55 matches found
DEBIAN-CVE-2022-50878
In the Linux kernel, the following vulnerability has been resolved: gpu: lontium-lt9611: Fix NULL pointer dereference in lt9611connectorinit A NULL check for bridge-encoder shows that it may be NULL, but it already been dereferenced on all paths leading to the check. 812 if !bridge-encoder...
DEBIAN-CVE-2022-50819
In the Linux kernel, the following vulnerability has been resolved: udmabuf: Set ubuf-sg = NULL if the creation of sg table fails When userspace tries to map the dmabuf and if for some reason e.g. OOM the creation of the sg table fails, ubuf-sg needs to be set to NULL. Otherwise, when the userspa...
DEBIAN-CVE-2022-50741
In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: Disable useless interrupt to avoid kernel panic There is a hardware bug that the interrupt STMBUFHALF may be triggered after or when disable interrupt. It may led to unexpected kernel panic. And interrupt...
DEBIAN-CVE-2022-50540
In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom-adm: fix wrong sizeof config in slaveconfig Fix broken slaveconfig function that uncorrectly compare the peripheralsize with the size of the config pointer instead of the size of the config struct. This cause the...
DEBIAN-CVE-2022-50507
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Validate data run offset This adds sanity checks for data run offset. We should make sure data run offset is legit before trying to unpack them, otherwise we may encounter use-after-free or some unexpected memory access...
DEBIAN-CVE-2022-50471
In the Linux kernel, the following vulnerability has been resolved: xen/gntdev: Accommodate VMA splitting Prior to this commit, the gntdev driver code did not handle the following scenario correctly with paravirtualized PV Xen domains: User process sets up a gntdev mapping composed of two grant...
DEBIAN-CVE-2022-50463
In the Linux kernel, the following vulnerability has been resolved: powerpc/52xx: Fix a resource leak in an error handling path The error handling path of mpc52xxlpbfifoprobe has a requestirq that is not balanced by a corresponding freeirq. Add the missing call, as already done in the remove...
DEBIAN-CVE-2022-50437
In the Linux kernel, the following vulnerability has been resolved: drm/msm/hdmi: fix memory corruption with too many bridges Add the missing sanity check on the bridge counter to avoid corrupting data beyond the fixed-sized bridge array in case there are ever more than eight bridges. Patchwork:...
DEBIAN-CVE-2022-50062
In the Linux kernel, the following vulnerability has been resolved: net: bgmac: Fix a BUG triggered by wrong bytescompl On one of our machines we got: kernel BUG at lib/dynamicqueuelimits.c:27! Internal error: Oops - BUG: 0 1 PREEMPT SMP ARM CPU: 0 PID: 1166 Comm: irq/41-bgmac Tainted: G W O...
DEBIAN-CVE-2022-49953
In the Linux kernel, the following vulnerability has been resolved: iio: light: cm3605: Fix an error handling path in cm3605probe The commit in Fixes also introduced a new error handling path which should goto the existing error handling path. Otherwise some resources leak...
DEBIAN-CVE-2022-49906
In the Linux kernel, the following vulnerability has been resolved: ibmvnic: Free rwi on reset success Free the rwi structure in the event that the last rwi in the list processed successfully. The logic in commit 4f408e1fa6e1 "ibmvnic: retry reset if there are no other resets" introduces an issue...
DEBIAN-CVE-2022-49636
In the Linux kernel, the following vulnerability has been resolved: vlan: fix memory leak in vlannewlink Blamed commit added back a bug I fixed in commit 9bbd917e0bec "vlan: fix memory leak in vlandevsetegresspriority" If a memory allocation fails in vlanchangelink after other allocations...
DEBIAN-CVE-2022-49448
In the Linux kernel, the following vulnerability has been resolved: soc: bcm: Check for NULL return of devmkzalloc As the potential failure of allocation, devmkzalloc may return NULL. Then the 'pd-pmb' and the follow lines of code may bring null pointer dereference. Therefore, it is better to che...
DEBIAN-CVE-2022-49249
In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wc938x: fix accessing array out of bounds for enum type Accessing enums using integer would result in array out of bounds access on platforms like aarch64 where sizeoflong is 8 compared to enum size which is 4 bytes...
DEBIAN-CVE-2022-49232
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix a NULL pointer dereference in amdgpudmconnectoraddcommonmodes In amdgpudmconnectoraddcommonmodes, amdgpudmcreatecommonmode is assigned to mode and is passed to drmmodeprobedadd directly after that...
DEBIAN-CVE-2022-4964
Ubuntu's pipewire-pulse in snap grants microphone access even when the snap interface for audio-record is not set...
DEBIAN-CVE-2022-47663
GPAC MP4box 2.1-DEV-rev649-ga8f438d20 is vulnerable to buffer overflow in h263dmxprocess filters/reframeh263.c:609...
DEBIAN-CVE-2022-42265
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer nvidia.ko, where an integer overflow may lead to information disclosure or data tampering...
DEBIAN-CVE-2022-42255
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer nvidia.ko, where an out-of-bounds array access may lead to denial of service, information disclosure, or data tampering...
DEBIAN-CVE-2022-41977
An out of bounds read vulnerability exists in the way OpenImageIO version v2.3.19.0 processes string fields in TIFF image files. A specially-crafted TIFF file can lead to information disclosure. An attacker can provide a malicious file to trigger this vulnerability...