13680 matches found
AZL-70123 CVE-2023-53042 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Do not set DRR on pipe Commit WHY Writing to DRR registers such as OTGVTOTALMIN on the same frame as a pipe commit can cause underflow...
UBUNTU-CVE-2023-53042
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Do not set DRR on pipe Commit WHY Writing to DRR registers such as OTGVTOTALMIN on the same frame as a pipe commit can cause underflow...
CVE-2023-53042 drm/amd/display: Do not set DRR on pipe Commit
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Do not set DRR on pipe Commit WHY Writing to DRR registers such as OTGVTOTALMIN on the same frame as a pipe commit can cause underflow...
CVE-2023-53042
CVE-2023-53042 : In the Linux kernel, the drm/amd/display component was vulnerable when writing DRR registers (e.g., OTG_V_TOTAL_MIN) in the same frame as a pipe commit, which could cause underflow. The issue has been resolved by preventing DRR from being set on a pipe commit. The available conne...
CVE-2023-53042 drm/amd/display: Do not set DRR on pipe Commit
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Do not set DRR on pipe Commit WHY Writing to DRR registers such as OTGVTOTALMIN on the same frame as a pipe commit can cause underflow...
DEBIAN-CVE-2022-49919
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: release flow rule object from commit path No need to postpone this to the commit release path, since no packets are walking over this object, this is accessed from control plane only. This helped uncovered UA...
CVE-2022-49888
In the Linux kernel, the following vulnerability has been resolved: arm64: entry: avoid kprobe recursion The cortexa76erratum1463225debughandler function is called when handling debug exceptions and synchronous exceptions from BRK instructions, and so is called when a probed function executes. If...
CVE-2022-49920
Affected product: Linux kernel (netfilter nf_tables). Vulnerability arises from a race in the netlink notifier during object release after the RCU grace period, where the netlink notifier handler might win a race to remove objects still referenced by the transaction context. Root cause: commit re...
CVE-2022-49919 netfilter: nf_tables: release flow rule object from commit path
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: release flow rule object from commit path No need to postpone this to the commit release path, since no packets are walking over this object, this is accessed from control plane only. This helped uncovered UA...
CVE-2022-49919 netfilter: nf_tables: release flow rule object from commit path
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: release flow rule object from commit path No need to postpone this to the commit release path, since no packets are walking over this object, this is accessed from control plane only. This helped uncovered UA...
CVE-2022-49916 rose: Fix NULL pointer dereference in rose_send_frame()
In the Linux kernel, the following vulnerability has been resolved: rose: Fix NULL pointer dereference in rosesendframe The syzkaller reported an issue: KASAN: null-ptr-deref in range 0x0000000000000380-0x0000000000000387 CPU: 0 PID: 4069 Comm: kworker/0:15 Not tainted...
CVE-2022-49916
CVE-2022-49916 covers a NULL pointer dereference in the Linux kernel’s Rose protocol path (rose_send_frame). The issue surfaces when rose_loopback_neigh's neigh->dev is NULL, causing access to neigh->dev->dev_addr and triggering a NULL dereference in rose_send_frame (rose_link.c: rose_se...
CVE-2022-49916 rose: Fix NULL pointer dereference in rose_send_frame()
In the Linux kernel, the following vulnerability has been resolved: rose: Fix NULL pointer dereference in rosesendframe The syzkaller reported an issue: KASAN: null-ptr-deref in range 0x0000000000000380-0x0000000000000387 CPU: 0 PID: 4069 Comm: kworker/0:15 Not tainted...
CVE-2022-49844 can: dev: fix skb drop check
In the Linux kernel, the following vulnerability has been resolved: can: dev: fix skb drop check In commit a6d190f8c767 "can: skb: drop tx skb if in listen only mode" the priv-ctrlmode element is read even on virtual CAN interfaces that do not create the struct canpriv at startup. This...
The vulnerability of the get_znodes_to_commit() function in the fs/ubifs/tnc_commit.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the getznodestocommit function in the fs/ubifs/tnccommit.c module of the Linux operating system is related to the repeated use of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of...
On the Prevalence and Usage of Commit Signing on GitHub: a Longitudinal and Cross-Domain Study
GitHub is one of the most widely used public code development platform. However, the code hosted publicly on the platform is vulnerable to commit spoofing that allows an adversary to introduce malicious code or commits into the repository by spoofing the commit metadata to indicate that the code...
CVE-2025-43861
ManageWiki is a MediaWiki extension allowing users to manage wikis. Prior to commit 2f177dc, ManageWiki is vulnerable to reflected or stored XSS in the review dialog. A logged-in attacker must change a form field to include a malicious payload. If that same user then opens the "Review Changes"...
CVE-2025-32964
ManageWiki is a MediaWiki extension allowing users to manage wikis. Prior to commit 00bebea, when enabling a conflicting extension, a restricted extension would be automatically disabled even if the user did not hold the ManageWiki-restricted right. This issue has been patched in commit 00bebea. ...
CVE-2025-32956
ManageWiki is a MediaWiki extension allowing users to manage wikis. Versions before commit f504ed8, are vulnerable to SQL injection when renaming a namespace in Special:ManageWiki/namespaces when using a page prefix namespace name, which is the current namespace you are renaming with an injection...
CVE-2025-43861 ManageWiki Vulnerable to Self-XSS in review dialog via unsanitized field reflection
ManageWiki is a MediaWiki extension allowing users to manage wikis. Prior to commit 2f177dc, ManageWiki is vulnerable to reflected or stored XSS in the review dialog. A logged-in attacker must change a form field to include a malicious payload. If that same user then opens the "Review Changes"...