CVE-2022-49881 wifi: cfg80211: fix memory leak in query_regdb_file()

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: fix memory leak in queryregdbfile In the function queryregdbfile the alpha2 parameter is duplicated using kmemdup and subsequently freed in regdbfwcb. However, requestfirmwarenowait can fail without calling...

CVE-2022-49830 drm/drv: Fix potential memory leak in drm_dev_init()

In the Linux kernel, the following vulnerability has been resolved: drm/drv: Fix potential memory leak in drmdevinit drmdevinit will add drmdevinitrelease as a callback. When drmmaddaction failed, the release function won't be added. As the result, the ref cnt added by deviceget in drmdevinit won...

PT-2025-18637 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel's netfilter: nf tables has been identified. The issue involves the netlink notifier, which could potentially race to release objects. This occurs...

PT-2025-17632 · Insyde · Insydeh2O

Name of the Vulnerable Software and Affected Versions: Insyde InsydeH2O kernel versions 5.2 through 5.7 before version 05.70.50 Description: An issue was discovered in the InsydeH2O kernel, where the SmmUpdateVariablePropertySmi function, a SMM callback function in the VariableRuntimeDxe driver,...

SUSE CVE-2025-22025

In the Linux kernel, the following vulnerability has been resolved: nfsd: put dlstid if fail to queue dlrecall Before calling nfsd4runcb to queue dlrecall to the callbackwq, we increment the reference count of dlstid. We expect that after the corresponding workstruct is processed, the reference...

SUSE CVE-2025-22027

In the Linux kernel, the following vulnerability has been resolved: media: streamzap: fix race between device disconnection and urb callback Syzkaller has reported a general protection fault at function irraweventstorewithfilter. This crash is caused by a NULL pointer dereference of dev-raw...

CVE-2025-22025

In the Linux kernel, the following vulnerability has been resolved: nfsd: put dlstid if fail to queue dlrecall Before calling nfsd4runcb to queue dlrecall to the callbackwq, we increment the reference count of dlstid. We expect that after the corresponding workstruct is processed, the reference...

UBUNTU-CVE-2025-22025

In the Linux kernel, the following vulnerability has been resolved: nfsd: put dlstid if fail to queue dlrecall Before calling nfsd4runcb to queue dlrecall to the callbackwq, we increment the reference count of dlstid. We expect that after the corresponding workstruct is processed, the reference...

CVE-2025-22027

In the Linux kernel, the following vulnerability has been resolved: media: streamzap: fix race between device disconnection and urb callback Syzkaller has reported a general protection fault at function irraweventstorewithfilter. This crash is caused by a NULL pointer dereference of dev-raw...

CVE-2025-22027 media: streamzap: fix race between device disconnection and urb callback

In the Linux kernel, the following vulnerability has been resolved: media: streamzap: fix race between device disconnection and urb callback Syzkaller has reported a general protection fault at function irraweventstorewithfilter. This crash is caused by a NULL pointer dereference of dev-raw...

CVE-2025-22027

CVE-2025-22027 affects the Linux kernel, specifically the media: streamzap component. The issue is a race between device disconnection and urb callback that leads to a NULL pointer dereference of dev->raw in ir_raw_event_store_with_filter, even though NULL checks exist in the function. The roo...

CVE-2025-22025 nfsd: put dl_stid if fail to queue dl_recall

In the Linux kernel, the following vulnerability has been resolved: nfsd: put dlstid if fail to queue dlrecall Before calling nfsd4runcb to queue dlrecall to the callbackwq, we increment the reference count of dlstid. We expect that after the corresponding workstruct is processed, the reference...

CVE-2025-22025

CVE-2025-22025 concerns the Linux kernel NFS server (nfsd) where, before queuing dl_recall in nfsd4_run_cb, the code increments a reference count on dl_stid. If queuing fails, the callback path does not run, and the corresponding dl_stid reference is not decremented, leading to a leak of nfs4_sti...

Server Side Request Forgery (SSRF)

LNbits is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to improper validation of callback URLs in the LNURL authentication handling functionality, allowing attackers to access internal resources by specifying internal network addresses...

The vulnerability of the ipheth_rcvbulk_callback() function in the Linux kernel’s USB device driver support mechanism allows a hacker to induce a service failure.

The vulnerability of the iphethrcvbulkcallback function in the Linux kernel’s USB device driver support routine is related to improper disabling or release of resources. Exploiting this vulnerability could allow an attacker to cause a service failure...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a streamzap device disconnect and urb callback contention condition...

CVE-2022-43590

A null pointer dereference vulnerability exists in the handleioctl0x830a0systembuffer functionality of Callback technologies CBFS Filter 20.0.8317. A specially crafted I/O request packet IRP can lead to denial of service. An attacker can issue an ioctl to trigger this vulnerability...

CVE-2022-43589

A null pointer dereference vulnerability exists in the handleioctl8314C functionality of Callback technologies CBFS Filter 20.0.8317. A specially crafted I/O request packet IRP can lead to denial of service. An attacker can issue an ioctl to trigger this vulnerability...

CVE-2022-43588

A null pointer dereference vulnerability exists in the handleioctl83150 functionality of Callback technologies CBFS Filter 20.0.8317. A specially crafted I/O request packet IRP can lead to denial of service. An attacker can issue an ioctl to trigger this vulnerability...

The vulnerability of the on_frame_recv_callback() function (soup-server-message-io-http1.c) in the GNOME graphical interface library libsoup allows a attacker to cause a service failure.

The vulnerability of the onframerecvcallback function soup-server-message-io-http1.c in the GNOME graphical interface library libsoup is related to incorrect interpretation of input data when processing pseudoheaders such as :scheme, :authority, and :path. Exploitation of this vulnerability could...