ROS-20260112-7367

A vulnerability in the mtk-cmdq component of the Linux operating system kernel is related to improper control of resource identifiers. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

EUVD-2023-24936

Malicious code in bioql PyPI...

EUVD-2025-5201

Malicious code in bioql PyPI...

EUVD-2022-25289

Malicious code in bioql PyPI...

EUVD-2023-25002

Malicious code in bioql PyPI...

CVE-2022-50387 net: hinic: fix the issue of CMDQ memory leaks

In the Linux kernel, the following vulnerability has been resolved: net: hinic: fix the issue of CMDQ memory leaks When hinicsetcmdqdepth fails in hinicinitcmdqs, the cmdq memory is not released correctly. Fix it...

PT-2025-38335

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak issue was resolved in the Linux kernel’s networking subsystem net: hinic. Specifically, when the hinic set cmdq depth function fails during the hinic init cmdqs function...

The vulnerability of the mtk-cmdq component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the mtk-cmdq component in the Linux operating system’s kernel is related to improper control of resource identifiers. Exploiting this vulnerability can allow an attacker to cause a service failure...

CVE-2024-20116

In cmdq, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09057438; Issue ID: MSV-1696...

CVE-2023-20823

In cmdq, there is a possible out of bounds read due to an incorrect status check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08021592; Issue ID: ALPS08021592...

CVE-2023-20757

In cmdq, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07636133; Issue ID: ALPS07636133...

CVE-2023-20758

In cmdq, there is a possible memory corruption due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07636133; Issue ID: ALPS07636130...

CVE-2022-20029

In cmdq driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05747150; Issue ID: ALPS05747150...

CVE-2024-58018

In the Linux kernel, the following vulnerability has been resolved: nvkm: correctly calculate the available space of the GSP cmdq buffer r535gspcmdqpush waits for the available page in the GSP cmdq buffer when handling a large RPC request. When it sees at least one available page in the cmdq, it...

CVE-2024-58018

The CVE-2024-58018 issue affects the Linux kernel’s GSP command queue path within the Nouveau nvkm/GSP code. The root cause is in r535_gsp_cmdq_push/r535_gsp_msgq_wait logic: when handling large RPCs, the code treats the available pages as (write pointer, buf_size) and exits the wait prematurely,...

CVE-2024-58018 nvkm: correctly calculate the available space of the GSP cmdq buffer

In the Linux kernel, the following vulnerability has been resolved: nvkm: correctly calculate the available space of the GSP cmdq buffer r535gspcmdqpush waits for the available page in the GSP cmdq buffer when handling a large RPC request. When it sees at least one available page in the cmdq, it...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: mailbox: mtk-cmdq: Move devmmboxcontrollerregister after devmpmruntimeenable. When mtk-cmdq unbind itself, a WARNON message with the condition pmruntimegetsync 0 is generated. According to the call trace below: cmdqmboxshutdown...

The vulnerability of the pm_runtime_get_sync() function in the mtk-cmdq component of the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the pmruntimegetsync function in the mtk-cmdq component of the Linux operating system is related to the lack of code checks for function return values. Exploiting this vulnerability could allow an attacker to cause a service failure...

CVE-2024-53225

In the Linux kernel, the following vulnerability has been resolved: iommu/tegra241-cmdqv: Fix alignment failure at maxnshift When configuring a kernel with PAGESIZE=4KB, depending on its setting of CONFIGCMAALIGNMENT, VCMDQLOG2SIZEMAX=19 could fail the alignment test and trigger a WARNON: WARNING...

SUSE CVE-2024-56684

In the Linux kernel, the following vulnerability has been resolved: mailbox: mtk-cmdq: fix wrong use of sizeof in cmdqgetclocks It should be size of the struct clkbulkdata, not data pointer pass to devmkcalloc...