GHSA-G9WW-X58F-9G6M Contrast BadAML injection allows arbitrary code execution

BadAML BadAML is an AML injection attack that exploits the ACPI interface and allows arbitrary code execution in a confidential VM. The attack was first published in 2024: - - Impact An attacker with control over the host which is assumed in the attacker model of Contrast can execute malicious AM...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003306)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003306 advisory. The acpinsevaluate function in drivers/acpi/acpica/nseval.c in the Linux kernel through 4.12.9 does not flush the operand cache and causes a kernel stack dump, which...

PT-2025-52881

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to the ALSA subsystem and the cs35l41 codec. Specifically, the cs35l41 hda read acpi function may experience a NULL pointer dereference if acpi...

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-56662)

acpi: nfit: vmalloc-out-of-bounds Read in acpinfitctl. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504700; scriptversion"1.3";...

CVE-2025-39937 net: rfkill: gpio: Fix crash due to dereferencering uninitialized pointer

In the Linux kernel, the following vulnerability has been resolved: net: rfkill: gpio: Fix crash due to dereferencering uninitialized pointer Since commit 7d5e9737efda "net: rfkill: gpio: get the name and type from device property" rfkillfindtype gets called with the possibly uninitialized "const...

CVE-2022-50327 ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value

In the Linux kernel, the following vulnerability has been resolved: ACPI: processor: idle: Check acpifetchacpidev return value The return value of acpifetchacpidev could be NULL, which would cause a NULL pointer dereference to occur in acpidevicehid. rjw: Subject and changelog edits, added empty...

DEBIAN-CVE-2025-39701

In the Linux kernel, the following vulnerability has been resolved: ACPI: pfrupdate: Fix the driver update version check The security-version-number check should be used rather than the runtime version check for driver updates. Otherwise, the firmware update would fail when the update binary had ...

CVE-2025-38647 wifi: rtw89: sar: drop lockdep assertion in rtw89_set_sar_from_acpi

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: sar: drop lockdep assertion in rtw89setsarfromacpi The following assertion is triggered on the rtw89 driver startup. It looks meaningless to hold wiphy lock on the early init stage so drop the assertion. WARNING: CPU...

DEBIAN-CVE-2025-38386

In the Linux kernel, the following vulnerability has been resolved: ACPICA: Refuse to evaluate a method if arguments are missing As reported in 1, a platform firmware update that increased the number of method parameters and forgot to update a least one of its callers, caused ACPICA to crash due ...

Important: kernel6.12

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Fix link state exit during switch upstream function removal CVE-2024-58093 In the Linux kernel, the following vulnerability has been resolved: net/mlx5: HWS, change error flow on matcher disconnect...

PT-2025-8833

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved. The issue occurs because not all devices have an ACPI companion fwnode, which can result in a NULL pointer dereference in the skl...

SUSE CVE-2024-53075

In the Linux kernel, the following vulnerability has been resolved: riscv: Prevent a bad reference count on CPU nodes When populating cache leaves we previously fetched the CPU device node at the very beginning. But when ACPI is enabled we go through a specific branch which returns early and does...

CVE-2024-50117 drm/amd: Guard against bad data for ATIF ACPI method

In the Linux kernel, the following vulnerability has been resolved: drm/amd: Guard against bad data for ATIF ACPI method If a BIOS provides bad data in response to an ATIF method call this causes a NULL pointer dereference in the caller. ? showregs arch/x86/kernel/dumpstack.c:478 discriminator 1 ...

CVE-2024-46863

...

SUSE CVE-2021-47289

In the Linux kernel, the following vulnerability has been resolved: ACPI: fix NULL pointer dereference Commit 71f642833284 "ACPI: utils: Fix reference counting in foreachacpidevmatch" started doing "acpidevput" on a pointer that was possibly NULL. That fails miserably, because that helper inline...

DEBIAN-CVE-2021-47362

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Update intermediate power state for SI Update the current state as boot state during dpm initialization. During the subsequent initialization, setpowerstate gets called to transition to the final power state...

UBUNTU-CVE-2021-47425

In the Linux kernel, the following vulnerability has been resolved: i2c: acpi: fix resource leak in reconfiguration device addition acpii2cfindadapterbyhandle calls busfinddevice which takes a reference on the adapter which is never released which will result in a reference count leak and render...

kernel: Drivers: hv: vmbus: Don't dereference ACPI root object handle

A NULL pointer dereference flaw was found in the Linux kernel's Hyper-V VMBus driver in the ACPI resource walking logic. A local user can trigger this issue on systems running under hypervisors that do not provide Hyper-V MMIO ranges in the VMBus ACPI device hierarchy, causing the driver to walk ...

CLSA-2024-1714073393 Fix of 16 CVEs

Jammy update: v5.15.81 upstream stable release LP: 2003130 // CVE-url: https://ubuntu.com/security/CVE-2023-1382 - tipc: set con sock in tipcconnalloc - tipc: add an extra connget in tipcconnalloc CVE-url: https://ubuntu.com/security/CVE-2023-1998 - x86/speculation: Allow enabling STIBP with lega...

kernel: ACPI: CPPC: Avoid out of bounds access when parsing _CPC data

In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Avoid out of bounds access when parsing CPC data If the NumEntries field in the CPC return package is less than 2, do not attempt to access the "Revision" element of that package, because it may not be present then...