EUVD-2026-28728

In the Linux kernel, the following vulnerability has been resolved: usb: legacy: ncm: Fix NPE in gncmbind Commit 56a512a9b410 "usb: gadget: fncm: align netdevice lifecycle with bind/unbind" deferred the allocation of the netdevice. This change leads to a NULL pointer dereference in the legacy NCM...

CVE-2025-38570 eth: fbnic: unlink NAPIs from queues on error to open

In the Linux kernel, the following vulnerability has been resolved: eth: fbnic: unlink NAPIs from queues on error to open CI hit a UaF in fbnic in the AFXDP portion of the queues.py test. The UaF is in the skmarknapiidonce call in xskbind, NAPI has been freed. Looks like the device failed to open...

Linux Distros Unpatched Vulnerability : CVE-2020-35519

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds OOB memory access flaw was found in x25bind in net/x25/afx25.c in the Linux kernel version v5.12-rc5. A bounds check failure allows a local...

PT-2025-26102 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A refcount leak issue has been identified in the Linux kernel, specifically in the drm/mcde component, within the mcde dsi bind function. The problem arises from the for each available...

net: rose: lock the socket in rose_bind()

...

UBUNTU-CVE-2021-47068

In the Linux kernel, the following vulnerability has been resolved: net/nfc: fix use-after-free llcpsockbind/connect Commits 8a4cd82d "nfc: fix refcount leak in llcpsockconnect" and c33b1cc62 "nfc: fix refcount leak in llcpsockbind" fixed a refcount leak bug in bind/connect but introduced a...

Code injection

Under certain circumstances, a call to the bind function may have resulted in the incorrect realm. This may have created a vulnerability relating to JavaScript-implemented sandboxes such as SES. This vulnerability affects Firefox for Android 112, Firefox 112, and Focus for Android 112...

CVE-2023-29549

Under certain circumstances, a call to the bind function may have resulted in the incorrect realm. This may have created a vulnerability relating to JavaScript-implemented sandboxes such as SES. This vulnerability affects Firefox for Android 112, Firefox 112, and Focus for Android 112...

CVE-2023-29549

Under certain circumstances, a call to the bind function may have resulted in the incorrect realm. This may have created a vulnerability relating to JavaScript-implemented sandboxes such as SES. This vulnerability affects Firefox for Android 112, Firefox 112, and Focus for Android 112...

CVE-2023-29549

Under certain circumstances, a call to the bind function may have resulted in the incorrect realm. This may have created a vulnerability relating to JavaScript-implemented sandboxes such as SES. This vulnerability affects Firefox for Android 112, Firefox 112, and Focus for Android 112...

Inadequate Encryption Strength

Firefox is vulnerable to Inadequate Encryption Strength. The vulnerability exists because a call to the bind function may have resulted in the incorrect realm under certain circumstances...

Mozilla Firefox 加密问题漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation. A security vulnerability exists in Mozilla Firefox, which originates from a call to the bind function that may result in an error under certain circumstances...

UBUNTU-CVE-2023-29549

Under certain circumstances, a call to the bind function may have resulted in the incorrect realm. This may have created a vulnerability relating to JavaScript-implemented sandboxes such as SES. This vulnerability affects Firefox for Android 112, Firefox 112, and Focus for Android 112...

CVE-2023-29549

Under certain circumstances, a call to the bind function may have resulted in the incorrect realm. This may have created a vulnerability relating to JavaScript-implemented sandboxes such as SES. This vulnerability affects Firefox for Android 112, Firefox 112, and Focus for Android 112...

PT-2022-33550 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions v5.3 through v5.19.1 Description: A refcount leak was discovered in the mcde dsi bind function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions v5.3 through...

Linux kernel 竞争条件问题漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel suffers from a Competitive Condition Issue vulnerability that stems from its PLP Rose function triggering a competitive condition when a user invokes bind, as well...

Access Restriction Bypass in go-ldap

In the ldap.v2 aka go-ldap package through 2.5.0 for Go, an attacker may be able to login with an empty password. This issue affects an application using this package if these conditions are met: 1 it relies only on the return error of the Bind function call to determine whether a user is...

PT-2020-6661 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux Kernel affected versions not specified Description: The issue is related to the use of memory after it has been freed in the llcp sock bind function of the NFC protocol in the Linux kernel. This could allow a local attacker to access...

Login With Empty Credential

github.com/go-ldap/ldap allows the user to login with empty password or credentials. The vulnerability is only affects applications with the following conditions: - authorization of a user is performed by relying on the return error of the Bind function call i.e., a nil return is considered...

CVE-2017-14623

In the ldap.v2 aka go-ldap package through 2.5.0 for Go, an attacker may be able to login with an empty password. This issue affects an application using this package if these conditions are met: 1 it relies only on the return error of the Bind function call to determine whether a user is...