CVE-2025-21999

In the Linux kernel, the following vulnerability has been resolved: proc: fix UAF in procgetinode Fix race between rmmod and /proc/XXX's inode instantiation. The bug is that pde-procops don't belong to /proc, it belongs to a module, therefore dereferencing it after /proc entry has been registered...

CVE-2025-21990 drm/amdgpu: NULL-check BO's backing store when determining GFX12 PTE flags

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: NULL-check BO's backing store when determining GFX12 PTE flags PRT BOs may not have any backing store, so bo-tbo.resource will be NULL. Check for that before dereferencing. cherry picked from commit...

CVE-2024-57930

CVE-2024-57930 : Linux kernel tracing fix. The vulnerability arises because process_string() did not consistently handle cases where a %s argument in TP_printk() referred to an array, risking unsafe dereferences of string data in trace events. The fix expands process_string() to treat references ...

PT-2024-29871

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.50 Description The issue is related to the ipvs module in the Linux kernel, where a vulnerability has been resolved by properly dereferencing pe in ip vs add service. This change also resolves a sparse warnin...

CVE-2021-3119

Zetetic SQLCipher 4.x before 4.4.3 has a NULL pointer dereferencing issue related to sqlcipherexport in crypto.c and sqlite3StrICmp in sqlite3.c. This may allow an attacker to perform a remote denial of service attack. For example, an SQL injection can be used to execute the crafted SQL command...