Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005696)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005696 advisory. In the Linux kernel, the following vulnerability has been resolved: drm: bridge: adv7511: unregister cec i2c device after cec adapter cecunregisteradapter assumes th...

Siemens SIMATIC Devices Use After Free (CVE-2024-23848)

In the Linux kernel through 6.7.1, there is a use-after-free in cecqueuemsgfh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986506)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986506 advisory. In the Linux kernel, the following vulnerability has been resolved: media: s5pcec: limit msg.len to CECMAXMSGSIZE I expect that the hardware will have limited this t...

CVE-2022-50412

In the Linux kernel, the following vulnerability has been resolved: drm: bridge: adv7511: unregister cec i2c device after cec adapter cecunregisteradapter assumes that the underlying adapter ops are callable. For example, if the CEC adapter currently has a valid physical address, then the...

DEBIAN-CVE-2022-50412

In the Linux kernel, the following vulnerability has been resolved: drm: bridge: adv7511: unregister cec i2c device after cec adapter cecunregisteradapter assumes that the underlying adapter ops are callable. For example, if the CEC adapter currently has a valid physical address, then the...

CVE-2022-50412 drm: bridge: adv7511: unregister cec i2c device after cec adapter

In the Linux kernel, the following vulnerability has been resolved: drm: bridge: adv7511: unregister cec i2c device after cec adapter cecunregisteradapter assumes that the underlying adapter ops are callable. For example, if the CEC adapter currently has a valid physical address, then the...

CVE-2022-50412 drm: bridge: adv7511: unregister cec i2c device after cec adapter

In the Linux kernel, the following vulnerability has been resolved: drm: bridge: adv7511: unregister cec i2c device after cec adapter cecunregisteradapter assumes that the underlying adapter ops are callable. For example, if the CEC adapter currently has a valid physical address, then the...

PT-2025-38429

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel where the cec unregister adapter function assumes the underlying adapter operations are callable. Specifically, unregistering the CEC adapter can...

CVE-2025-39713 media: rainshadow-cec: fix TOCTOU race condition in rain_interrupt()

In the Linux kernel, the following vulnerability has been resolved: media: rainshadow-cec: fix TOCTOU race condition in raininterrupt In the interrupt handler raininterrupt, the buffer full check on rain-buflen is performed before acquiring rain-buflock. This creates a Time-of-Check to Time-of-Us...

SUSE CVE-2022-49035

In the Linux kernel, the following vulnerability has been resolved: media: s5pcec: limit msg.len to CECMAXMSGSIZE I expect that the hardware will have limited this to 16, but just in case it hasn't, check for this corner case...

kernel: use-after-free in cec_queue_msg_fh

A vulnerability was found in the Linux kernel. A use-after-free exists in cecqueuemsgfh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c...

USN-7007-3 linux-lowlatency, linux-lowlatency-hwe-5.15 vulnerabilities

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2024-23848 Chenyuan Yang discovered that the USB Gadget subsystem in...

USN-7007-1 linux, linux-aws, linux-aws-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-gkeop-5.15, linux-hwe-5.15, linux-ibm, linux-intel-iotg, linux-intel-iotg-5.15, linux-kvm, linux-nvidia, linux-oracle, linux-raspi vulnerabilities

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2024-23848 Chenyuan Yang discovered that the USB Gadget subsystem in...

UBUNTU-CVE-2024-26876

In the Linux kernel, the following vulnerability has been resolved: drm/bridge: adv7511: fix crash on irq during probe Moved IRQ registration down to end of adv7511probe. If an IRQ already is pending during adv7511probe before adv7511cecinit then cecreceivedmsgts could crash using uninitialized...

SUSE CVE-2024-23848

In the Linux kernel through 6.7.1, there is a use-after-free in cecqueuemsgfh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c...

DEBIAN-CVE-2024-23848

In the Linux kernel through 6.7.1, there is a use-after-free in cecqueuemsgfh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c...

AZL-33966 CVE-2024-23848 affecting package kernel 5.15.200.1-1

In the Linux kernel through 6.7.1, there is a use-after-free in cecqueuemsgfh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c...

kernel: drm: bridge: adv7511: unregister cec i2c device after cec adapter

In the Linux kernel, the following vulnerability has been resolved: drm: bridge: adv7511: unregister cec i2c device after cec adapter cecunregisteradapter assumes that the underlying adapter ops are callable. For example, if the CEC adapter currently has a valid physical address, then the...

PT-2022-35346 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.75 Description: The issue is related to the drm: bridge: adv7511, where the CEC I2C device is not unregistered after the CEC adapter is removed. This problem was introduced in version v4.15 and is fixed in...