GSD-2022-1000408 xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create

xprtrdma: fix pointer derefs in error cases of rpcrdmaepcreate This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.102 by commit...

GSD-2022-1000331 libsubcmd: Fix use-after-free for realloc(..., 0)

libsubcmd: Fix use-after-free for realloc..., 0 This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.231 by commit...

GSD-2022-1000308 parisc: Fix data TLB miss in sba_unmap_sg

parisc: Fix data TLB miss in sbaunmapsg This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.268 by commit...

UVI-2021-1002009 powerpc/idle: Don't corrupt back chain when going idle

powerpc/idle: Don't corrupt back chain when going idle This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.156 by commit...

GSD-2021-1001850 dma-debug: fix sg checks in debug_dma_map_sg()

dma-debug: fix sg checks in debugdmamapsg This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.76 by commit...

UVI-2021-1001819 powerpc/idle: Don't corrupt back chain when going idle

powerpc/idle: Don't corrupt back chain when going idle This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.156 by commit...

UVI-2021-1001537 cpufreq: schedutil: Destroy mutex before kobject_put() frees the memory

cpufreq: schedutil: Destroy mutex before kobjectput frees the memory This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.249 by commit...

UVI-2021-1001516 cpufreq: schedutil: Destroy mutex before kobject_put() frees the memory

cpufreq: schedutil: Destroy mutex before kobjectput frees the memory This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.285 by commit...

GSD-2021-1001381 dma-buf/sync_file: Don't leak fences on merge failure

dma-buf/syncfile: Don't leak fences on merge failure This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.199 by commit...

UVI-2021-1001288 jfs: fix GPF in diFree

jfs: fix GPF in diFree This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.51 by commit 8018936950360f1c503bb385e158cfc5e4945d18. For more...

GSD-2021-1001211 fbmem: Do not delete the mode that is still in use

fbmem: Do not delete the mode that is still in use This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.13.4 by commit...

PT-2024-11252 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The TCP option parser in synproxy synproxy parse options could read one byte out of bounds. When the length is 1, the execution flow gets into the loop, reads one byte of the opcode, a...

UVI-2021-1000633 drm/meson: fix shutdown crash when component not probed

drm/meson: fix shutdown crash when component not probed This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.124 by commit...

UVI-2021-1000129 netfilter: conntrack: Make global sysctls readonly in non-init netns

netfilter: conntrack: Make global sysctls readonly in non-init netns This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.11.19 by commit...

UVI-2021-1000391 spi: stm32: Fix use-after-free on unbind

spi: stm32: Fix use-after-free on unbind This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.37 by commit...

eos buffer error vulnerability

eos is an open source smart contract platform. A stack overflow vulnerability exists in the 'abiserializer' function in versions after eos commit f1545dd0ae2b77580c2236fdb70ae7138d2c7168. An attacker can exploit this vulnerability by sending a network request to attack an eos network node...

Cisco Thor Stack Buffer Overflow Vulnerability

Cisco Thor decoder is a video coder/decoder from Cisco USA. A stack buffer overflow vulnerability exists in versions prior to Cisco Thor decoder commit 18de8f9f0762c3a542b1122589edb8af859d9813. A local attacker could exploit this vulnerability with a specially crafted Thor bitstream to cause a...