CVE-2023-53117

CVE-2023-53117 refers to a vulnerability in the Linux kernel related to the fs subsystem, specifically an out-of-bounds array speculation issue when closing a file descriptor. The connected advisories (EulerOS, Unity Linux) explicitly identify CVE-2023-53117 and describe the affected area as the ...

CVE-2023-53112

CVE-2023-53112 affects the Linux kernel DRM/I915 SSEU path. The root cause is an out-of-bounds access in intel_sseu_info_init/gen11_compute_sseu_info where gen11_sseu_info_init() could set 8 sub-slices while eu_mask->hsw is limited to 6, leading to index-out-of-bounds in a UBSAN report. The fi...

CVE-2023-53057

The CVE-2023-53057 entry corresponds to a Linux kernel Bluetooth HCI global-out-of-bounds bug. The issue arises in hci_init_stage_sync() looping a variable-length array, where amp_init1[] and amp_init2[] lacked an intentionally invalid final element, enabling out-of-bounds reads during hci_dev_op...

CVE-2023-53057 Bluetooth: HCI: Fix global-out-of-bounds

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: HCI: Fix global-out-of-bounds To loop a variable-length array, hciinitstagesyncstage considers that stagei is valid as long as stagei-1.func is valid. Thus, the last element of stage.func should be intentionally invali...

CVE-2023-53040 ca8210: fix mac_len negative array access

In the Linux kernel, the following vulnerability has been resolved: ca8210: fix maclen negative array access This patch fixes a buffer overflow access of skb-data if ieee802154hdrpeekaddrs fails...

SUSE CVE-2025-23152

In the Linux kernel, the following vulnerability has been resolved: arm64/crc-t10dif: fix use of out-of-scope array in crct10difarch Fix a silly bug where an array was used outside of its scope...

SUSE CVE-2025-23153

In the Linux kernel, the following vulnerability has been resolved: arm/crc-t10dif: fix use of out-of-scope array in crct10difarch Fix a silly bug where an array was used outside of its scope...

SUSE CVE-2025-37751

In the Linux kernel, the following vulnerability has been resolved: x86/cpu: Avoid running off the end of an AMD erratum table The NULL array terminator at the end of erratum1386microcode was removed during the switch from x86cpudesc to x86cpuid. This causes readers to run off the end of the arra...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an array out-of-bounds access during the HCI initialization phase, which could lead to a global out-of-bound...

PT-2025-18903 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved. The issue is related to the devm kmalloc array function in the fdp nci i2c read device properties function, which may fail and...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an array out-of-bounds risk when file descriptors are closed...

DEBIAN-CVE-2022-49796

In the Linux kernel, the following vulnerability has been resolved: tracing: kprobe: Fix potential null-ptr-deref on tracearray in kprobeeventgentestexit When testgenkprobecmd failed after kprobeeventgencmdend, it will goto delete, which will call kprobeeventdelete and release the corresponding...

CVE-2022-49792

In the Linux kernel, the following vulnerability has been resolved: iio: adc: mp2629: fix potential array out of bound access Add sentinel at end of maps to avoid potential array out of bound access in iio core...

DEBIAN-CVE-2022-49784

In the Linux kernel, the following vulnerability has been resolved: perf/x86/amd/uncore: Fix memory leak for events array When a CPU comes online, the per-CPU NB and LLC uncore contexts are freed but not the events array within the context structure. This causes a memory leak as identified by the...

CVE-2022-49784

In the Linux kernel, the following vulnerability has been resolved: perf/x86/amd/uncore: Fix memory leak for events array When a CPU comes online, the per-CPU NB and LLC uncore contexts are freed but not the events array within the context structure. This causes a memory leak as identified by the...

UBUNTU-CVE-2022-49792

In the Linux kernel, the following vulnerability has been resolved: iio: adc: mp2629: fix potential array out of bound access Add sentinel at end of maps to avoid potential array out of bound access in iio core...

UBUNTU-CVE-2022-49796

In the Linux kernel, the following vulnerability has been resolved: tracing: kprobe: Fix potential null-ptr-deref on tracearray in kprobeeventgentestexit When testgenkprobecmd failed after kprobeeventgencmdend, it will goto delete, which will call kprobeeventdelete and release the corresponding...

UBUNTU-CVE-2022-49878

In the Linux kernel, the following vulnerability has been resolved: bpf, verifier: Fix memory leak in array reallocation for stack state If an error NULL is returned by krealloc, callers of reallocarray were setting their allocation pointers to NULL, but on error krealloc does not touch the...

DEBIAN-CVE-2025-37788

In the Linux kernel, the following vulnerability has been resolved: cxgb4: fix memory leak in cxgb4initethtoolfilters error path In the for loop used to allocate the locarray and bmap for each port, a memory leak is possible when the allocation for locarray succeeds, but the allocation for bmap...

CVE-2022-49878

In the Linux kernel, the following vulnerability has been resolved: bpf, verifier: Fix memory leak in array reallocation for stack state If an error NULL is returned by krealloc, callers of reallocarray were setting their allocation pointers to NULL, but on error krealloc does not touch the...