CVE-2024-40964

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: cs35l41: Possible null pointer dereference in cs35l41hdaunbind The cs35l41hdaunbind function clears the hdacomponent entry matching it's index and then dereferences the codec pointer held in the first element of the...

DEBIAN-CVE-2024-40964

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: cs35l41: Possible null pointer dereference in cs35l41hdaunbind The cs35l41hdaunbind function clears the hdacomponent entry matching it's index and then dereferences the codec pointer held in the first element of the...

CVE-2024-40965

In the Linux kernel, the following vulnerability has been resolved: i2c: lpi2c: Avoid calling clkgetrate during transfer Instead of repeatedly calling clkgetrate for each transfer, lock the clock rate and cache the value. A deadlock has been observed while adding tlv320aic32x4 audio codec to the...

CVE-2024-40965 i2c: lpi2c: Avoid calling clk_get_rate during transfer

In the Linux kernel, the following vulnerability has been resolved: i2c: lpi2c: Avoid calling clkgetrate during transfer Instead of repeatedly calling clkgetrate for each transfer, lock the clock rate and cache the value. A deadlock has been observed while adding tlv320aic32x4 audio codec to the...

CVE-2024-40965

CVE-2024-40965 (Linux kernel: i2c/lpi2c): The provided documents confirm a fix for a deadlock scenario in i2c-lpi2c where repeated clk_get_rate() calls during transfers could lock the clk mutex and cause deadlock when a tlv320aic32x4 codec is added. The resolution caches the clock rate and uses a...

CVE-2024-40965 i2c: lpi2c: Avoid calling clk_get_rate during transfer

In the Linux kernel, the following vulnerability has been resolved: i2c: lpi2c: Avoid calling clkgetrate during transfer Instead of repeatedly calling clkgetrate for each transfer, lock the clock rate and cache the value. A deadlock has been observed while adding tlv320aic32x4 audio codec to the...

CVE-2024-40964 ALSA: hda: cs35l41: Possible null pointer dereference in cs35l41_hda_unbind()

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: cs35l41: Possible null pointer dereference in cs35l41hdaunbind The cs35l41hdaunbind function clears the hdacomponent entry matching it's index and then dereferences the codec pointer held in the first element of the...

CVE-2024-40964 ALSA: hda: cs35l41: Possible null pointer dereference in cs35l41_hda_unbind()

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: cs35l41: Possible null pointer dereference in cs35l41hdaunbind The cs35l41hdaunbind function clears the hdacomponent entry matching it's index and then dereferences the codec pointer held in the first element of the...

Security Bulletin: IBM Maximo Application Suite- Manage component uses Insecure version of netty codec used in mas-data-dictionary-lib which is vulnerable to CVE-2024-29025

Summary IBM Maximo Application Suite- Manage component uses Insecure version of netty codec used in mas-data-dictionary-lib which is vulnerable to CVE-2024-29025. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-29025 DESCRIPTION...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a potential null pointer dereference issue in the media:mtk-vcodec component in the SCP...

Important: Red Hat Security Advisory: Red Hat Data Grid 8.5.0 security update

An update for Red Hat Data Grid 8 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 9.1.0

Summary In addition to updates of open source dependencies, the following security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 9.1.0 Vulnerability Details IBM X-Force ID: 177835 DESCRIPTION: Apache Commons Codec could allow a remote attacker to obtain sensitiv...

Libde265 Security Vulnerability

Structure AG Libde265 is an h.265 video codec from Structure AG, Germany. A security vulnerability exists in Libde265 version v1.0.15, which stems from a buffer overflow issue in the interceptormemcpy function, which could lead to a crash...

Malicious code in logstash_codec-cloudtrail (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in logstash_codec-cef (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in logstash_codec-avro (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in logstash-codec-bulk-es (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in logstash-codec-avro-schema_registry (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

SUSE CVE-2022-48739

In the Linux kernel, the following vulnerability has been resolved: ASoC: hdmi-codec: Fix OOB memory accesses Correct size of iecstatus array by changing it to the size of status array of the struct sndaesiec958. This fixes out-of-bounds slab read accesses made by memcpy of the hdmi-codec driver...

SUSE CVE-2024-38551

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: Assign dummy when codec not specified for a DAI link MediaTek sound card drivers are checking whether a DAI link is present and used on a board to assign the correct parameters and this is done by checking the cod...