152 matches found
UBUNTU-CVE-2024-58086
In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Stop active perfmon if it is being destroyed If the active performance monitor v3d-activeperfmon is being destroyed, stop it first. Currently, the active perfmon is not stopped during destruction, leaving the...
SUSE CVE-2022-49425
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix dereference of stale list iterator after loop body The list iterator variable will be a bogus pointer if no break was hit. Dereferencing it cur-page in this case could load an out-of-bounds/undefined value making it...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: drm/mgag200: Binding the I2C lifetime to the DRM device. Managed cleanup using devmaddactionorreset will release the I2C adapter when the underlying Linux device is no longer present. However, the connector still refers to it, so...
PT-2025-30875
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a time-of-check-to-time-of-use TOCTOU vulnerability in the vsock transport mechanism. A race condition can occur between transport assignment and module...
scsi: wd33c93: Don't use stale scsi_pointer value
...
SUSE CVE-2024-50187
In the Linux kernel, the following vulnerability has been resolved: drm/vc4: Stop the active perfmon before being destroyed Upon closing the file descriptor, the active performance monitor is not stopped. Although all perfmons are destroyed in vc4perfmonclosefile, the active performance monitor's...
AZL-53723 CVE-2024-50187 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: drm/vc4: Stop the active perfmon before being destroyed Upon closing the file descriptor, the active performance monitor is not stopped. Although all perfmons are destroyed in vc4perfmonclosefile, the active performance monitor's...
DEBIAN-CVE-2024-50187
In the Linux kernel, the following vulnerability has been resolved: drm/vc4: Stop the active perfmon before being destroyed Upon closing the file descriptor, the active performance monitor is not stopped. Although all perfmons are destroyed in vc4perfmonclosefile, the active performance monitor's...
UBUNTU-CVE-2024-50187
In the Linux kernel, the following vulnerability has been resolved: drm/vc4: Stop the active perfmon before being destroyed Upon closing the file descriptor, the active performance monitor is not stopped. Although all perfmons are destroyed in vc4perfmonclosefile, the active performance monitor's...
CVE-2024-50187 drm/vc4: Stop the active perfmon before being destroyed
In the Linux kernel, the following vulnerability has been resolved: drm/vc4: Stop the active perfmon before being destroyed Upon closing the file descriptor, the active performance monitor is not stopped. Although all perfmons are destroyed in vc4perfmonclosefile, the active performance monitor's...
DEBIAN-CVE-2024-44967
In the Linux kernel, the following vulnerability has been resolved: drm/mgag200: Bind I2C lifetime to DRM device Managed cleanup with devmaddactionorreset will release the I2C adapter when the underlying Linux device goes away. But the connector still refers to it, so this cleanup leaves behind a...
kernel: ext4: fix invalid free tracking in ext4_xattr_move_to_block()
A memory management flaw was found in the Linux kernel's ext4 filesystem extended attribute handling. In ext4xattrmovetoblock, when moving an extended attribute value to an external block, the code checks entry-evalueinum to determine if the buffer was allocated via kvmalloc. However, at cleanup...
DEBIAN-CVE-2024-26924
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: do not free live element Pablo reports a crash with large batches of elements with a back-to-back add/remove pattern. Quoting Pablo: addelem"00000000" timeout 100 ms ... addelem"0000000X" timeout 100 ms...
CVE-2024-26625
In the Linux kernel, the following vulnerability has been resolved: llc: call sockorphan at release time syzbot reported an interesting trace 1 caused by a stale sk-skwq pointer in a closed llc socket. In commit ff7b11aa481f "net: socket: set sock-sk to NULL after calling protoops::release" Eric...
CVE-2024-26625 llc: call sock_orphan() at release time
In the Linux kernel, the following vulnerability has been resolved: llc: call sockorphan at release time syzbot reported an interesting trace 1 caused by a stale sk-skwq pointer in a closed llc socket. In commit ff7b11aa481f "net: socket: set sock-sk to NULL after calling protoops::release" Eric...
Unbreakable Enterprise kernel security update
4.1.12-124.74.2 - kvm: initialize all of the kvmdebugregs structure before sending it to userspace Greg Kroah-Hartman Orabug: 35250098 CVE-2023-1513 - staging: rtl8712: fix use after free bugs Dan Carpenter Orabug: 35212876 CVE-2022-4095 - staging: rtl8712: rtl8712cmd.c: fixed comparison to null...
CVE-2021-21798
An exploitable return of stack variable address vulnerability exists in the JavaScript implementation of Nitro Pro PDF. A specially crafted document can cause a stack variable to go out of scope, resulting in the application dereferencing a stale pointer. This can lead to code execution under the...
CVE-2020-0079
In decrypt12 of CryptoPlugin.cpp, there is a possible out of bounds write due to stale pointer. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10Android ID...
CVE-2020-0079
In decrypt12 of CryptoPlugin.cpp, there is a possible out of bounds write due to stale pointer. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10Android ID...
CVE-2020-0033
In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds write due to stale pointer. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0...