UBUNTU-CVE-2024-57981

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Fix NULL pointer dereference on certain command aborts If a command is queued to the final usable TRB of a ring segment, the enqueue pointer is advanced to the subsequent link TRB and no further. If the command is late...

UBUNTU-CVE-2024-57987

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btrtl: check for NULL in btrtlsetuprealtek If insert an USB dongle which chip is not maintained in icidtable, it will hit the NULL point accessed. Add a null point check to avoid the Kernel Oops...

CVE-2024-58007 soc: qcom: socinfo: Avoid out of bounds read of serial number

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: socinfo: Avoid out of bounds read of serial number On MSM8916 devices, the serial number exposed in sysfs is constant and does not change across individual devices. It's always: db410c:/sys/devices/soc0$ cat serialnumb...

CVE-2024-58007 soc: qcom: socinfo: Avoid out of bounds read of serial number

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: socinfo: Avoid out of bounds read of serial number On MSM8916 devices, the serial number exposed in sysfs is constant and does not change across individual devices. It's always: db410c:/sys/devices/soc0$ cat serialnumb...

CVE-2024-58007

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: socinfo: Avoid out of bounds read of serial number On MSM8916 devices, the serial number exposed in sysfs is constant and does not change across individual devices. It's always: db410c:/sys/devices/soc0$ cat serialnumb...

CVE-2024-58007

CVE-2024-58007 affects the Linux kernel in the soc: qcom: socinfo path, specifically on MSM8916 devices where the sysfs serial_number is constant. The root cause is an out-of-bounds read of the serial_num field in the socinfo structure due to checking the start offset instead of the end when vali...

CVE-2025-21726

In the Linux kernel, the following vulnerability has been resolved: padata: avoid UAF for reorderwork Although the previous patch can avoid ps and ps UAF for doserial, it can not avoid potential UAF issue for reorderwork. This issue can happen just as below: cryptorequest cryptorequest cryptodela...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the USB hub not properly handling non-compliant devices, which could result in a null pointer dereference...

Motorola Mobility Droid Razr HD (Model XT926) System 访问控制错误漏洞

The Motorola Mobility Droid Razr HD Model XT926 System is an Android system from Motorola USA that comes with the Motorola Droid Razr HD cell phone. It is used to drive and manage the features of the Motorola Droid Razr HD cell phone. A security vulnerability exists in the Motorola Mobility Droid...

PT-2025-8779 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to the version containing the fix for the issue described Description: A specific error path in probe functions in wilc drivers can lead to a kernel panic. This issue is due to a recent change decoupling wiphy...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates from an out-of-bounds read in the soc: qcom: socinfo module when reading serial numbers...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the etases58x driver not checking for udev-serial, which could lead to a null pointer dereference...

USN-7294-1 linux-azure, linux-azure-5.4, linux-bluefield, linux-gcp, linux-gcp-5.4, linux-ibm-5.4 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - ACPI drivers; - Drivers core; - ATA over ethernet AOE driver; - TPM...

USN-7295-1 linux-xilinx-zynqmp vulnerabilities

Ye Zhang and Nicolas Wu discovered that the iouring subsystem in the Linux kernel did not properly handle locking for rings with IOPOLL, leading to a double-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

USN-7291-1 linux-gcp, linux-gcp-5.15, linux-gke vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Block layer subsystem; - ACPI drivers; - GPU drivers; - HID subsystem; -...

DEBIAN-CVE-2022-49713

In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: Fix memory leak in dwc2hcdinit usbcreatehcd will alloc memory for hcd, and we should call usbputhcd to free it when platformgetresource fails to prevent memory leak. goto error2 label instead error1 to fix this...

DEBIAN-CVE-2022-49613

In the Linux kernel, the following vulnerability has been resolved: serial: 8250: Fix PM usagecount for console handover When console is enabled, univ8250consolesetup calls serial8250consolesetup before .dev is set to uartport. Therefore, it will not call pmruntimegetsync. Later, when the actual...

CVE-2022-49613

In the Linux kernel, the following vulnerability has been resolved: serial: 8250: Fix PM usagecount for console handover When console is enabled, univ8250consolesetup calls serial8250consolesetup before .dev is set to uartport. Therefore, it will not call pmruntimegetsync. Later, when the actual...

DEBIAN-CVE-2022-49392

In the Linux kernel, the following vulnerability has been resolved: serial: 8250aspeedvuart: Fix potential NULL dereference in aspeedvuartprobe platformgetresource may fail and return NULL, so we should better check it's return value to avoid a NULL pointer dereference...

DEBIAN-CVE-2022-49304

In the Linux kernel, the following vulnerability has been resolved: drivers: tty: serial: Fix deadlock in sa1100settermios There is a deadlock in sa1100settermios, which is shown below: Thread 1 | Thread 2 | sa1100enablems sa1100settermios | modtimer spinlockirqsave //1 | wait a time ... |...