CVE-2022-49137 drm/amd/amdgpu/amdgpu_cs: fix refcount leak of a dma_fence obj

In the Linux kernel, the following vulnerability has been resolved: drm/amd/amdgpu/amdgpucs: fix refcount leak of a dmafence obj This issue takes place in an error path in amdgpucsfencetohandleioctl. When info-in.what falls into default case, the function simply returns -EINVAL, forgetting to...

CVE-2022-49125

In the Linux kernel, the following vulnerability has been resolved: drm/sprd: fix potential NULL dereference 'drm' could be null in sprddrmshutdown, and drmwarn maybe dereference it, remove this warning log. v1 - v2: - Split checking platformgetresource return value to a separate patch - Use...

CVE-2022-49065

In CVE-2022-49065, the Linux kernel SUNRPC service saw a NULL dereference when a sunrpc svc_rqst was deferred with tracing enabled. The fix avoids relying on dr->xprt after reevaluating the trace event format; the dr::addr is converted to a presentation address and stored as a string in TP_fas...

CVE-2022-49065 SUNRPC: Fix the svc_deferred_event trace class

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix the svcdeferredevent trace class Fix a NULL deref crash that occurs when an svcrqst is deferred while the sunrpc tracing subsystem is enabled. svcrevisit sets dr-xprt to NULL, so it can't be relied upon in the...

CVE-2022-49059 nfc: nci: add flush_workqueue to prevent uaf

In the Linux kernel, the following vulnerability has been resolved: nfc: nci: add flushworkqueue to prevent uaf Our detector found a concurrent use-after-free bug when detaching an NCI device. The main reason for this bug is the unexpected scheduling between the used delayed mechanism timer and...

CVE-2021-47656 jffs2: fix use-after-free in jffs2_clear_xattr_subsystem

In the Linux kernel, the following vulnerability has been resolved: jffs2: fix use-after-free in jffs2clearxattrsubsystem When we mount a jffs2 image, assume that the first few blocks of the image are normal and contain at least one xattr-related inode, but the next block is abnormal. As a result...

CVE-2021-47656

In the Linux kernel, the following vulnerability has been resolved: jffs2: fix use-after-free in jffs2clearxattrsubsystem When we mount a jffs2 image, assume that the first few blocks of the image are normal and contain at least one xattr-related inode, but the next block is abnormal. As a result...

CVE-2021-47656 jffs2: fix use-after-free in jffs2_clear_xattr_subsystem

In the Linux kernel, the following vulnerability has been resolved: jffs2: fix use-after-free in jffs2clearxattrsubsystem When we mount a jffs2 image, assume that the first few blocks of the image are normal and contain at least one xattr-related inode, but the next block is abnormal. As a result...

CVE-2021-47648

CVE-2021-47648 is a Linux kernel issue where a memory leak could occur in the gpu: host1x path, specifically in host1x_remove(). The fix adds a missing host1x_channel_list_free() call in the remove path (consistent with error path handling in probe). Connected advisories confirm this memory-leak ...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates from post-release reuse in the jffs2clearxattrsubsystem function...

PT-2025-8212 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A memory leak issue has been identified in the Linux kernel, specifically in the coresight subsystem. The problem occurs when device registration fails in the cscfg create device...

PT-2025-8388 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A refcount leak was found in the mtk pcie subsys powerup function. The of find compatible node function returns a node pointer with refcount incremented. To fix this issue, the missing...

Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-7304-1)

The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7304-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in...

USN-7289-3 linux-ibm vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Block layer subsystem; - ACPI drivers; - GPU drivers; - HID subsystem; -...

USN-7234-5: Linux kernel vulnerabilities

Ye Zhang and Nicolas Wu discovered that the iouring subsystem in the Linux kernel did not properly handle locking for rings with IOPOLL, leading to a double-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

USN-7289-2 linux-azure-5.15, linux-azure-fde-5.15, linux-oracle-5.15 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Block layer subsystem; - ACPI drivers; - GPU drivers; - HID subsystem; -...

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-7293-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7293-1 advisory. Attila Szsz discovered that the HFS+ file system implementation in the Linux Kernel contained a heap overflow vulnerability. An attacker coul...

Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-7289-2)

"The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7289-2 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws i...

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-7291-1)

"The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7291-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...

USN-7289-1 linux-azure, linux-azure-fde, linux-gkeop, linux-nvidia, linux-oracle vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Block layer subsystem; - ACPI drivers; - GPU drivers; - HID subsystem; -...