CVE-2025-38513 wifi: zd1211rw: Fix potential NULL pointer dereference in zd_mac_tx_to_dev()

In the Linux kernel, the following vulnerability has been resolved: wifi: zd1211rw: Fix potential NULL pointer dereference in zdmactxtodev There is a potential NULL pointer dereference in zdmactxtodev. For example, the following is possible: T0 T1 zdmactxtodev / len == skbqueuelenq / while len...

CVE-2025-38484

In the Linux kernel, the following vulnerability has been resolved: iio: backend: fix out-of-bound write The buffer is set to 80 character. If a caller write more characters, count is truncated to the max available space in "simplewritetobuffer". But afterwards a string terminator is written to t...

CVE-2025-38375 virtio-net: ensure the received length does not exceed allocated size

In the Linux kernel, the following vulnerability has been resolved: virtio-net: ensure the received length does not exceed allocated size In xdplinearizepage, when reading the following buffers from the ring, we forget to check the received length with the true allocate size. This can lead to an...

CVE-2025-38375

In the Linux kernel, the following vulnerability has been resolved: virtio-net: ensure the received length does not exceed allocated size In xdplinearizepage, when reading the following buffers from the ring, we forget to check the received length with the true allocate size. This can lead to an...

GHSA-7MC2-6PHR-23XC tiny-secp256k1 vulnerable to private key extraction when signing a malicious JSON-stringifyable message in bundled environment

Summary Private key can be extracted on signing a malicious JSON-stringifiable object, when global Buffer is buffer package Details This affects only environments where require'buffer' is E.g.: browser bundles, React Native apps, etc. Buffer.isBuffer check can be bypassed, resulting in k reuse fo...

CVE-2022-50159

In the Linux kernel, the following vulnerability has been resolved: of: check previous kernel's ima-kexec-buffer against memory bounds Presently imagetkexecbuffer doesn't check if the previous kernel's ima-kexec-buffer lies outside the addressable memory range. This can result in a kernel panic i...

Medium: nvidia-gds

Issue Overview: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a failure to check the length of a buffer could allow a user to cause the tool to crash or execute arbitrary code by passing in a malformed ELF file. A successful exploit of this...

CVE-2021-1910

Double free in video due to lack of input buffer length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...

CVE-2020-3633

Array out of bound may occur while playing mp3 file as no check is there on offset if it is greater than the buffer allocated or not in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in...

CVE-2022-49889 ring-buffer: Check for NULL cpu_buffer in ring_buffer_wake_waiters()

In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Check for NULL cpubuffer in ringbufferwakewaiters On some machines the number of listed CPUs may be bigger than the actual CPUs that exist. The tracing subsystem allocates a percpu directory with access to the per CP...

The vulnerability of the Telnet service of the Tenda W18E router’s microprogramming software allows a intruder to gain unauthorized access to the device.

The vulnerability of the Telnet service in the Tenda W18E router microprogramming system lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to the device...

Security update for kernel-livepatch-MICRO-6-0-RT_Update_2

This update for kernel-livepatch-MICRO-6-0-RTUpdate2 fixes the following issues: CVE-2024-57882: Fixed mptcp: fix TCP options overflow. bsc1235916 CVE-2024-46818: Fixed drm/amd/display: check gpioid before used as array index bsc1231204 CVE-2024-46815: Fixed drm/amd/display: check numvalidsets...

smb: client: Add check for next_buffer in receive_encrypted_standard()

...

OESA-2025-1320 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: RDMA/rtrs: Ensure 'ibsge list' is accessible Move the declaration of the 'ibsge list' variable outside the 'alwaysinvalidate' block to ensure it remains accessib...

OESA-2025-1312 libarchive security update

is an open-source BSD-licensed C programming library that provides streaming access to a variety of different archive formats, including tar, cpio, pax, zip, and ISO9660 images. The distribution also includes bsdtar and bsdcpio, full-featured implementations of tar and cpio that use . Security...

CVE-2025-21844

In the Linux kernel, the following vulnerability has been resolved: smb: client: Add check for nextbuffer in receiveencryptedstandard Add check for the return value of cifsbufget and cifssmallbufget in receiveencryptedstandard to prevent null pointer dereference...

Linux Distros Unpatched Vulnerability : CVE-2024-57802

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netrom: check buffer length before accessing it Syzkaller reports an uninit value read from ax25cmp when sending raw message through ieee802154 implementation...

CVE-2025-21704 usb: cdc-acm: Check control transfer buffer size before access

In the Linux kernel, the following vulnerability has been resolved: usb: cdc-acm: Check control transfer buffer size before access If the first fragment is shorter than struct usbcdcnotification, we can't calculate an expectedsize. Log an error and discard the notification instead of reading...

CVE-2024-8798 Bluetooth: classic: avdtp: missing buffer length check

No proper validation of the length of user input in olcpindhandler in zephyr/subsys/bluetooth/services/ots/otsclient.c...

CVE-2024-47775 GHSL-2024-261: GStreamer has an OOB-read in parse_ds64

GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been found in the parseds64 function within gstwavparse.c. The parseds64 function does not check that the buffer buf contains sufficient data before attempting to read from it, doing multipl...