275 matches found
media: dvb-usb: dtv5100: fix out-of-bounds in dtv5100_i2c_msg()
...
CVE-2025-68819
In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: dtv5100: fix out-of-bounds in dtv5100i2cmsg rlen value is a user-controlled value, but dtv5100i2cmsg does not check the size of the rlen value. Therefore, if it is set to a value larger than sizeofst-data, an...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003314)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003314 advisory. drivers/media/usb/dvb-usb/cxusb.c in the Linux kernel 4.9.x and 4.10.x before 4.10.12 interacts incorrectly with the CONFIGVMAPSTACK option, which allows local users...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003272)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003272 advisory. drivers/media/usb/dvb-usb/cxusb.c in the Linux kernel 4.9.x and 4.10.x before 4.10.12 interacts incorrectly with the CONFIGVMAPSTACK option, which allows local users...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001163)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001163 advisory. drivers/media/usb/dvb-usb/cxusb.c in the Linux kernel 4.9.x and 4.10.x before 4.10.12 interacts incorrectly with the CONFIGVMAPSTACK option, which allows local users...
CVE-2025-68819
In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: dtv5100: fix out-of-bounds in dtv5100i2cmsg rlen value is a user-controlled value, but dtv5100i2cmsg does not check the size of the rlen value. Therefore, if it is set to a value larger than sizeofst-data, an...
CVE-2025-68819 media: dvb-usb: dtv5100: fix out-of-bounds in dtv5100_i2c_msg()
In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: dtv5100: fix out-of-bounds in dtv5100i2cmsg rlen value is a user-controlled value, but dtv5100i2cmsg does not check the size of the rlen value. Therefore, if it is set to a value larger than sizeofst-data, an...
CVE-2025-68819
In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: dtv5100: fix out-of-bounds in dtv5100i2cmsg rlen value is a user-controlled value, but dtv5100i2cmsg does not check the size of the rlen value. Therefore, if it is set to a value larger than sizeofst-data, an...
CVE-2025-68819 media: dvb-usb: dtv5100: fix out-of-bounds in dtv5100_i2c_msg()
In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: dtv5100: fix out-of-bounds in dtv5100i2cmsg rlen value is a user-controlled value, but dtv5100i2cmsg does not check the size of the rlen value. Therefore, if it is set to a value larger than sizeofst-data, an...
CVE-2025-68819
In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: dtv5100: fix out-of-bounds in dtv5100i2cmsg rlen value is a user-controlled value, but dtv5100i2cmsg does not check the size of the rlen value. Therefore, if it is set to a value larger than sizeofst-data, an...
CVE-2019-12477
Supra Smart Cloud TV allows remote file inclusion in the openLiveURL function, which allows a local attacker to broadcast fake video without any authentication via a /remote/mediacontrol?action=setUri= URI...
PT-2026-26103
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's dvb-core component related to the reinitialization of a ring buffer when a device is reopened. The dvb dvr open function incorrectly calls dvb...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993224)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993224 advisory. In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: az6027: fix null-ptr-deref in az6027i2cxfer Wei Chen reports a kernel bug as blew...
CVE-2023-54266
In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: m920x: Fix a potential memory leak in m920xi2cxfer 'read' is freed when it is known to be NULL, but not when a read error occurs. Revert the logic to avoid a small leak, should a m920xread call fail...
CVE-2023-54266 media: dvb-usb: m920x: Fix a potential memory leak in m920x_i2c_xfer()
In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: m920x: Fix a potential memory leak in m920xi2cxfer 'read' is freed when it is known to be NULL, but not when a read error occurs. Revert the logic to avoid a small leak, should a m920xread call fail...
EUVD-2023-60260
In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb-v2: gl861: Fix null-ptr-deref in gl861i2cmasterxfer In gl861i2cmasterxfer, msg is controlled by user. When msgi.buf is null and msgi.len is zero, former checks on msgi.buf would be passed. Malicious data finally...
EUVD-2022-55764
In the Linux kernel, the following vulnerability has been resolved: media: vidtv: Fix use-after-free in vidtvbridgedvbinit KASAN reports a use-after-free: BUG: KASAN: use-after-free in dvbdmxdevrelease+0x4d5/0x5d0 dvbcore Call Trace: ... dvbdmxdevrelease+0x4d5/0x5d0 dvbcore...
CVE-2022-50725
In the Linux kernel, the following vulnerability has been resolved: media: vidtv: Fix use-after-free in vidtvbridgedvbinit KASAN reports a use-after-free: BUG: KASAN: use-after-free in dvbdmxdevrelease+0x4d5/0x5d0 dvbcore Call Trace: ... dvbdmxdevrelease+0x4d5/0x5d0 dvbcore...
UBUNTU-CVE-2022-50725
In the Linux kernel, the following vulnerability has been resolved: media: vidtv: Fix use-after-free in vidtvbridgedvbinit KASAN reports a use-after-free: BUG: KASAN: use-after-free in dvbdmxdevrelease+0x4d5/0x5d0 dvbcore Call Trace: ... dvbdmxdevrelease+0x4d5/0x5d0 dvbcore...
CVE-2022-50725 media: vidtv: Fix use-after-free in vidtv_bridge_dvb_init()
In the Linux kernel, the following vulnerability has been resolved: media: vidtv: Fix use-after-free in vidtvbridgedvbinit KASAN reports a use-after-free: BUG: KASAN: use-after-free in dvbdmxdevrelease+0x4d5/0x5d0 dvbcore Call Trace: ... dvbdmxdevrelease+0x4d5/0x5d0 dvbcore...