but dvbusbv2init...

SUSE CVE-2023-52853

In the Linux kernel, the following vulnerability has been resolved: hid: cp2112: Fix duplicate workqueue initialization Previously the cp2112 driver called INITDELAYEDWORK within cp2112gpioirqstartup, resulting in duplicate initilizations of the workqueue on subsequent IRQ startups following an...

DEBIAN-CVE-2021-47476

In the Linux kernel, the following vulnerability has been resolved: comedi: niusb6501: fix NULL-deref in command paths The driver uses endpoint-sized USB transfer buffers but had no sanity checks on the sizes. This can lead to zero-size-pointer dereferences or overflowed transfer buffers in...

UBUNTU-CVE-2021-47476

In the Linux kernel, the following vulnerability has been resolved: comedi: niusb6501: fix NULL-deref in command paths The driver uses endpoint-sized USB transfer buffers but had no sanity checks on the sizes. This can lead to zero-size-pointer dereferences or overflowed transfer buffers in...

DEBIAN-CVE-2023-52853

In the Linux kernel, the following vulnerability has been resolved: hid: cp2112: Fix duplicate workqueue initialization Previously the cp2112 driver called INITDELAYEDWORK within cp2112gpioirqstartup, resulting in duplicate initilizations of the workqueue on subsequent IRQ startups following an...

UBUNTU-CVE-2023-52853

In the Linux kernel, the following vulnerability has been resolved: hid: cp2112: Fix duplicate workqueue initialization Previously the cp2112 driver called INITDELAYEDWORK within cp2112gpioirqstartup, resulting in duplicate initilizations of the workqueue on subsequent IRQ startups following an...

CVE-2021-47330

In the Linux kernel, the following vulnerability has been resolved: tty: serial: 8250: serialcs: Fix a memory leak in error handling path In the probe function, if the final 'serialconfig' fails, 'info' is leaking. Add a resource handling path to free this memory...

UBUNTU-CVE-2021-47306

In the Linux kernel, the following vulnerability has been resolved: net: fddi: fix UAF in fzaprobe fp is netdev private data and it cannot be used after freenetdev call. Using fp after freenetdev can cause UAF bug. Fix it by moving freenetdev after error message. TURBOchannel adapter"...

CVE-2021-47330 tty: serial: 8250: serial_cs: Fix a memory leak in error handling path

In the Linux kernel, the following vulnerability has been resolved: tty: serial: 8250: serialcs: Fix a memory leak in error handling path In the probe function, if the final 'serialconfig' fails, 'info' is leaking. Add a resource handling path to free this memory...

PT-2024-14757 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A issue has been resolved in the Linux kernel related to the iio: adc: stm32-adc, where the function stm32 adc probe was hardened against a NULL pointer dereference. The of match devic...

UBUNTU-CVE-2024-35883

In the Linux kernel, the following vulnerability has been resolved: spi: mchp-pci1xxx: Fix a possible null pointer dereference in pci1xxxspiprobe In function pci1xxxxspiprobe, there is a potential null pointer that may be caused by a failed memory allocation by the function devmkzalloc. Hence, a...

UBUNTU-CVE-2023-52663

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: amd: Fix memory leak in amdsofacpprobe Driver uses kasprintf to initialize fwcode,databin members of struct acpdevdata, but kfree is never called to deallocate the memory, which results in a memory leak. Fix the issue ...

CVE-2024-26866

A vulnerability was found in the fsllpspiprobe function in the Linux kernel, which handles memory allocation manually with the spiallochost and spialloctarget functions, but also utilizes the devmspiregistercontroller function. This could result in a potential use-after-free issue if the devm...

CVE-2024-26876

In the Linux kernel, the following vulnerability has been resolved: drm/bridge: adv7511: fix crash on irq during probe Moved IRQ registration down to end of adv7511probe. If an IRQ already is pending during adv7511probe before adv7511cecinit then cecreceivedmsgts could crash using uninitialized...

UBUNTU-CVE-2024-26866

In the Linux kernel, the following vulnerability has been resolved: spi: lpspi: Avoid potential use-after-free in probe fsllpspiprobe is allocating/disposing memory manually with spiallochost/spialloctarget, but uses devmspiregistercontroller. In case of error after the latter call the memory wil...

CVE-2024-26866 spi: lpspi: Avoid potential use-after-free in probe()

In the Linux kernel, the following vulnerability has been resolved: spi: lpspi: Avoid potential use-after-free in probe fsllpspiprobe is allocating/disposing memory manually with spiallochost/spialloctarget, but uses devmspiregistercontroller. In case of error after the latter call the memory wil...

UBUNTU-CVE-2024-26807

In the Linux kernel, the following vulnerability has been resolved: Both cadence-quadspi -runtimesuspend and -runtimeresume implementations start with: struct cqspist cqspi = devgetdrvdatadev; struct spicontroller host = devgetdrvdatadev; This obviously cannot be correct, unless "struct cqspist" ...