530 matches found
CVE-2024-50069 pinctrl: apple: check devm_kasprintf() returned value
In the Linux kernel, the following vulnerability has been resolved: pinctrl: apple: check devmkasprintf returned value devmkasprintf can return a NULL pointer on failure but this returned value is not checked. Fix this lack and check the returned value. Found by code review...
CVE-2024-47681
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: fix NULL pointer dereference in mt7996mcustabferhe Fix the NULL pointer dereference in mt7996mcustabferhe routine adding an sta interface to the mt7996 driver. Found by code review...
AZL-50649 CVE-2024-47681 affecting package kernel for versions less than 6.6.56.1-5
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: fix NULL pointer dereference in mt7996mcustabferhe Fix the NULL pointer dereference in mt7996mcustabferhe routine adding an sta interface to the mt7996 driver. Found by code review...
CVE-2024-47681
CVE-2024-47681 concerns the Linux kernel wifi driver for the mt76 MT7996. The issue is a NULL pointer dereference in the mt7996_mcu_sta_bfer_he routine when adding an STA interface to the MT7996 driver. The description indicates the vulnerability is resolved by fixing the NULL pointer dereference...
CVE-2024-47681 wifi: mt76: mt7996: fix NULL pointer dereference in mt7996_mcu_sta_bfer_he
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: fix NULL pointer dereference in mt7996mcustabferhe Fix the NULL pointer dereference in mt7996mcustabferhe routine adding an sta interface to the mt7996 driver. Found by code review...
CVE-2024-47681 wifi: mt76: mt7996: fix NULL pointer dereference in mt7996_mcu_sta_bfer_he
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: fix NULL pointer dereference in mt7996mcustabferhe Fix the NULL pointer dereference in mt7996mcustabferhe routine adding an sta interface to the mt7996 driver. Found by code review...
CBL Mariner 2.0 Security Update: kernel (CVE-2024-46685)
The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-46685 advisory. - In the Linux kernel, the following vulnerability has been resolved: pinctrl: single: fix potential NULL...
starcitizentools/citizen-skin vulnerable to stored, self-XSS in the "real name" field
Summary A user with the editmyprivateinfo right or who can otherwise change their name can XSS themselves by setting their "real name" to an XSS payload. Details Here's the offending line:...
UBUNTU-CVE-2024-46685
In the Linux kernel, the following vulnerability has been resolved: pinctrl: single: fix potential NULL dereference in pcsgetfunction pinmuxgenericgetfunction can return NULL and the pointer 'function' was dereferenced without checking against NULL. Add checking of pointer 'function' in...
CVE-2024-46685 pinctrl: single: fix potential NULL dereference in pcs_get_function()
In the Linux kernel, the following vulnerability has been resolved: pinctrl: single: fix potential NULL dereference in pcsgetfunction pinmuxgenericgetfunction can return NULL and the pointer 'function' was dereferenced without checking against NULL. Add checking of pointer 'function' in...
CVE-2024-46685
CVE-2024-46685 is a Linux kernel vulnerability involving the pinctrl/pinmux subsystem. The issue was a potential NULL dereference: pinmux_generic_get_function() could return NULL and PCS_get_function() dereferenced the pointer without NULL-checks. The fix adds a NULL check for the function pointe...
CVE-2024-46685 pinctrl: single: fix potential NULL dereference in pcs_get_function()
In the Linux kernel, the following vulnerability has been resolved: pinctrl: single: fix potential NULL dereference in pcsgetfunction pinmuxgenericgetfunction can return NULL and the pointer 'function' was dereferenced without checking against NULL. Add checking of pointer 'function' in...
CVE-2024-28200
The CVE-2024-28200 involves an authentication bypass in the N-central server user interface present in all deployments prior to version 2024.2. The N-central authentication bypass allows access to restricted UI areas without credentials. Connected sources confirm affected software: N-central prio...
CVE-2021-47516
In the Linux kernel, the following vulnerability has been resolved: nfp: Fix memory leak in nfpcppareacacheadd In line 800 1, nfpcppareaalloc allocates and initializes a CPP area structure. But in line 807 2, when the cache is allocated failed, this CPP area structure is not freed, which will...
CVE-2021-47541
In the Linux kernel, the following vulnerability has been resolved: net/mlx4en: Fix an use-after-free bug in mlx4entryallocresources In mlx4entryallocresources, mlx4encopypriv is called and tmp-txcq will be freed on the error path of mlx4encopypriv. After that mlx4enallocresources is called and...
CVE-2023-52829
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix possible out-of-bound write in ath12kwmiexthalregcaps regcap.phyid is extracted from WMI event and could be an unexpected value in case some errors happen. As a result out-of-bound write may occur to...
CVE-2023-52827
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix possible out-of-bound read in ath12khttpullppdustats len is extracted from HTT message and could be an unexpected value in case errors happen, so add validation before using to avoid possible out-of-bound read i...
CVE-2023-52827
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix possible out-of-bound read in ath12khttpullppdustats len is extracted from HTT message and could be an unexpected value in case errors happen, so add validation before using to avoid possible out-of-bound read i...
CVE-2023-52829
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix possible out-of-bound write in ath12kwmiexthalregcaps regcap.phyid is extracted from WMI event and could be an unexpected value in case some errors happen. As a result out-of-bound write may occur to...
CVE-2023-52829
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix possible out-of-bound write in ath12kwmiexthalregcaps regcap.phyid is extracted from WMI event and could be an unexpected value in case some errors happen. As a result out-of-bound write may occur to...