CVE-2022-49252 ASoC: codecs: rx-macro: fix accessing array out of bounds for enum type

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: rx-macro: fix accessing array out of bounds for enum type Accessing enums using integer would result in array out of bounds access on platforms like aarch64 where sizeoflong is 8 compared to enum size which is 4 byt...

CVE-2022-49252

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: rx-macro: fix accessing array out of bounds for enum type Accessing enums using integer would result in array out of bounds access on platforms like aarch64 where sizeoflong is 8 compared to enum size which is 4 byt...

CVE-2022-49251 ASoC: codecs: va-macro: fix accessing array out of bounds for enum type

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: va-macro: fix accessing array out of bounds for enum type Accessing enums using integer would result in array out of bounds access on platforms like aarch64 where sizeoflong is 8 compared to enum size which is 4 byt...

CVE-2022-49250

CVE-2022-49250 : In the Linux kernel ASoC codecs rx-macro path, the AUX interpolator may access compander data without checking that compander exists, potentially causing an out-of-bounds access in the comp_enabled[] array. The issue is resolved by adding a guard before accessing compander data. ...

CVE-2022-49249 ASoC: codecs: wc938x: fix accessing array out of bounds for enum type

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wc938x: fix accessing array out of bounds for enum type Accessing enums using integer would result in array out of bounds access on platforms like aarch64 where sizeoflong is 8 compared to enum size which is 4 bytes...

CVE-2022-49249 ASoC: codecs: wc938x: fix accessing array out of bounds for enum type

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wc938x: fix accessing array out of bounds for enum type Accessing enums using integer would result in array out of bounds access on platforms like aarch64 where sizeoflong is 8 compared to enum size which is 4 bytes...

CVE-2022-49239 ASoC: codecs: wcd934x: Add missing of_node_put() in wcd934x_codec_parse_data

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd934x: Add missing ofnodeput in wcd934xcodecparsedata The devicenode pointer is returned by ofparsephandle with refcount incremented. We should use ofnodeput on it when done. This is similar to commit 64b92de9603f...

blit-server (>=0.20.0 <=0.28.3), gridvid (>=0.1.0 <=0.3.0) +7 more potentially affected by CVE-2025-27091 via openh264-sys2 (>=0.1.17 <=0.7.1)

openh264-sys2 CARGO version =0.1.17, =0.20.0, =0.1.0, =0.1.9, =0.1.33, =0.2.0, =0.1.0, =0.4.0, =0.5.5 Source cves: CVE-2025-27091 Source advisory: OSV:RUSTSEC-2025-0008...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: In hci, fix for null-ptr-deref in hcireadsupportedcodecs. Fix hcicmdsyncsk to return NOT NULL for unknown opcodes. hcicmdsyncsk returns NULL if a command returns a status event. However, it also returns NULL when an...

Bluetooth: hci: fix null-ptr-deref in hci_read_supported_codecs

...

CVE-2024-48858 Vulnerabilities in TIFF and PCX Image Codecs Impact QNX Software Development Platform

Improper input validation in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause a denial-of-service condition in the context of the process using the image codec...

CVE-2024-48858

CVE-2024-48858 affects QNX SDP (Blackberry) PCX image codec in SDP versions 8.0, 7.1, and 7.0. The root cause is improper input validation in the PCX image codec, which could allow an unauthenticated attacker to trigger a denial-of-service condition in the context of the process using the image c...

CVE-2024-48857

The CVE-2024-48857 entry describes a NULL pointer dereference in the PCX image codec of QNX SDP (Blackberry) affecting versions 8.0, 7.1 and 7.0. The underlying issue is triggered during image codec handling, allowing an unauthenticated attacker to cause a denial-of-service condition in the conte...

CVE-2024-48857 Vulnerabilities in TIFF and PCX Image Codecs Impact QNX Software Development Platform

NULL pointer dereference in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause a denial-of-service condition in the context of the process using the image codec...

CVE-2024-48856 Vulnerabilities in TIFF and PCX Image Codecs Impact QNX Software Development Platform

Out-of-bounds write in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause a denial-of-service condition or execute code in the context of the process using the image codec...

CVE-2024-48855

CVE-2024-48855 affects BlackBerry/QNX SDP: an out-of-bounds read in the TIFF image codec impacts SDP versions 8.0, 7.1 and 7.0, enabling an unauthenticated attacker to cause information disclosure within the process using the image codec. Reported impact aligns with information disclosure (confid...

SUSE CVE-2024-56685

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: Check numcodecs is not zero to avoid panic during probe Following commit 13f58267cda3 "ASoC: soc.h: don't create dummy Component via COMPDUMMY", COMPDUMMY became an array with zero length, and only gets populated...

CVE-2024-56685

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: Check numcodecs is not zero to avoid panic during probe Following commit 13f58267cda3 "ASoC: soc.h: don't create dummy Component via COMPDUMMY", COMPDUMMY became an array with zero length, and only gets populated...

kernel: Bluetooth: hci: fix null-ptr-deref in hci_read_supported_codecs

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci: fix null-ptr-deref in hcireadsupportedcodecs Fix hcicmdsyncsk to return not NULL for unknown opcodes. hcicmdsyncsk returns NULL if a command returns a status event. However, it also returns NULL where an opcode...

Synapse can be forced to thumbnail unexpected file formats, invoking external, potentially untrustworthy decoders

Impact In Synapse versions before 1.120.1, enabling the dynamicthumbnails option or processing a specially crafted request could trigger the decoding and thumbnail generation of uncommon image formats, potentially invoking external tools like Ghostscript for processing. This significantly expands...