CVE-2023-54143 media: mediatek: vcodec: fix resource leaks in vdec_msg_queue_init()

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: fix resource leaks in vdecmsgqueueinit If we encounter any error in the vdecmsgqueueinit then we need to set "msgqueue-wdmaaddr.size = 0;". Normally, this is done inside the vdecmsgqueuedeinit function...

CVE-2023-54143 media: mediatek: vcodec: fix resource leaks in vdec_msg_queue_init()

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: fix resource leaks in vdecmsgqueueinit If we encounter any error in the vdecmsgqueueinit then we need to set "msgqueue-wdmaaddr.size = 0;". Normally, this is done inside the vdecmsgqueuedeinit function...

EUVD-2025-203674

In the Linux kernel, the following vulnerability has been resolved: pinctrl: s32cc: fix uninitialized memory in s32pinctrldesc s32pinctrldesc is allocated with devmkmalloc, but not all of its fields are initialized. Notably, numcustomparams is used in pinconfgenericparsedtconfig, resulting in...

CVE-2025-68190

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/atom: Check kcalloc for WS buffer in amdgpuatomexecutetablelocked kcalloc may fail. When WS is non-zero and allocation fails, ectx.ws remains NULL while ectx.wssize is set, leading to a potential NULL pointer dereferen...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the s32pinctrldesc memory not being fully initialized, which could lead to an allocation error...

CVE-2022-50679

CVE-2022-50679 concerns the Linux kernel i40e driver, where DMA mappings leak during RX buffer reallocation. The root cause is that new DMA mappings are created for buffers when reconfiguring RX rings, leading to leaks when old buffers are freed and DMA mappings are freed incorrectly. This can ca...

UBUNTU-CVE-2025-40210

In the Linux kernel, the following vulnerability has been resolved: Revert "NFSD: Remove the cap on number of operations per NFSv4 COMPOUND" I've found that pynfs COMP6 now leaves the connection or lease in a strange state, which causes CLOSE9 to hang indefinitely. I've dug into it a little, but ...

EulerOS 2.0 SP10 : sqlite (EulerOS-SA-2025-2401)

According to the versions of the sqlite package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3dbconfig in the C-language API can cause a denial of service application crash. A...

PT-2025-51635

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue in the pinctrl subsystem, specifically within the s32cc driver. The s32 pinctrl desc structure is allocated using devm kmalloc, but not all of its fiel...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990238)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990238 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: bcm - add error check in the ahashhmacinit function The ahashinit functions may return...

EUVD-2025-36981

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fix missing pointer check in hdacomponentmanagerinit function The componentmatchadd function may assign the 'matchptr' pointer the value ERRPTR-ENOMEM, which will subsequently be dereferenced. The call stack leading to...

Linux Distros Unpatched Vulnerability : CVE-2025-40097

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ALSA: hda: Fix missing pointer check in hdacomponentmanagerinit function The componentmatchadd function may assign the 'matchptr' pointer the value...

CVE-2022-50577

CVE-2022-50577 involves a memory leak in the Linux kernel’s IMA path. The root cause was that __ima_inode_hash() could allocate ima_hash and then fail after ima_collect_measurement() returned an error, allowing a leaked temporary inode metadata structure. The patch adds a kfree() when the error f...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : FFmpeg vulnerabilities (USN-7830-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7830-1 advisory. It was discovered that FFmpeg incorrectly handled the return values of functions in its Firequalizer filter and in th...

JLSEC-2025-100 A flaw was found in the SFTP server message decoding logic of libssh

A flaw was found in the SFTP server message decoding logic of libssh. The issue occurs due to an incorrect packet length check that allows an integer overflow when handling large payload sizes on 32-bit systems. This issue leads to failed memory allocation and causes the server process to crash,...

EUVD-2025-34778

A vulnerability exists in the QuickJS engine's BigInt string parsing logic jsbigintfromstring when attempting to create a BigInt from a string with an excessively large number of digits. The function calculates the necessary number of bits nbits required to store the BigInt using the formula:...

io_uring/tctx: work around xa_store() allocation error issue

...

Linux Distros Unpatched Vulnerability : CVE-2023-53468

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ubifs: Fix memory leak in allocwbufs kmemleak reported a sequence of memory leaks, and show them as following: unreferenced object 0xffff8881575f8400 size 1024:...

Linux Distros Unpatched Vulnerability : CVE-2025-39935

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ASoC: codec: sma1307: Fix memory corruption in sma1307settingloaded The sma1307-set.headersize is how many integers are in the header there are 8 of them but...

CVE-2022-50544 usb: host: xhci: Fix potential memory leak in xhci_alloc_stream_info()

In the Linux kernel, the following vulnerability has been resolved: usb: host: xhci: Fix potential memory leak in xhciallocstreaminfo xhciallocstreaminfo allocates stream context array for streaminfo -streamctxarray with xhciallocstreamctx. When some error occurs, streaminfo-streamctxarray is not...