CVE-2022-49163 media: imx-jpeg: fix a bug of accessing array out of bounds

In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: fix a bug of accessing array out of bounds When error occurs in parsing jpeg, the slot isn't acquired yet, it may be the default value MXCMAXSLOTS. If the driver access the slot using the incorrect slot number, i...

CVE-2022-49163 media: imx-jpeg: fix a bug of accessing array out of bounds

In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: fix a bug of accessing array out of bounds When error occurs in parsing jpeg, the slot isn't acquired yet, it may be the default value MXCMAXSLOTS. If the driver access the slot using the incorrect slot number, i...

CVE-2022-49148

The CVE-2022-49148 entry concerns a Linux kernel vulnerability where, during dismantling of watch_queue, the page array was not freed, leaving a memory leak. The issue was addressed by a patch sequence that first frees the alloc bitmap when tearing down watch_queue (commit 7ea1a0124b6d) and then ...

CVE-2022-49148 watch_queue: Free the page array when watch_queue is dismantled

In the Linux kernel, the following vulnerability has been resolved: watchqueue: Free the page array when watchqueue is dismantled Commit 7ea1a0124b6d "watchqueue: Free the alloc bitmap when the watchqueue is torn down" took care of the bitmap, but not the page array. BUG: memory leak unreferenced...

CVE-2022-49148 watch_queue: Free the page array when watch_queue is dismantled

In the Linux kernel, the following vulnerability has been resolved: watchqueue: Free the page array when watchqueue is dismantled Commit 7ea1a0124b6d "watchqueue: Free the alloc bitmap when the watchqueue is torn down" took care of the bitmap, but not the page array. BUG: memory leak unreferenced...

CVE-2022-49122

CVE-2022-49122 is a Linux kernel vulnerability affecting the dm ioctl path where user-supplied data could act as an index and enable Spectre v1 gadget behavior. The fix, described in connected advisories, prevents leakage of kernel memory to userspace by applying array_index_nospec to index handl...

CVE-2022-49122

In the Linux kernel, the following vulnerability has been resolved: dm ioctl: prevent potential spectre v1 gadget It appears like cmd could be a Spectre v1 gadget as it's supplied by a user and used as an array index. Prevent the contents of kernel memory from being leaked to userspace via...

CVE-2022-49055 drm/amdkfd: Check for potential null return of kmalloc_array()

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Check for potential null return of kmallocarray As the kmallocarray may return null, the 'eventwaitersi.wait' would lead to null-pointer dereference. Therefore, it is better to check the return value of kmallocarray t...

CVE-2022-49051

CVE-2022-49051 concerns the Linux kernel USB driver net: usb: aqc111, specifically the aqc111_rx_fixup() function. The advisory states multiple out-of-bounds accesses that a malicious or defective USB device can trigger, including OOB reads in the metadata array (desc_offset..desc_offset+2*pkt_co...

CVE-2021-47657 drm/virtio: Ensure that objs is not NULL in virtio_gpu_array_put_free()

In the Linux kernel, the following vulnerability has been resolved: drm/virtio: Ensure that objs is not NULL in virtiogpuarrayputfree If virtiogpuobjectshmeminit fails e.g. due to fault injection, as it happened in the bug report by syzbot, virtiogpuarrayputfree could be called with objs equal to...

CVE-2021-47649 udmabuf: validate ubuf->pagecount

In the Linux kernel, the following vulnerability has been resolved: udmabuf: validate ubuf-pagecount Syzbot has reported GPF in sgallocappendtablefrompages. The problem was in ubuf-pages == ZEROPTR. ubuf-pagecount is calculated from arguments passed from user-space. If user creates udmabuf with...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a missing validation of hdw-unitnumber in pvr2i2ccoreinit, which results in an array out-of-bounds...

PT-2025-8339 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been identified, specifically in the staging driver r8188eu. The issue is related to the function rtw wx set scan, where there is a potential fo...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a possible array overflow in bpftrampolinegetprogs...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from an access in dm raid that exceeds a raid member array boundary...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the imx-jpeg driver accessing an array out of bounds when parsing jpeg, which could cause the kernel to cras...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the possibility that kmallocarray may return a null pointer, resulting in a null pointer dereference...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the svcrdmabuildwrites function potentially overstepping its bounds to access the segment array of the Write...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an out-of-bounds access to a global array in isp1760register...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the f2fs driver not performing integrity checks on curseg-alloctype, which could lead to array out-of-bounds...