6205 matches found
SUSE CVE-2025-21773
In the Linux kernel, the following vulnerability has been resolved: can: etases58x: fix potential NULL pointer dereference on udev-serial The driver assumed that es58xdev-udev-serial could never be NULL. While this is true on commercially available devices, an attacker could spoof the device...
SUSE CVE-2025-21776
In the Linux kernel, the following vulnerability has been resolved: USB: hub: Ignore non-compliant devices with too many configs or interfaces Robert Morris created a test program which can cause usbhubtostructhub to dereference a NULL or inappropriate pointer: Oops: general protection fault,...
PT-2025-9109 · Minut · Minut M2
Name of the Vulnerable Software and Affected Versions: Minut M2 version 15142 Description: The issue allows physically proximate attackers to extract cryptographic keys from the internal flash of Minut M2 devices with the specified firmware version. This can be used to inject modified firmware in...
CVE-2025-21773
In the Linux kernel, the following vulnerability has been resolved: can: etases58x: fix potential NULL pointer dereference on udev-serial The driver assumed that es58xdev-udev-serial could never be NULL. While this is true on commercially available devices, an attacker could spoof the device...
AZL-57929 CVE-2025-21773 affecting package kernel for versions less than 6.6.79.1-1
In the Linux kernel, the following vulnerability has been resolved: can: etases58x: fix potential NULL pointer dereference on udev-serial The driver assumed that es58xdev-udev-serial could never be NULL. While this is true on commercially available devices, an attacker could spoof the device...
DEBIAN-CVE-2025-21773
In the Linux kernel, the following vulnerability has been resolved: can: etases58x: fix potential NULL pointer dereference on udev-serial The driver assumed that es58xdev-udev-serial could never be NULL. While this is true on commercially available devices, an attacker could spoof the device...
CVE-2024-58007
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: socinfo: Avoid out of bounds read of serial number On MSM8916 devices, the serial number exposed in sysfs is constant and does not change across individual devices. It's always: db410c:/sys/devices/soc0$ cat serialnumb...
DEBIAN-CVE-2024-58007
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: socinfo: Avoid out of bounds read of serial number On MSM8916 devices, the serial number exposed in sysfs is constant and does not change across individual devices. It's always: db410c:/sys/devices/soc0$ cat serialnumb...
UBUNTU-CVE-2025-21773
In the Linux kernel, the following vulnerability has been resolved: can: etases58x: fix potential NULL pointer dereference on udev-serial The driver assumed that es58xdev-udev-serial could never be NULL. While this is true on commercially available devices, an attacker could spoof the device...
UBUNTU-CVE-2024-58007
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: socinfo: Avoid out of bounds read of serial number On MSM8916 devices, the serial number exposed in sysfs is constant and does not change across individual devices. It's always: db410c:/sys/devices/soc0$ cat serialnumb...
SUSE CVE-2022-49073
In the Linux kernel, the following vulnerability has been resolved: ata: satadwc460ex: Fix crash due to OOB write the driver uses libata's "tag" values from in various arrays. Since the mentioned patch bumped the ATATAGINTERNAL to 32, the value of the SATADWCQCMDMAX needs to account for that...
SUSE CVE-2022-49173
In the Linux kernel, the following vulnerability has been resolved: spi: fsi: Implement a timeout for polling status The data transfer routines must poll the status register to determine when more data can be shifted in or out. If the hardware gets into a bad state, these polling loops may never...
SUSE CVE-2022-49304
In the Linux kernel, the following vulnerability has been resolved: drivers: tty: serial: Fix deadlock in sa1100settermios There is a deadlock in sa1100settermios, which is shown below: Thread 1 | Thread 2 | sa1100enablems sa1100settermios | modtimer spinlockirqsave //1 | wait a time ... |...
SUSE CVE-2022-49475
In the Linux kernel, the following vulnerability has been resolved: spi: spi-fsl-qspi: check return value after calling platformgetresourcebyname It will cause null-ptr-deref if platformgetresourcebyname returns NULL, we need check the return value...
SUSE CVE-2022-49613
In the Linux kernel, the following vulnerability has been resolved: serial: 8250: Fix PM usagecount for console handover When console is enabled, univ8250consolesetup calls serial8250consolesetup before .dev is set to uartport. Therefore, it will not call pmruntimegetsync. Later, when the actual...
SUSE CVE-2022-49661
In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbopen/close: fix memory leak The gsusb driver appears to suffer from a malady common to many USB CAN adapter drivers in that it performs usballoccoherent to allocate a number of USB request blocks URBs for RX, and...
CVE-2025-21773 can: etas_es58x: fix potential NULL pointer dereference on udev->serial
In the Linux kernel, the following vulnerability has been resolved: can: etases58x: fix potential NULL pointer dereference on udev-serial The driver assumed that es58xdev-udev-serial could never be NULL. While this is true on commercially available devices, an attacker could spoof the device...
CVE-2025-21773
In the Linux kernel, the following vulnerability has been resolved: can: etases58x: fix potential NULL pointer dereference on udev-serial The driver assumed that es58xdev-udev-serial could never be NULL. While this is true on commercially available devices, an attacker could spoof the device...
DEBIAN-CVE-2025-21708
In the Linux kernel, the following vulnerability has been resolved: net: usb: rtl8150: enable basic endpoint checking Syzkaller reports 1 encountering a common issue of utilizing a wrong usb endpoint type during URB submitting stage. This, in turn, triggers a warning shown below. For now, enable...
UBUNTU-CVE-2025-21726
In the Linux kernel, the following vulnerability has been resolved: padata: avoid UAF for reorderwork Although the previous patch can avoid ps and ps UAF for doserial, it can not avoid potential UAF issue for reorderwork. This issue can happen just as below: cryptorequest cryptorequest cryptodela...