CVE-2025-6497

A vulnerability was found in HTACG tidy-html5 5.8.0. It has been rated as problematic. This issue affects the function prvTidyParseNamespace of the file src/parser.c. The manipulation leads to reachable assertion. Attacking locally is a requirement. The exploit has been disclosed to the public an...

CVE-2025-6490

A vulnerability was found in sparklemotion nokogiri c29c920907366cb74af13b4dc2230e9c9e23b833 and classified as problematic. This issue affects the function hashmapsetwithhash of the file gumbo-parser/src/hashmap.c. The manipulation leads to heap-based buffer overflow. An attack has to be approach...

CVE-2025-6275

A vulnerability was found in WebAssembly wabt up to 1.0.37. It has been declared as problematic. Affected by this vulnerability is the function GetFuncOffset of the file src/interp/binary-reader-interp.cc. The manipulation leads to use after free. It is possible to launch the attack on the local...

CVE-2022-50191

In the Linux kernel, the following vulnerability has been resolved: regulator: of: Fix refcount leak bug in ofgetregulationconstraints We should call the ofnodeput for the reference returned by ofgetchildbyname which has increased the refcount...

CVE-2022-50149

In the Linux kernel, the following vulnerability has been resolved: driver core: fix potential deadlock in driverattach In driverattach function, There are also AA deadlock problem, like the commit b232b02bf3c2 "driver core: fix deadlock in deviceattach". stack like commit b232b02bf3c2 "driver...

CVE-2022-50086

In the Linux kernel, the following vulnerability has been resolved: block: don't allow the same type rqqos add more than once In our test of iocost, we encountered some list add/del corruptions of innerwalk list in ioctimerfn. The reason can be described as follows: cpu 0 cpu 1 iocqoswrite...

CVE-2022-50063

In the Linux kernel, the following vulnerability has been resolved: net: dsa: felix: suppress non-changes to the tagging protocol The way in which dsatreechangetagproto works is that when dsatreenotify fails, it doesn't know whether the operation failed mid way in a multi-switch tree, or it faile...

CVE-2022-49996

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix possible memory leak in btrfsgetdevargsfrompath In btrfsgetdevargsfrompath, btrfsgetbdevandsb can fail if the path is invalid. In this case, btrfsgetdevargsfrompath returns directly without freeing args-uuid and...

CVE-2022-50202

In the Linux kernel, the following vulnerability has been resolved: PM: hibernate: defer device probing when resuming from hibernation syzbot is reporting hung task at miscopen 1, for there is a race window of AB-BA deadlock which involves probecount variable. Currently waitfordeviceprobe from...

CVE-2022-50008

In the Linux kernel, the following vulnerability has been resolved: kprobes: don't call disarmkprobe for disabled kprobes The assumption in disablekprobe is wrong, and it could try to disarm an already disarmed kprobe and fire the WARNONCE below. 0 We can easily reproduce this issue. 1. Write 0 t...

CVE-2022-49937

In the Linux kernel, the following vulnerability has been resolved: media: mceusb: Use new usbcontrolmsg routines Automatic kernel fuzzing led to a WARN about invalid pipe direction in the mceusb driver: ------------ cut here ------------ usb 6-1: BOGUS control dir, pipe 80000380 doesn't match...

CVE-2022-50155

In the Linux kernel, the following vulnerability has been resolved: mtd: parsers: ofpart: Fix refcount leak in bcm4908partitionsfwoffset offindnodebypath returns a node pointer with refcount incremented, we should use ofnodeput on it when not need anymore. Add missing ofnodeput to avoid refcount...

CVE-2022-49981

In the Linux kernel, the following vulnerability has been resolved: HID: hidraw: fix memory leak in hidrawrelease Free the buffered reports before deleting the list entry. BUG: memory leak unreferenced object 0xffff88810e72f180 size 32: comm "softirq", pid 0, jiffies 4294945143 age 16.080s hex du...

CVE-2022-50106

In the Linux kernel, the following vulnerability has been resolved: powerpc/cell/axonmsi: Fix refcount leak in setupmsimsgaddress ofgetnextparent returns a node pointer with refcount incremented, we should use ofnodeput on it when not need anymore. Add missing ofnodeput in the error path to avoid...

CVE-2022-50001

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfttproxy: restrict to prerouting hook TPROXY is only allowed from prerouting, but nfttproxy doesn't check this. This fixes a crash null dereference when using tproxy from e.g. output...

CVE-2022-49961

In the Linux kernel, the following vulnerability has been resolved: bpf: Do markchainprecision for ARGCONSTALLOCSIZEORZERO Precision markers need to be propagated whenever we have an ARGCONST style argument, as the verifier cannot consider imprecise scalars to be equivalent for the purposes of...

CVE-2022-49980

In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix use-after-free Read in usbudcuevent The syzbot fuzzer found a race between uevent callbacks and gadget driver unregistration that can cause a use-after-free bug:...

CVE-2022-50097

In the Linux kernel, the following vulnerability has been resolved: video: fbdev: s3fb: Check the size of screen before memsetio In the function s3fbsetpar, the value of 'screensize' is calculated by the user input. If the user provides the improper value, the value of 'screensize' may larger tha...

CVE-2022-50040

In the Linux kernel, the following vulnerability has been resolved: net: dsa: sja1105: fix buffer overflow in sja1105setupdevlinkregions If an error occurs in dsadevlinkregioncreate, then 'priv-regions' array will be accessed by negative index '-1'. Found by Linux Verification Center...

CVE-2022-49982

In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix memory leak in pvrprobe The error handling code in pvr2hdwcreate forgets to unregister the v4l2 device. When pvr2hdwcreate returns back to pvr2contextcreate, it calls pvr2contextdestroy to destroy context, but...