3974 matches found
SUSE CVE-2023-53673
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: call disconnect callback before deleting conn In hcicsdisconnect, we do hciconndel even if disconnection failed. ISO, L2CAP and SCO connections refer to the hciconn without hciconnget, so disconncfm must be...
EUVD-2025-31825
Vulnerability in the melis-core module of Melis Technology's Melis Platform, which, if exploited, allows an unauthenticated attacker to create an administrator account via a request to '/melis/MelisCore/ToolUser/addNewUser'...
SUSE CVE-2023-53636
In the Linux kernel, the following vulnerability has been resolved: clk: microchip: fix potential UAF in auxdev release callback Similar to commit 1c11289b34ab "peci: cpu: Fix use-after-free in adevrelease", the auxiliary device is not torn down in the correct order. If auxiliarydeviceadd fails,...
CVE-2023-53636
In the Linux kernel, the following vulnerability has been resolved: clk: microchip: fix potential UAF in auxdev release callback Similar to commit 1c11289b34ab "peci: cpu: Fix use-after-free in adevrelease", the auxiliary device is not torn down in the correct order. If auxiliarydeviceadd fails,...
CVE-2022-50542
In the Linux kernel, the following vulnerability has been resolved: media: si470x: Fix use-after-free in si470xintincallback syzbot reported use-after-free in si470xintincallback 1. This indicates that urb-context, which contains struct si470xdevice object, is freed when si470xintincallback is...
CVE-2022-50510
In the Linux kernel, the following vulnerability has been resolved: perf/smmuv3: Fix hotplug callback leak in armsmmupmuinit armsmmupmuinit won't remove the callback added by cpuhpsetupstatemulti when platformdriverregister failed. Remove the callback by cpuhpremovemultistate in fail path. Simila...
UBUNTU-CVE-2023-53636
In the Linux kernel, the following vulnerability has been resolved: clk: microchip: fix potential UAF in auxdev release callback Similar to commit 1c11289b34ab "peci: cpu: Fix use-after-free in adevrelease", the auxiliary device is not torn down in the correct order. If auxiliarydeviceadd fails,...
UBUNTU-CVE-2022-50542
In the Linux kernel, the following vulnerability has been resolved: media: si470x: Fix use-after-free in si470xintincallback syzbot reported use-after-free in si470xintincallback 1. This indicates that urb-context, which contains struct si470xdevice object, is freed when si470xintincallback is...
UBUNTU-CVE-2022-50551
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix potential shift-out-of-bounds in brcmffwallocrequest This patch fixes a shift-out-of-bounds in brcmfmac that occurs in BITchiprev when a 'chiprev' provided by the device is too large. It should also not be equ...
UBUNTU-CVE-2023-53673
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: call disconnect callback before deleting conn In hcicsdisconnect, we do hciconndel even if disconnection failed. ISO, L2CAP and SCO connections refer to the hciconn without hciconnget, so disconncfm must be...
EUVD-2025-32765
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: call disconnect callback before deleting conn In hcicsdisconnect, we do hciconndel even if disconnection failed. ISO, L2CAP and SCO connections refer to the hciconn without hciconnget, so disconncfm must be...
CVE-2023-53673 Bluetooth: hci_event: call disconnect callback before deleting conn
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: call disconnect callback before deleting conn In hcicsdisconnect, we do hciconndel even if disconnection failed. ISO, L2CAP and SCO connections refer to the hciconn without hciconnget, so disconncfm must be...
CVE-2023-53673 Bluetooth: hci_event: call disconnect callback before deleting conn
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: call disconnect callback before deleting conn In hcicsdisconnect, we do hciconndel even if disconnection failed. ISO, L2CAP and SCO connections refer to the hciconn without hciconnget, so disconncfm must be...
CVE-2023-53673 Bluetooth: hci_event: call disconnect callback before deleting conn
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: call disconnect callback before deleting conn In hcicsdisconnect, we do hciconndel even if disconnection failed. ISO, L2CAP and SCO connections refer to the hciconn without hciconnget, so disconncfm must be...
CVE-2023-53673
The CVE-2023-53673 issue is a Linux kernel Bluetooth vulnerability in the hci_event path. In hci_cs_disconnect, hci_conn_del is called even when disconnection failed, and ISO/L2CAP/SCO can reference hci_conn without hci_conn_get, so disconn_cfm must be called to clean up the conn; otherwise a use...
CVE-2023-53673
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: call disconnect callback before deleting conn In hcicsdisconnect, we do hciconndel even if disconnection failed. ISO, L2CAP and SCO connections refer to the hciconn without hciconnget, so disconncfm must be...
CVE-2023-53673
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: call disconnect callback before deleting conn In hcicsdisconnect, we do hciconndel even if disconnection failed. ISO, L2CAP and SCO connections refer to the hciconn without hciconnget, so disconncfm must be...
CVE-2022-50542 media: si470x: Fix use-after-free in si470x_int_in_callback()
In the Linux kernel, the following vulnerability has been resolved: media: si470x: Fix use-after-free in si470xintincallback syzbot reported use-after-free in si470xintincallback 1. This indicates that urb-context, which contains struct si470xdevice object, is freed when si470xintincallback is...
CVE-2022-50542
CVE-2022-50542 affects the Linux kernel media/si470x driver. A use-after-free occurs in si470x_int_in_callback() when urb->context (holding a si470x_device) is freed if si470x_start_usb() has submitted a URB but the subsequent si470x_start() path fails. The fix ensures URBs are destroyed when ...
CVE-2022-50542 media: si470x: Fix use-after-free in si470x_int_in_callback()
In the Linux kernel, the following vulnerability has been resolved: media: si470x: Fix use-after-free in si470xintincallback syzbot reported use-after-free in si470xintincallback 1. This indicates that urb-context, which contains struct si470xdevice object, is freed when si470xintincallback is...