6185 matches found
CVE-2023-53693 USB: gadget: Fix the memory leak in raw_gadget driver
In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix the memory leak in rawgadget driver Currently, increasing rawdev-count happens before invoke the rawqueueevent, if the rawqueueevent return error, invoke rawrelease will not trigger the devfree to be called...
spi: cadence-quadspi: Implement refcount to handle unbind during busy
...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-49980: USB: gadget: fix use-after-free read in usbudcuevent bsc1245110. CVE-2022-50233: Bluetooth: eir: Fix using strlen with hdev-devname,shortname...
USN-7834-1: Linux kernel (Azure) vulnerabilities
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. A local attacker could possibly use this to...
PT-2025-43094
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel's USB gadget driver contains a memory leak in the raw gadget driver. Specifically, the raw dev-count is incremented before the raw queue event function is invoked. If ra...
USN-7833-1: Linux kernel vulnerabilities
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. A local attacker could possibly use this to...
CVE-2025-9574
Missing Authentication for Critical Function vulnerability in ABB ALS-mini-s4 IP, ABB ALS-mini-s8 IP.This issue affects . All firmware versions with the Serial Number from 2000 to 5166...
CVE-2025-60856
Reolink Video Doorbell WiFi DB566128M5MPW allows root shell access through an unsecured UART/serial console. An attacker with physical access can connect to the exposed interface and execute arbitrary commands with root privileges. NOTE: this is disputed by the Supplier because of "certain...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987585)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987585 advisory. In the Linux kernel, the following vulnerability has been resolved: serial: core: fix transmit-buffer reset and memleak Commit 761ed4a94582 tty: serialcore: convert...
SUSE SLES15 Security Update : kernel (SUSE-SU-2025:03626-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03626-1 advisory. The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed: ...
AlmaLinux 8 : kernel (ALSA-2025:18297)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:18297 advisory. kernel: ALSA: usb-audio: Validate UAC3 cluster segment descriptors CVE-2025-39757 kernel: ALSA: hda/ca0132: Fix buffer overflow in addtuningcontrol...
EUVD-2025-35065
In the Linux kernel, the following vulnerability has been resolved: media: stm32-csi: Fix dereference before NULL check In 'stm32csistart', 'csidev-ssubdev' is dereferenced directly while assigning a value to the 'srcpad'. However the same value is being checked against NULL at a later point of...
EUVD-2025-35078
Reolink Video Doorbell WiFi DB566128M5MPW allows root shell access through an unsecured UART/serial console. An attacker with physical access can connect to the exposed interface and execute arbitrary commands with root privileges...
CVE-2025-9574
Missing Authentication for Critical Function vulnerability in ABB ALS-mini-s4 IP, ABB ALS-mini-s8 IP.This issue affects . All firmware versions with the Serial Number from 2000 to 5166...
CVE-2025-40011 drm/gma500: Fix null dereference in hdmi teardown
In the Linux kernel, the following vulnerability has been resolved: drm/gma500: Fix null dereference in hdmi teardown pcisetdrvdata sets the value of pdev-driverdata to NULL, after which the driverdata obtained from the same dev is dereferenced in oaktrailhdmii2cexit, and the i2cdev is extracted...
CVE-2025-40004 net/9p: Fix buffer overflow in USB transport layer
In the Linux kernel, the following vulnerability has been resolved: net/9p: Fix buffer overflow in USB transport layer A buffer overflow vulnerability exists in the USB 9pfs transport layer where inconsistent size validation between packet header parsing and actual data copying allows a malicious...
kernel: ALSA: usb-audio: Validate UAC3 cluster segment descriptors
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Validate UAC3 cluster segment descriptors UAC3 class segment descriptors need to be verified whether their sizes match with the declared lengths and whether they fit with the allocated buffer sizes, too. Otherwis...
Reolink Video Doorbell WiFi DB_566128M5MP_W 安全漏洞
Reolink Video Doorbell WiFi DB566128M5MPW is a visual doorbell from Reolink USA. A security vulnerability exists in Reolink Video Doorbell WiFi DB566128M5MPW, which originates from an unprotected UART serial console, and could allow a physically accessible attacker to execute arbitrary commands...
CVE-2025-60856
Reolink Video Doorbell WiFi DB566128M5MPW allows root shell access through an unsecured UART/serial console. An attacker with physical access can connect to the exposed interface and execute arbitrary commands with root privileges. NOTE: this is disputed by the Supplier because of "certain...
PT-2025-42789
Name of the Vulnerable Software and Affected Versions ABB ALS-mini-s4 IP ABB ALS-mini-s8 IP versions with Serial Number 2000 through 5166 Description A critical issue exists in ABB ALS-mini-s4 IP and ABB ALS-mini-s8 IP devices where certain critical functions can be accessed without authenticatio...