CVE-2023-53479 cxl/acpi: Fix a use-after-free in cxl_parse_cfmws()

In the Linux kernel, the following vulnerability has been resolved: cxl/acpi: Fix a use-after-free in cxlparsecfmws KASAN and KFENCE detected an user-after-free in the CXL driver. This happens in the cxldecoderadd fail path. KASAN prints the following error: BUG: KASAN: slab-use-after-free in...

PT-2025-38544

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The asus wmi register driver function may be called concurrently from multiple drivers, leading to race conditions in list operations that can corrupt memory and cause system instability...

Ubuntu 20.04 LTS : Linux kernel (Azure) vulnerabilities (USN-7598-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7598-1 advisory. Michael Randrianantenaina discovered that the Bluetooth driver in the Linux Kernel contained an improper access control vulnerability. A nearby attacker...

USN-7592-1: Linux kernel vulnerabilities

Michael Randrianantenaina discovered that the Bluetooth driver in the Linux Kernel contained an improper access control vulnerability. A nearby attacker could use this to connect a rougue device and possibly execute arbitrary code. CVE-2024-8805 It was discovered that the CIFS network file system...

Vulnerability of the acpi_device_add() function in the drivers/acpi/scan.c module – The ACPI support driver for the Linux kernel’s core, which allows attackers to access protected information.

Vulnerability of the acpideviceadd function in the drivers/acpi/scan.c module – The ACPI support driver for the Linux kernel’s processor is vulnerable to a vulnerability where improper memory release occurs before removing the last reference point memory leak. Exploiting this vulnerability could...

USN-7186-1: Linux kernel (Intel IoTG) vulnerabilities

Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-12351 Andy Nguyen discovered that the...

PT-2023-27359 · Lenovo · Lenovo Thinkpad

Name of the Vulnerable Software and Affected Versions: Lenovo ThinkPad affected versions not specified Description: A buffer overflow has been identified in the BoardUpdateAcpiDxe driver in some Lenovo ThinkPad products which may allow an attacker with local access and elevated privileges to...

UBUNTU-CVE-2018-5750

The acpismbushcadd function in drivers/acpi/sbshc.c in the Linux kernel through 4.14.15 allows local users to obtain sensitive address information by reading dmesg data from an SBS HC printk call...

openSUSE 10 Security Update : kernel (kernel-5339)

This kernel update fixes the following security problems: CVE-2008-2136: A problem in SIT IPv6 tunnel handling could be used by remote attackers to immediately crash the machine. CVE-2008-1615: On x8664 a denial of service attack could be used by local attackers to immediately panic / crash the...