Lucene search
K

124 matches found

NVD
NVD
added 2025/09/05 6:15 p.m.3 views

CVE-2025-39713

In the Linux kernel, the following vulnerability has been resolved: media: rainshadow-cec: fix TOCTOU race condition in raininterrupt In the interrupt handler raininterrupt, the buffer full check on rain-buflen is performed before acquiring rain-buflock. This creates a Time-of-Check to Time-of-Us...

4.7CVSS0.00125EPSS
Exploits0References11
OSV
OSV
added 2025/09/05 6:15 p.m.5 views

UBUNTU-CVE-2025-39713

In the Linux kernel, the following vulnerability has been resolved: media: rainshadow-cec: fix TOCTOU race condition in raininterrupt In the interrupt handler raininterrupt, the buffer full check on rain-buflen is performed before acquiring rain-buflock. This creates a Time-of-Check to Time-of-Us...

4.7CVSS6.1AI score0.00125EPSS
Exploits0References36
CVE
CVE
added 2025/09/05 5:21 p.m.36 views

CVE-2025-39713

The CVE-2025-39713 entry concerns the Linux kernel media: rainshadow-cec driver, where rain_interrupt() performed a buffer-full check on rain->buf_len before acquiring rain->buf_lock. This TOCTOU race could allow concurrent interrupts to overflow the buffer (DATA_SIZE) by writing beyond cap...

4.7CVSS6.2AI score0.00125EPSS
Exploits0References11Affected Software1
Microsoft CVE
Microsoft CVE
added 2025/09/04 7:38 a.m.6 views

In the Linux kernel through 6.7.1, there is a use-after-free in cec_queue_msg_fh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c.

...

5.5CVSS7AI score0.00254EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/15 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2020-36766

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Linux kernel before 5.8.6. drivers/media/cec/core/cec-api.c leaks one byte of kernel memory on specific hardware to unprivileged...

3.3CVSS6.1AI score0.00226EPSS
Exploits0References2
OSV
OSV
added 2025/08/14 6:52 p.m.1 views

MAL-2025-10881 Malicious code in @zalastax/nolb-cec (npm)

The package @zalastax/nolb-cec was found to contain malicious code...

7.2AI score
Exploits0
OSV
OSV
added 2025/05/28 8:55 a.m.15 views

USN-7540-1 linux-raspi-5.4 vulnerabilities

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2024-23848 Attila Szász discovered that the HFS+ file system...

9.1CVSS6.8AI score0.09117EPSS
Exploits5References399
Ubuntu
Ubuntu
added 2025/05/28 8:55 a.m.15 views

USN-7540-1: Linux kernel (Raspberry Pi) vulnerabilities

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2024-23848 Attila Szász discovered that the HFS+ file system...

9.1CVSS8AI score0.09117EPSS
Exploits5
OSV
OSV
added 2025/05/28 8:35 a.m.5 views

USN-7539-1 linux-raspi vulnerabilities

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2024-23848 Attila Szász discovered that the HFS+ file system...

9.1CVSS6.8AI score0.09117EPSS
Exploits5References402
Tenable Nessus
Tenable Nessus
added 2025/05/28 12:0 a.m.36 views

Ubuntu 20.04 LTS : Linux kernel (Raspberry Pi) vulnerabilities (USN-7539-1)

"The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7539-1 advisory. Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cau...

9.1CVSS8AI score0.09117EPSS
Exploits5References398
Tenable Nessus
Tenable Nessus
added 2025/04/25 12:0 a.m.24 views

Ubuntu 18.04 LTS : Linux kernel (IBM) vulnerabilities (USN-7463-1)

"The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7463-1 advisory. Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cau...

7.8CVSS8AI score0.03558EPSS
Exploits1References166
OSV
OSV
added 2025/04/24 5:8 p.m.6 views

USN-7463-1 linux-ibm-5.4 vulnerabilities

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2024-23848 Attila Szász discovered that the HFS+ file system...

7.8CVSS6.9AI score0.03558EPSS
Exploits1References168
RedHat Linux
RedHat Linux
added 2025/04/02 11:34 a.m.5 views

kernel: use-after-free in cec_queue_msg_fh

A vulnerability was found in the Linux kernel. A use-after-free exists in cecqueuemsgfh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c...

5.5CVSS7.2AI score0.00254EPSS
Exploits0References5
OSV
OSV
added 2025/04/01 5:44 p.m.11 views

USN-7401-1 linux-aws-5.4 vulnerabilities

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2024-23848 Attila Szász discovered that the HFS+ file system...

9.1CVSS6.7AI score0.03558EPSS
Exploits2References296
OSV
OSV
added 2025/04/01 5:40 p.m.8 views

USN-7392-4 linux-aws-fips vulnerabilities

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2024-23848 Attila Szász discovered that the HFS+ file system...

7.8CVSS6.8AI score0.03558EPSS
Exploits1References155
Ubuntu
Ubuntu
added 2025/04/01 5:3 p.m.17 views

USN-7392-3: Linux kernel (AWS) vulnerabilities

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2024-23848 Attila Szász discovered that the HFS+ file system...

7.8CVSS8AI score0.03558EPSS
Exploits1
OSV
OSV
added 2025/04/01 5:3 p.m.22 views

USN-7392-3 linux-aws vulnerabilities

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2024-23848 Attila Szász discovered that the HFS+ file system...

7.8CVSS6.7AI score0.03558EPSS
Exploits1References155
Tenable Nessus
Tenable Nessus
added 2025/04/01 12:0 a.m.15 views

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-7391-1)

"The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7391-1 advisory. Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use...

7.8CVSS7.9AI score0.03558EPSS
Exploits1References153
OSV
OSV
added 2025/03/28 6:49 p.m.2 views

USN-7392-2 linux-azure-fips, linux-gcp-fips vulnerabilities

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2024-23848 Attila Szász discovered that the HFS+ file system...

7.8CVSS7.1AI score0.03558EPSS
Exploits1References155
OSV
OSV
added 2025/03/28 6:47 p.m.3 views

USN-7393-1 linux-fips vulnerabilities

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2024-23848 Attila Szász discovered that the HFS+ file system...

9.1CVSS6.7AI score0.03558EPSS
Exploits2References296
Rows per page
Query Builder