10768 matches found
SUSE CVE-2023-53324
In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp5: Don't leak some plane state Apparently no one noticed that mdp5 plane states leak like a sieve ever since we introduced planestate-commit refcount a few years ago in 21a01abbe32a "drm/atomic: Fix freeing...
DEBIAN-CVE-2022-50347
In the Linux kernel, the following vulnerability has been resolved: mmc: rtsxusbsdmmc: fix return value check of mmcaddhost mmcaddhost may return error, if we ignore its return value, the memory that allocated in mmcallochost will be leaked and it will lead a kernel crash because of deleting not...
DEBIAN-CVE-2025-39833
In the Linux kernel, the following vulnerability has been resolved: mISDN: hfcpci: Fix warning when deleting uninitialized timer With CONFIGDEBUGOBJECTSTIMERS unloading hfcpci module leads to the following splat: 250.215892 ODEBUG: assertinit not available active state 0 object: ffffffffc01a3dc0...
CVE-2025-39828
In the Linux kernel, the following vulnerability has been resolved: atm: atmtcp: Prevent arbitrary write in atmtcprecvcontrol. syzbot reported the splat below. 0 When atmtcpvopen or atmtcpvclose is called via connect or close, atmtcpsendcontrol is called to send an in-kernel special message. The...
CVE-2023-53300
In the Linux kernel, the following vulnerability has been resolved: media: hi846: Fix memleak in hi846initcontrols hi846initcontrols doesn't clean the allocated ctrlhdlr in case there is a failure, which causes memleak. Add v4l2ctrlhandlerfree to free the resource properly...
CVE-2023-53268 ASoC: fsl_mqs: move of_node_put() to the correct location
In the Linux kernel, the following vulnerability has been resolved: ASoC: fslmqs: move ofnodeput to the correct location ofnodeput should have been done directly after mqspriv-regmap = sysconnodetoregmapgprnp; otherwise it creates a reference leak on the success path. To fix this, ofnodeput is...
CVE-2023-53268 ASoC: fsl_mqs: move of_node_put() to the correct location
In the Linux kernel, the following vulnerability has been resolved: ASoC: fslmqs: move ofnodeput to the correct location ofnodeput should have been done directly after mqspriv-regmap = sysconnodetoregmapgprnp; otherwise it creates a reference leak on the success path. To fix this, ofnodeput is...
CVE-2023-53268
The CVE-2023-53268 entry concerns the Linux kernel ASoC: fsl_mqs component. A use-after-success reference leak occurred due to of_node_put() not being invoked at the correct point after mqs_priv->regmap = syscon_node_to_regmap(gpr_np). The fix moves of_node_put() to the proper location and con...
CVE-2023-53268
In the Linux kernel, the following vulnerability has been resolved: ASoC: fslmqs: move ofnodeput to the correct location ofnodeput should have been done directly after mqspriv-regmap = sysconnodetoregmapgprnp; otherwise it creates a reference leak on the success path. To fix this, ofnodeput is...
PT-2025-37873
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A reference leak exists in the ASoC fsl mqs driver due to an incorrect placement of the of node put function. Specifically, of node put should have been called immediately after mqs...
PT-2025-37905
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The hi846 init controls function does not properly free allocated memory ctrl hdlr in case of failure, leading to a memory leak. The issue is resolved by adding v4l2 ctrl handler free ...
DEBIAN-CVE-2023-53220
In the Linux kernel, the following vulnerability has been resolved: media: az6007: Fix null-ptr-deref in az6007i2cxfer In az6007i2cxfer, msg is controlled by user. When msgi.buf is null and msgi.len is zero, former checks on msgi.buf would be passed. Malicious data finally reach az6007i2cxfer. If...
CVE-2022-50329
In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix uaf for bfqq in bfqexiticqbfqq Commit 64dc8c732f5c "block, bfq: fix possible uaf for 'bfqq-bic'" will access 'bic-bfqq' in bicsetbfqq, however, bfqexiticqbfqq can free bfqq first, and then call bicsetbfqq, which...
CVE-2022-50325
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fix potential RX buffer overflow If an event caused firmware to return invalid RX size for LARGECONFIGGET, memcpyfromio could end up copying too many bytes. Fix by utilizing mint...
UBUNTU-CVE-2022-50308
In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: Add checks for devmkcalloc As the devmkcalloc may return NULL, the return value needs to be checked to avoid NULL poineter dereference...
UBUNTU-CVE-2023-53219
In the Linux kernel, the following vulnerability has been resolved: media: netupunidvb: fix use-after-free at deltimer When Universal DVB card is detaching, netupunidvbdmafini uses deltimer to stop dma-timeout timer. But when timer handler netupunidvbdmatimeout is running, deltimer could not stop...
UBUNTU-CVE-2022-50311
In the Linux kernel, the following vulnerability has been resolved: cxl: Fix refcount leak in cxlcalccapprouting ofgetnextparent returns a node pointer with refcount incremented, we should use ofnodeput on it when not need anymore. This function only calls ofnodeput in normal path, missing it in...
CVE-2022-50329
CVE-2022-50329 affects the Linux kernel’s block/bfq subsystem. The root cause was a use-after-free: bfqq could be freed in bfq_exit_icq_bfqq() and then used in bic_set_bfqq(), leading to UAF. The fix reorders operations by moving bfq_exit_bfqq() behind bic_set_bfqq(), preventing the invalid access.
CVE-2022-50308 ASoC: qcom: Add checks for devm_kcalloc
In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: Add checks for devmkcalloc As the devmkcalloc may return NULL, the return value needs to be checked to avoid NULL poineter dereference...
CVE-2022-50308
The CVE-2022-50308 entry concerns a Linux kernel ASoC issue for Qualcomm components. Root cause: devm_kcalloc may return NULL, so the return value must be checked to prevent NULL pointer dereference. The connected advisories confirm a patch to add checks in ASoC: qcom, resolving the vulnerability...