132 matches found
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000667)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000667 advisory. The caifseqpktrecvmsg function in net/caif/caifsocket.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to...
caif: fix integer underflow in cffrml_receive()
...
UBUNTU-CVE-2025-68799
In the Linux kernel, the following vulnerability has been resolved: caif: fix integer underflow in cffrmlreceive The cffrmlreceive function extracts a length field from the packet header and, when FCS is disabled, subtracts 2 from this length without validating that len = 2. If an attacker sends ...
CVE-2025-68799 caif: fix integer underflow in cffrml_receive()
In the Linux kernel, the following vulnerability has been resolved: caif: fix integer underflow in cffrmlreceive The cffrmlreceive function extracts a length field from the packet header and, when FCS is disabled, subtracts 2 from this length without validating that len = 2. If an attacker sends ...
Linux Distros Unpatched Vulnerability : CVE-2025-68799
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - caif: fix integer underflow in cffrmlreceive The cffrmlreceive function extracts a length field from the packet header and, when FCS is disabled, subtracts 2 fr...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992929)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992929 advisory. In the Linux kernel, the following vulnerability has been resolved: net: caif: Fix use-after-free in cfusbldevicenotify syzbot reported use-after-free in...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-992672)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992672 advisory. In the Linux kernel, the following vulnerability has been resolved: net: caif: Fix use-after-free in cfusbldevicenotify syzbot reported use-after-free in...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990754)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990754 advisory. In the Linux kernel, the following vulnerability has been resolved: net: caif: Fix use-after-free in cfusbldevicenotify syzbot reported use-after-free in...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989468)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989468 advisory. In the Linux kernel, the following vulnerability has been resolved: net: fix uninit-value in caifseqpktsendmsg When nrsegs equal to zero in iovecfromuser, the object...
Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-387673)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-387673 advisory. In the Linux kernel, the following vulnerability has been resolved: caifvirtio: fix wrong pointer check in cfvprobe delvqs frees virtqueues, therefore cfv-vqtx point...
EUVD-2025-13119
Malicious code in bioql PyPI...
CVE-2023-53330
In the Linux kernel, the following vulnerability has been resolved: caif: fix memory leak in cfctrllinkuprequest When linktype is unknown or kzalloc failed in cfctrllinkuprequest, pkt is not released. Add release process to error path...
CVE-2023-53330
CVE-2023-53330 : In the Linux kernel, memory leak in cfctrl_linkup_request() can occur when linktype is unknown or kzalloc() fails, as pkt is not released on error. The resolution adds a release path to the error flow, mitigating a potential memory leak in affected code paths. Connected advisorie...
Linux Distros Unpatched Vulnerability : CVE-2021-47297
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: fix uninit-value in caifseqpktsendmsg When nrsegs equal to zero in iovecfromuser, the object msg-msgiter.iov is uninit stack memory in caifseqpktsendmsg...
Linux Distros Unpatched Vulnerability : CVE-2021-47121
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: caif: fix memory leak in cfusbldevicenotify In case of caifenrolldev fail, allocated linksupport won't be assigned to the corresponding structure. So simpl...
Linux Distros Unpatched Vulnerability : CVE-2021-47122
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: caif: fix memory leak in caifdevicenotify In case of caifenrolldev fail, allocated...
Linux Distros Unpatched Vulnerability : CVE-2023-53138
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: caif: Fix use-after-free in cfusbldevicenotify syzbot reported use-after-free in cfusbldevicenotify 1. This causes a stack trace like below: BUG: KASAN:...
The vulnerability of the cfusbl_create() function in the net/caif/caif_usb.c module, which is part of the Linux kernel’s networking functions, allows a hacker to gain access to protected information.
The vulnerability of the cfusblcreate function in the net/caif/caifusb.c module, which implements kernel networking functions in the Linux operating system, is related to improper memory release before deleting the last reference „memory leak“. Exploiting this vulnerability may allow an attacker ...
The vulnerability of the caif_device_notify() function in the net/caif/caif_dev.c module, which is part of the Linux kernel’s networking functions, allows a hacker to gain access to protected information.
The vulnerability of the caifdevicenotify function in the net/caif/caifdev.c module, which is part of the Linux kernel’s networking functions, stems from improper memory release before deleting the last reference to memory memory leak. Exploiting this vulnerability could allow an attacker to gain...
caif_virtio: fix wrong pointer check in cfv_probe()
...