CVE-2023-54058 firmware: arm_ffa: Check if ffa_driver remove is present before executing

In the Linux kernel, the following vulnerability has been resolved: firmware: armffa: Check if ffadriver remove is present before executing Currently ffadrv-remove is called unconditionally from ffadeviceremove. Since the driver registration doesn't check for it and allows it to be registered...

CVE-2023-54044

Technical details about CVE-2023-54044 (Linux spmi remove callback crash) are not publicly provided in the supplied documents; monitor for updates.

CVE-2023-54044 spmi: Add a check for remove callback when removing a SPMI driver

In the Linux kernel, the following vulnerability has been resolved: spmi: Add a check for remove callback when removing a SPMI driver When removing a SPMI driver, there can be a crash due to NULL pointer dereference if it does not have a remove callback defined. This is one such call trace observ...

CVE-2023-54044 spmi: Add a check for remove callback when removing a SPMI driver

In the Linux kernel, the following vulnerability has been resolved: spmi: Add a check for remove callback when removing a SPMI driver When removing a SPMI driver, there can be a crash due to NULL pointer dereference if it does not have a remove callback defined. This is one such call trace observ...

CVE-2022-50726 net/mlx5: Fix possible use-after-free in async command interface

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix possible use-after-free in async command interface mlx5cmdcleanupasyncctx should return only after all its callback handlers were completed. Before this patch, the below race between mlx5cmdcleanupasyncctx and...

CVE-2022-50726

In CVE-2022-50726, the Linux kernel mlx5 async command interface had a use-after-free caused by a race between mlx5_cmd_cleanup_async_ctx and mlx5_cmd_exec_cb_handler. The patch fixes this by using a completion object and completing when num_inflight reaches 0, ensuring cleanup only after all in-...

CVE-2022-50704

In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix use-after-free during usb config switch In the process of switching USB config from rndis to other config, if the hardware does not support the -pullup callback, or the hardware encounters a low probability fault...

CVE-2023-54036

In the Linux kernel, the following vulnerability has been resolved: wifi: rtl8xxxu: Fix memory leaks with RTL8723BU, RTL8192EU The wifi + bluetooth combo chip RTL8723BU can leak memory especially? when it's connected to a bluetooth audio device. The busy bluetooth traffic generates lots of C2H ca...

CVE-2022-50704

Technical details about CVE-2022-50704 are not publicly available in the provided Connected documents. Monitor for updates from vendors and security advisories.

CVE-2022-50704 USB: gadget: Fix use-after-free during usb config switch

In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix use-after-free during usb config switch In the process of switching USB config from rndis to other config, if the hardware does not support the -pullup callback, or the hardware encounters a low probability fault...

can: gs_usb: gs_usb_receive_bulk_callback(): check actual_length before accessing header

...

can: gs_usb: gs_usb_receive_bulk_callback(): check actual_length before accessing data

...

Bluetooth: Fix null-ptr-deref in l2cap_sock_resume_cb()

...

OAuth-2.0-CSRF-PoC

OAuth Account Takeover CSRF Proof-of-Concept Description...

SUSE CVE-2025-68343

In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbreceivebulkcallback: check actuallength before accessing header The driver expects to receive a struct gshostframe in gsusbreceivebulkcallback. Use structgroup to describe the header of the struct gshostframe and...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from armffa not checking for the existence of the ffadriver remove callback when removing a device, which could...

PT-2025-53042

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to SPMI driver removal. Specifically, a crash can occur due to a NULL pointer dereference if an SPMI driver being removed does not have a remove...

CVE-2025-67873

Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, Skipdata length is not bounds-checked, so a user-provided skipdata callback can make csdisasm/csdisasmiter memcpy more than 24 bytes into csinsn.bytes, causing a heap buffer overflow in the disassembly path. Commit...

CVE-2025-68343 can: gs_usb: gs_usb_receive_bulk_callback(): check actual_length before accessing header

In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbreceivebulkcallback: check actuallength before accessing header The driver expects to receive a struct gshostframe in gsusbreceivebulkcallback. Use structgroup to describe the header of the struct gshostframe and...

CVE-2025-68343

In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbreceivebulkcallback: check actuallength before accessing header The driver expects to receive a struct gshostframe in gsusbreceivebulkcallback. Use structgroup to describe the header of the struct gshostframe and...