DEBIAN-CVE-2022-48819

In the Linux kernel, the following vulnerability has been resolved: tcp: take care of mixed splice/sendmsgMSGZEROCOPY case syzbot found that mixing sendpage and sendmsgMSGZEROCOPY calls over the same TCP socket would again trigger the infamous warning in inetsockdestruct WARNONskforwardallocgetsk...

DEBIAN-CVE-2024-40995

In the Linux kernel, the following vulnerability has been resolved: net/sched: actapi: fix possible infinite loop in tcfidrcheckalloc syzbot found hanging tasks waiting on rtnllock 1 A reproducer is available in the syzbot bug. When a request to add multiple actions with the same index is sent, t...

SUSE CVE-2024-29508

Artifex Ghostscript before 10.03.0 has a heap-based pointer disclosure observable in a constructed BaseFont name in the function pdfbasefontalloc...

Artifex Ghostscript Security Vulnerability

Artifex Ghostscript is a set of free software compiled by Artifex, Inc. based on Adobe, PostScript and Portable Document Format page description languages. A security vulnerability exists in Artifex Ghostscript prior to version 10.03.0, which results from a heap-based pointer disclosure in the...

media: v4l2-tpg: fix some memleaks in tpg_alloc

...

CVE-2024-38592 drm/mediatek: Init `ddp_comp` with devm_kcalloc()

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Init ddpcomp with devmkcalloc In the case where connroutes is true we allocate an extra slot in the ddpcomp array but mtkdrmcrtccreate never seemed to initialize it in the test case I ran. For me, this caused a late...

OESA-2024-1716 libvpx security update

libvpx provides the VP8/VP9 SDK, which allows you to integrate your applications with the VP8 and VP9 video codecs, high quality, royalty free, open source codecs deployed on millions of computers and devices worldwide. Security Fixes: There exists interger overflows in libvpx in versions prior t...

CVE-2024-5171

Integer overflow in libaom internal function imgallochelper can lead to heap buffer overflow. This function can be reached via 3 callers: Calling aomimgalloc with a large value of the dw, dh, or align parameter may result in integer overflows in the calculations of buffer sizes and offsets and so...

SUSE CVE-2024-36883

In the Linux kernel, the following vulnerability has been resolved: net: fix out-of-bounds access in opsinit netallocgeneric is called by netalloc, which is called without any locking. It reads maxgenptrs, which is changed under pernetopsrwsem. It is read twice, first to allocate an array, then t...

UBUNTU-CVE-2024-36883

In the Linux kernel, the following vulnerability has been resolved: net: fix out-of-bounds access in opsinit netallocgeneric is called by netalloc, which is called without any locking. It reads maxgenptrs, which is changed under pernetopsrwsem. It is read twice, first to allocate an array, then t...

SUSE CVE-2021-47542

In the Linux kernel, the following vulnerability has been resolved: net: qlogic: qlcnic: Fix a NULL pointer dereference in qlcnic83xxaddrings In qlcnic83xxaddrings, the indirect function of ahw-hwops-allocmbxargs will be called to allocate memory for cmd.req.arg, and there is a dereference of it ...

SUSE CVE-2021-47467

In the Linux kernel, the following vulnerability has been resolved: kunit: fix reference count leak in kfreeatend The reference counting issue happens in the normal path of kfreeatend. When kunitallocandgetresource is invoked, the function forgets to handle the returned resource object, whose...

SUSE CVE-2021-47378

In the Linux kernel, the following vulnerability has been resolved: nvme-rdma: destroy cm id before destroy qp to avoid use after free We should always destroy cmid before destroy qp to avoid to get cma event after qp was destroyed, which may lead to use after free. In RDMA connection establishme...

UBUNTU-CVE-2021-47528

In the Linux kernel, the following vulnerability has been resolved: usb: cdnsp: Fix a NULL pointer dereference in cdnspendpointinit In cdnspendpointinit, cdnspringalloc is assigned to pep-ring and there is a dereference of it in cdnspendpointinit, which could lead to a NULL pointer dereference on...

UBUNTU-CVE-2021-47503

In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Do not call scsiremovehost in pm8001alloc Calling scsiremovehost before scsiaddhost results in a crash: BUG: kernel NULL pointer dereference, address: 0000000000000108 RIP: 0010:devicedel+0x63/0x440 Call Trace:...

SUSE CVE-2023-52865

In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: clk-mt6797: Add check for mtkallocclkdata Add the check for the return value of mtkallocclkdata in order to avoid NULL pointer dereference...

SUSE CVE-2023-52875

In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: clk-mt2701: Add check for mtkallocclkdata Add the check for the return value of mtkallocclkdata in order to avoid NULL pointer dereference...

UBUNTU-CVE-2021-47467

In the Linux kernel, the following vulnerability has been resolved: kunit: fix reference count leak in kfreeatend The reference counting issue happens in the normal path of kfreeatend. When kunitallocandgetresource is invoked, the function forgets to handle the returned resource object, whose...

DEBIAN-CVE-2023-52875

In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: clk-mt2701: Add check for mtkallocclkdata Add the check for the return value of mtkallocclkdata in order to avoid NULL pointer dereference...

DEBIAN-CVE-2023-52870

In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: clk-mt6765: Add check for mtkallocclkdata Add the check for the return value of mtkallocclkdata in order to avoid NULL pointer dereference...