677 matches found
DEBIAN-CVE-2025-38412
In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-wmi-sysman: Fix WMI data block retrieval in sysfs callbacks After retrieving WMI data blocks in sysfs callbacks, check for the validity of them before dereferencing their content...
AZL-65684 CVE-2025-38412 affecting package kernel for versions less than 6.6.104.2-1
In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-wmi-sysman: Fix WMI data block retrieval in sysfs callbacks After retrieving WMI data blocks in sysfs callbacks, check for the validity of them before dereferencing their content...
UBUNTU-CVE-2025-38412
In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-wmi-sysman: Fix WMI data block retrieval in sysfs callbacks After retrieving WMI data blocks in sysfs callbacks, check for the validity of them before dereferencing their content...
CVE-2025-38412 platform/x86: dell-wmi-sysman: Fix WMI data block retrieval in sysfs callbacks
In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-wmi-sysman: Fix WMI data block retrieval in sysfs callbacks After retrieving WMI data blocks in sysfs callbacks, check for the validity of them before dereferencing their content...
CVE-2025-38412 platform/x86: dell-wmi-sysman: Fix WMI data block retrieval in sysfs callbacks
In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-wmi-sysman: Fix WMI data block retrieval in sysfs callbacks After retrieving WMI data blocks in sysfs callbacks, check for the validity of them before dereferencing their content...
CVE-2025-38412
CVE-2025-38412 affects the Linux kernel, specifically the platform/x86 + dell-wmi-sysman component. The issue arises when WMI data blocks retrieved in sysfs callbacks are dereferenced without validating their integrity, potentially leading to use-after-free or invalid access. The associated advis...
CVE-2025-38412
In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-wmi-sysman: Fix WMI data block retrieval in sysfs callbacks After retrieving WMI data blocks in sysfs callbacks, check for the validity of them before dereferencing their content...
DEBIAN-CVE-2025-38390
In the Linux kernel, the following vulnerability has been resolved: firmware: armffa: Fix memory leak by freeing notifier callback node Commit e0573444edbf "firmware: armffa: Add interfaces to request notification callbacks" adds support for notifier callbacks by allocating and inserting a callba...
CVE-2025-38390
In the Linux kernel, the following vulnerability has been resolved: firmware: armffa: Fix memory leak by freeing notifier callback node Commit e0573444edbf "firmware: armffa: Add interfaces to request notification callbacks" adds support for notifier callbacks by allocating and inserting a callba...
UBUNTU-CVE-2025-38390
In the Linux kernel, the following vulnerability has been resolved: firmware: armffa: Fix memory leak by freeing notifier callback node Commit e0573444edbf "firmware: armffa: Add interfaces to request notification callbacks" adds support for notifier callbacks by allocating and inserting a callba...
PT-2025-30790
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the arm ffa module related to notifier callbacks. A callback node is allocated and inserted into a hashtable during registration, but the associated memory is not...
dsipts (>=1.1.5 <=1.1.39), kedro-aim (>=0.1.1 <=0.1.3) +7 more potentially affected by CVE-2025-51464 via aim (>=3.17.4 <=3.29.1)
aim PYPI version =3.17.4, =1.1.5, =0.1.1, =0.0.1, =0.0.1, =0.0.20, =0.1.0, =0.5.6 Source cves: CVE-2025-51464 Source advisory: OSV:GHSA-GMVV-RJ92-9W35...
SUSE CVE-2025-25207
The Authorino service in the Red Hat Connectivity Link is the authorization service for zero trust API security. Authorino allows the users with developer persona to add callbacks to be executed to HTTP endpoints once the authorization process is completed. It was found that an attacker with...
CVE-2022-49956
In the Linux kernel, the following vulnerability has been resolved: staging: rtl8712: fix use after free bugs Read/WriteMACREG callbacks are NULL so the read/writemacreghdl functions don't do anything except free the "pcmd" pointer. It results in a use after free. Delete them...
SUSE CVE-2022-50144
In the Linux kernel, the following vulnerability has been resolved: soundwire: revisit driver bind/unbind and callbacks In the SoundWire probe, we store a pointer from the driver ops into the 'slave' structure. This can lead to kernel oopses when unbinding codec drivers, e.g. with the following...
CVE-2022-49956
In the Linux kernel, the following vulnerability has been resolved: staging: rtl8712: fix use after free bugs Read/WriteMACREG callbacks are NULL so the read/writemacreghdl functions don't do anything except free the "pcmd" pointer. It results in a use after free. Delete them...
UBUNTU-CVE-2022-49956
In the Linux kernel, the following vulnerability has been resolved: staging: rtl8712: fix use after free bugs Read/WriteMACREG callbacks are NULL so the read/writemacreghdl functions don't do anything except free the "pcmd" pointer. It results in a use after free. Delete them...
CVE-2022-50144
In the Linux kernel, the following vulnerability has been resolved: soundwire: revisit driver bind/unbind and callbacks In the SoundWire probe, we store a pointer from the driver ops into the 'slave' structure. This can lead to kernel oopses when unbinding codec drivers, e.g. with the following...
CVE-2022-49956
CVE-2022-49956 in the Linux kernel refers to a use-after-free bug in the rtl8712 staging driver. The issue arises because _Read/Write_MACREG callbacks are NULL, causing read/write_macreg_hdl() to only free the pcmd pointer. The fix removes these callbacks to prevent the use-after-free. The vulner...
Use After Free
Overview Affected versions of this package are vulnerable to Use After Free via improper handling of callback references during the destruction of the Channel object. An attacker can cause a fatal interpreter crash by triggering DNS queries that result in the Channel object being garbage collecte...