474 matches found
CVE-2025-68258
In the Linux kernel, the following vulnerability has been resolved: comedi: multiq3: sanitize config options in multiq3attach Syzbot identified an issue 1 in multiq3attach that induces a task timeout due to open or COMEDIDEVCONFIG ioctl operations, specifically, in the case of multiq3 driver. Thi...
CVE-2025-68257
In the Linux kernel, the following vulnerability has been resolved: comedi: check device's attached status in compat ioctls Syzbot identified an issue 1 that crashes kernel, seemingly due to unexistent callback dev-getvalidroutes. By all means, this should not occur as said callback must always b...
UBUNTU-CVE-2025-68257
In the Linux kernel, the following vulnerability has been resolved: comedi: check device's attached status in compat ioctls Syzbot identified an issue 1 that crashes kernel, seemingly due to unexistent callback dev-getvalidroutes. By all means, this should not occur as said callback must always b...
CVE-2025-68258
In the Linux kernel, the following vulnerability has been resolved: comedi: multiq3: sanitize config options in multiq3attach Syzbot identified an issue 1 in multiq3attach that induces a task timeout due to open or COMEDIDEVCONFIG ioctl operations, specifically, in the case of multiq3 driver. Thi...
UBUNTU-CVE-2025-68258
In the Linux kernel, the following vulnerability has been resolved: comedi: multiq3: sanitize config options in multiq3attach Syzbot identified an issue 1 in multiq3attach that induces a task timeout due to open or COMEDIDEVCONFIG ioctl operations, specifically, in the case of multiq3 driver. Thi...
CVE-2025-68258 comedi: multiq3: sanitize config options in multiq3_attach()
In the Linux kernel, the following vulnerability has been resolved: comedi: multiq3: sanitize config options in multiq3attach Syzbot identified an issue 1 in multiq3attach that induces a task timeout due to open or COMEDIDEVCONFIG ioctl operations, specifically, in the case of multiq3 driver. Thi...
CVE-2025-68258
CVE-2025-68258 is a Linux kernel vulnerability in the comedi driver, specifically multiq3_attach(), where crafted config options could cause long task timeouts. Syzbot observed that setting s->n_chan via it->options[2] could trigger repeated multiq3_encoder_reset() calls, delaying processin...
CVE-2025-68258
In the Linux kernel, the following vulnerability has been resolved: comedi: multiq3: sanitize config options in multiq3attach Syzbot identified an issue 1 in multiq3attach that induces a task timeout due to open or COMEDIDEVCONFIG ioctl operations, specifically, in the case of multiq3 driver. Thi...
CVE-2025-68258 comedi: multiq3: sanitize config options in multiq3_attach()
In the Linux kernel, the following vulnerability has been resolved: comedi: multiq3: sanitize config options in multiq3attach Syzbot identified an issue 1 in multiq3attach that induces a task timeout due to open or COMEDIDEVCONFIG ioctl operations, specifically, in the case of multiq3 driver. Thi...
CVE-2025-68257 comedi: check device's attached status in compat ioctls
In the Linux kernel, the following vulnerability has been resolved: comedi: check device's attached status in compat ioctls Syzbot identified an issue 1 that crashes kernel, seemingly due to unexistent callback dev-getvalidroutes. By all means, this should not occur as said callback must always b...
CVE-2025-68257
In the Linux kernel, the following vulnerability has been resolved: comedi: check device's attached status in compat ioctls Syzbot identified an issue 1 that crashes kernel, seemingly due to unexistent callback dev-getvalidroutes. By all means, this should not occur as said callback must always b...
CVE-2025-68257
CVE-2025-68257 : Linux kernel COMEDI subsystem vulnerability where compat ioctl handlers could dereference a NULL callback when the device was not attached. Root cause: compat ioctls lacked a proper sanity check of device attached status, allowing a NULL dereference in path leading to a crash. Fi...
CVE-2025-68257 comedi: check device's attached status in compat ioctls
In the Linux kernel, the following vulnerability has been resolved: comedi: check device's attached status in compat ioctls Syzbot identified an issue 1 that crashes kernel, seemingly due to unexistent callback dev-getvalidroutes. By all means, this should not occur as said callback must always b...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the failure of compatible ioctl in comedi to check device connection status...
PT-2025-51670
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to handling device attachment status within compatible IOCTL handlers. Specifically, sanity checks for a device's attached status are missing in...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an unpurified configuration option in comedi:multiq3, which could lead to a task timeout...
Linux Distros Unpatched Vulnerability : CVE-2025-68257
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - comedi: check device's attached status in compat ioctls Syzbot identified an issue 1 that crashes kernel, seemingly due to unexistent callback dev-getvalidroute...
Linux Distros Unpatched Vulnerability : CVE-2025-68258
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - comedi: multiq3: sanitize config options in multiq3attach Syzbot identified an issue 1 in multiq3attach that induces a task timeout due to open or COMEDIDEVCONF...
PT-2025-51671
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the multiq3 driver related to configuration options within the multiq3 attach function. Syzbot identified that crafted configuration options,...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990577)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990577 advisory. In the Linux kernel, the following vulnerability has been resolved: comedi: vmk80xx: fix transfer-buffer overflows The driver uses endpoint-sized USB transfer buffer...