Lucene search
K

26 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi: avoid null dereference in deinit. If venusprobe fails at pmruntimeputsync, it first calls hfiDestroy, and then hficoredeinit. Since hfiDestroy sets core-ops to NULL, hficoredeinit can no longer call the...

5.5CVSS5.6AI score0.0025EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.5 views

Azure Linux 3.0 Security Update: kernel (CVE-2025-23159)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-23159 advisory. - In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi: add a check to handle...

5.5CVSS5.3AI score0.00176EPSS
Exploits0References2
OSV
OSV
added 2025/11/24 1:12 p.m.7 views

CLSA-2025-1763989962 Fix of 8 CVEs

CVE-url: https://ubuntu.com/security/CVE-2025-38352 - posix-cpu-timers: fix race between handleposixcputimers and posixcputimerdel CVE-url: https://ubuntu.com/security/CVE-2022-25265 - x86/elf: Add table to document READIMPLIESEXEC - x86/elf: Split READIMPLIESEXEC from executable PTGNUSTACK -...

7.8CVSS7.1AI score0.01345EPSS
Exploits9References1
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.2 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-989949)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989949 advisory. In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi: avoid null dereference in deinit If venusprobe fails at pmruntimeputsync the...

5.5CVSS5.7AI score0.0025EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.2 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989745)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989745 advisory. In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi: avoid null dereference in deinit If venusprobe fails at pmruntimeputsync the...

5.5CVSS5.7AI score0.0025EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.3 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-986441)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986441 advisory. In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi: avoid null dereference in deinit If venusprobe fails at pmruntimeputsync the...

5.5CVSS5.7AI score0.0025EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.2 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987394)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987394 advisory. In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi: avoid null dereference in deinit If venusprobe fails at pmruntimeputsync the...

5.5CVSS5.7AI score0.0025EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/08/15 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-23158

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: venus: hfi: add check to handle incorrect queue size qsize represents size of shared queued between driver and video firmware. Firmware can modify this...

7.8CVSS6.7AI score0.00185EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/15 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2025-23157

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: venus: hfiparser: add check to avoid out of bound access There is a possibility that initcodecs is invoked multiple times during manipulated payload from...

7.1CVSS6.7AI score0.0018EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: Media: Venus: HFI – Add a check to handle incorrect queue size. qsize represents the size of the shared queue between the driver and the firmware. The firmware can modify this value to an invalid, large value. In such situations,...

7.8CVSS6.2AI score0.00185EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/05/02 2:3 a.m.3 views

SUSE CVE-2025-23158

In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi: add check to handle incorrect queue size qsize represents size of shared queued between driver and video firmware. Firmware can modify this value to an invalid large value. In such situation, emptyspace will be...

5.5CVSS7.7AI score0.00185EPSS
Exploits0References16
SUSE CVE
SUSE CVE
added 2025/05/02 2:3 a.m.10 views

SUSE CVE-2025-23159

In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi: add a check to handle OOB in sfr region sfr-bufsize is in shared memory and can be modified by malicious user. OOB write is possible when the size is made higher than actual sfr data buffer. Cap the size to...

5.5CVSS7.7AI score0.00176EPSS
Exploits0References16
OSV
OSV
added 2025/05/01 1:15 p.m.2 views

DEBIAN-CVE-2025-23158

In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi: add check to handle incorrect queue size qsize represents size of shared queued between driver and video firmware. Firmware can modify this value to an invalid large value. In such situation, emptyspace will be...

7.8CVSS5.7AI score0.00185EPSS
Exploits0References1
OSV
OSV
added 2025/05/01 1:15 p.m.4 views

UBUNTU-CVE-2025-23158

In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi: add check to handle incorrect queue size qsize represents size of shared queued between driver and video firmware. Firmware can modify this value to an invalid large value. In such situation, emptyspace will be...

7.8CVSS6.2AI score0.00185EPSS
Exploits0References41
OSV
OSV
added 2025/05/01 1:15 p.m.2 views

UBUNTU-CVE-2025-23159

In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi: add a check to handle OOB in sfr region sfr-bufsize is in shared memory and can be modified by malicious user. OOB write is possible when the size is made higher than actual sfr data buffer. Cap the size to...

5.5CVSS6.2AI score0.00176EPSS
Exploits0References41
Cvelist
Cvelist
added 2025/05/01 12:55 p.m.11 views

CVE-2025-23159 media: venus: hfi: add a check to handle OOB in sfr region

In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi: add a check to handle OOB in sfr region sfr-bufsize is in shared memory and can be modified by malicious user. OOB write is possible when the size is made higher than actual sfr data buffer. Cap the size to...

0.00176EPSS
Exploits0References9
OSV
OSV
added 2025/05/01 12:55 p.m.13 views

CVE-2025-23159 media: venus: hfi: add a check to handle OOB in sfr region

In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi: add a check to handle OOB in sfr region sfr-bufsize is in shared memory and can be modified by malicious user. OOB write is possible when the size is made higher than actual sfr data buffer. Cap the size to...

5.5CVSS6.1AI score0.00176EPSS
Exploits0References14
Positive Technologies
Positive Technologies
added 2025/03/03 12:0 a.m.9 views

PT-2025-18411

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, specifically in the media: venus: hfi parser component. The issue arises when the init codecs function is invoked multiple times...

7.1CVSS6.6AI score0.0018EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/03/03 12:0 a.m.9 views

PT-2025-18413

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved. The issue is related to the media: venus: hfi component, where a check has been added to handle out-of-bounds OOB writes in the sfr...

5.5CVSS6.8AI score0.00176EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/03/03 12:0 a.m.7 views

PT-2025-18412

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability has been resolved in the Linux kernel, specifically in the media: venus: hfi component. The issue arises when the firmware modifies the qsize value to an invalid large...

7.8CVSS6.6AI score0.00185EPSS
Exploits0
Rows per page
Query Builder