6095 matches found
CVE-2023-53090
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix an illegal memory access In the kfdwaitonevents function, the kfdeventwaiter structure is allocated by alloceventwaiters, but the event field of the waiter structure is not initialized; When copyfromuser fails in...
CVE-2023-53085
In the Linux kernel, the following vulnerability has been resolved: drm/edid: fix info leak when failing to get panel id Make sure to clear the transfer buffer before fetching the EDID to avoid leaking slab data to the logs on errors that leave the buffer unchanged...
CVE-2023-53083
In the Linux kernel, the following vulnerability has been resolved: nfsd: don't replace page in rqpages if it's a continuation of last page The splice read calls nfsdspliceactor to put the pages containing file data into the svcrqst-rqpages array. It's possible however to get a splice result that...
CVE-2023-53075
In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix invalid address access in lookuprec when index is 0 KASAN reported follow problem: BUG: KASAN: use-after-free in lookuprec Read of size 8 at addr ffff000199270ff0 by task modprobe CPU: 2 Comm: modprobe Call trace:...
CVE-2023-53066 qed/qed_sriov: guard against NULL derefs from qed_iov_get_vf_info
In the Linux kernel, the following vulnerability has been resolved: qed/qedsriov: guard against NULL derefs from qediovgetvfinfo We have to make sure that the info returned by the helper is valid before using it. Found by Linux Verification Center linuxtesting.org with the SVACE static analysis...
CVE-2023-53065
In the Linux kernel, the following vulnerability has been resolved: perf/core: Fix perfoutputbegin parameter is incorrectly invoked in perfeventbpfoutput syzkaller reportes a KASAN issue with stack-out-of-bounds. The call trace is as follows: dumpstack+0x9c/0xd3...
CVE-2023-53064
In the Linux kernel, the following vulnerability has been resolved: iavf: fix hang on reboot with ice When a system with E810 with existing VFs gets rebooted the following hang may be observed. Pid 1 is hung in iavfremove, part of a network driver: PID: 1 TASK: ffff965400e5a340 CPU: 24 COMMAND:...
CVE-2023-53061
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix possible refcount leak in smb2open Reference count of acls will leak when memory allocation fails. Fix this by adding the missing posixaclrelease...
CVE-2023-53056
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Synchronize the IOCB count to be in order A system hang was observed with the following call trace: BUG: kernel NULL pointer dereference, address: 0000000000000000 PGD 0 P4D 0 Oops: 0000 1 PREEMPT SMP NOPTI CPU: 15...
CVE-2023-53047
In the Linux kernel, the following vulnerability has been resolved: tee: amdtee: fix race condition in amdteeopensession There is a potential race condition in amdteeopensession that may lead to use-after-free. For instance, in amdteeopensession after sess-sessmask is set, and before setting:...
CVE-2023-53037
In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Bad drive in topology results kernel crash When the SAS Transport Layer support is enabled and a device exposed to the OS by the driver fails INQUIRY commands, the driver frees up the memory allocated for an interna...
CVE-2022-49933
Removed by vendor...
CVE-2025-23150
In the Linux kernel, the following vulnerability has been resolved: ext4: fix off-by-one error in dosplit Syzkaller detected a use-after-free issue in ext4insertdentry that was caused by out-of-bounds access due to incorrect splitting in dosplit. BUG: KASAN: use-after-free in...
CVE-2025-23149
In the Linux kernel, the following vulnerability has been resolved: tpm: do not start chip while suspended Checking TPMCHIPFLAGSUSPENDED after the call to tpmfindgetops can lead to a spurious tpmchipstart call: 35985.503771 i2c i2c-1: Transfer while suspended 35985.503796 WARNING: CPU: 0 PID: 74 ...
Amazon Linux 2 : kernel (ALAS-2025-2834)
The version of kernel installed on the remote host is prior to 4.14.330-250.540. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2834 advisory. A use-after-free flaw was found in vcsread in drivers/tty/vt/vcscreen.c in vcscreen in the Linux Kernel. In this...
Advisory ROSA-SA-2025-2856
Software: modauthopenidc 2.4.9.4 OS: ROSA Virtualization 3.0 packageevrstring: modauthopenidc-2.4.9.4-7.rv30 CVE-ID: CVE-2024-24814 BDU-ID: 2024-02794 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the authentication and authorization module for Apache 2.x HTTP server Modauthopenidc is associated...
Advisory ROSA-SA-2025-2851
Software: httpd 2.4.37 OS: ROSA Virtualization 2.1 packageevrstring: httpd-2.4.37-65.0.1.rv3.3 CVE-ID: CVE-2023-27522 BDU-ID: 2023-02021 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the modproxyuwsgi component of the Apache HTTP Server web server is related to flaws in HTTP request handling...
PT-2025-22174
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability has been resolved in the Linux kernel. The issue concerns the ice vc add fdir fltr function, where a null pointer check is required on the return value of ice get vf vsi...
CVE-2025-39989
In the Linux kernel, the following vulnerability has been resolved: x86/mce: use iscopyfromuser to determine copy-from-user context Patch series "mm/hwpoison: Fix regressions in memory failure handling", v4. 1. What am I trying to do: This patchset resolves two critical regressions related to...
CVE-2025-39728
In the Linux kernel, the following vulnerability has been resolved: clk: samsung: Fix UBSAN panic in samsungclkinit With UBSANARRAYBOUNDS=y, I'm hitting the below panic due to dereferencing ctx-clkdata.hws before setting ctx-clkdata.num = nrclks. Move that up to fix the crash. UBSAN: array index...