526 matches found
CVE-2025-20234
A vulnerability in Universal Disk Format UDF processing of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to a memory overread during UDF file scanning. An attacker could exploit this vulnerability...
CVE-2022-50071
In the Linux kernel, the following vulnerability has been resolved: mptcp: move subflow cleanup in mptcpdestroycommon If the mptcp socket creation fails due to a CGROUPINETSOCKCREATE eBPF program, the MPTCP protocol ends-up leaking all the subflows: the related cleanup happens in mptcpdestroysock...
CVE-2022-49972
In the Linux kernel, the following vulnerability has been resolved: xsk: Fix corrupted packets for XDPSHAREDUMEM Fix an issue in XDPSHAREDUMEM mode together with aligned mode where packets are corrupted for the second and any further sockets bound to the same umem. In other words, this does not...
CVE-2022-50124
In the Linux kernel, the following vulnerability has been resolved: ASoC: mt6797-mt6351: Fix refcount leak in mt6797mt6351devprobe ofparsephandle returns a node pointer with refcount incremented, we should use ofnodeput on it when not need anymore. Add missing ofnodeput to avoid refcount leak...
CVE-2022-50063
In the Linux kernel, the following vulnerability has been resolved: net: dsa: felix: suppress non-changes to the tagging protocol The way in which dsatreechangetagproto works is that when dsatreenotify fails, it doesn't know whether the operation failed mid way in a multi-switch tree, or it faile...
CVE-2022-49939
In the Linux kernel, the following vulnerability has been resolved: binder: fix UAF of ref-proc caused by race condition A transaction of type BINDERTYPEWEAKHANDLE can fail to increment the reference for a node. In this case, the target proc normally releases the failed reference upon close as...
CVE-2022-50092
In the Linux kernel, the following vulnerability has been resolved: dm thin: fix use-after-free crash in dmsmregisterthresholdcallback Fault inject on pool metadata device reports: BUG: KASAN: use-after-free in dmpoolregistermetadatathreshold+0x40/0x80 Read of size 8 at addr ffff8881b9d50068 by...
CVE-2022-49998
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix locking in rxrpc's sendmsg Fix three bugs in the rxrpc's sendmsg implementation: 1 rxrpcnewclientcall should release the socket lock when returning an error from rxrpcgetcallslot. 2 rxrpcwaitfortxwindowintr will return...
CVE-2022-50030
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Prevent buffer overflow crashes in debugfs with malformed user input Malformed user input to debugfs results in buffer overflow crashes. Adapt input string lengths to fit within internal buffers, leaving space for NUL...
CVE-2022-49953
In the Linux kernel, the following vulnerability has been resolved: iio: light: cm3605: Fix an error handling path in cm3605probe The commit in Fixes also introduced a new error handling path which should goto the existing error handling path. Otherwise some resources leak...
CVE-2022-50004
In the Linux kernel, the following vulnerability has been resolved: xfrm: policy: fix metadata dst-dev xmit null pointer dereference When we try to transmit an skb with metadatadst attached i.e. dst-dev == NULL through xfrm interface we can hit a null pointer dereference1 in xfrmixmit2 -...
CVE-2025-38005
In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: k3-udma: Add missing locking Recent kernels complain about a missing lock in k3-udma.c when the lock validator is enabled: 4.128073 WARNING: CPU: 0 PID: 746 at drivers/dma/ti/../virt-dma.h:169...
CVE-2025-22241
File contents overwrite the VirtKey class is called when “on-demand pillar” data is requested and uses un-validated input to create paths to the “pki directory”. The functionality is used to auto-accept Minion authentication keys based on a pre-placed “authorization file” at a specific location a...
CVE-2025-38004
In the Linux kernel, the following vulnerability has been resolved: can: bcm: add locking for bcmop runtime updates The CAN broadcast manager CAN BCM can send a sequence of CAN frames via hrtimer. The content and also the length of the sequence can be changed resp reduced at runtime where the...
CVE-2025-48994
SignXML is an implementation of the W3C XML Signature standard in Python. When verifying signatures with X509 certificate validation turned off and HMAC shared secret set signxml.XMLVerifier.verifyrequirex509=False, hmackey=..., versions of SignXML prior to 4.0.4 are vulnerable to a potential...
CVE-2025-37993
In the Linux kernel, the following vulnerability has been resolved: can: mcan: mcanclassallocatedev: initialize spin lock on device probe The spin lock txhandlingspinlock in struct mcanclassdev is not being initialized. This leads the following spinlock bad magic complaint from the kernel, eg. wh...
CVE-2025-37994
In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: displayport: Fix NULL pointer access This patch ensures that the UCSI driver waits for all pending tasks in the ucsidisplayportwork workqueue to finish executing before proceeding with the partner removal...
CVE-2025-37974
In the Linux kernel, the following vulnerability has been resolved: s390/pci: Fix missing check for zpcicreatedevice error return The zpcicreatedevice function returns an error pointer that needs to be checked before dereferencing it as a struct zpcidev pointer. Add the missing check in clpadd...
CVE-2025-37938
In the Linux kernel, the following vulnerability has been resolved: tracing: Verify event formats that have "%p.." The trace event verifier checks the formats of trace events to make sure that they do not point at memory that is not in the trace event itself or in data that will never be freed. I...
CVE-2025-22233
CVE-2024-38820 ensured Locale-independent, lowercase conversion for both the configured disallowedFields patterns and for request parameter names. However, there are still cases where it is possible to bypass the disallowedFields checks. Affected Spring Products and Versions Spring Framework: 6.2...