PT-2025-52977

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a memory leak in the dmaengine subsystem, specifically within the sf-pdma driver. A change introduced by commit b2cc5c465c2c altered the behavior of the sf pdma...

EUVD-2012-1145

Malware in sbrugna...

CVE-2022-50362 dmaengine: hisilicon: Add multi-thread support for a DMA channel

In the Linux kernel, the following vulnerability has been resolved: dmaengine: hisilicon: Add multi-thread support for a DMA channel When we get a DMA channel and try to use it in multiple threads it will cause oops and hanging the system. % echo 100 /sys/module/dmatest/parameters/threadsperchan ...

SUSE CVE-2022-50145

In the Linux kernel, the following vulnerability has been resolved: dmaengine: sf-pdma: Add multithread support for a DMA channel When we get a DMA channel and try to use it in multiple threads it will cause oops and hanging the system. % echo 64 /sys/module/dmatest/parameters/threadsperchan % ec...

CVE-2022-50145

In the Linux kernel, the following vulnerability has been resolved: dmaengine: sf-pdma: Add multithread support for a DMA channel When we get a DMA channel and try to use it in multiple threads it will cause oops and hanging the system. % echo 64 /sys/module/dmatest/parameters/threadsperchan % ec...

CVE-2022-50145 dmaengine: sf-pdma: Add multithread support for a DMA channel

In the Linux kernel, the following vulnerability has been resolved: dmaengine: sf-pdma: Add multithread support for a DMA channel When we get a DMA channel and try to use it in multiple threads it will cause oops and hanging the system. % echo 64 /sys/module/dmatest/parameters/threadsperchan % ec...

CVE-2024-43066 Use After Free in HLOS

Memory corruption while handling file descriptor during listener registration/de-registration...

CVE-2023-53014

The CVE-2023-53014 issue affects the Linux kernel’s DMA engine (tegra). It describes a memory leak that occurs when terminating an ongoing transfer: the vdesc must be terminated and placed in the desc_terminated list, with the descriptor freed later in desc_free_list(). The provided connected doc...

kernel: net: ena: Fix incorrect descriptor free behavior

This is a vulnerability in the Linux kernel's Elastic Network Adapter ENA driver, which manages network interfaces on certain platforms. The driver utilizes two types of transmit TX queues: one for packets from the network stack and another for packets directed by XDP eXpress Data Path operations...

CVE-2024-40970 Avoid hw_desc array overrun in dw-axi-dmac

In the Linux kernel, the following vulnerability has been resolved: Avoid hwdesc array overrun in dw-axi-dmac I have a use case where nrbuffers = 3 and in which each descriptor is composed by 3 segments, resulting in the DMA channel descsallocated to be 9. Since axidescput handles the hwdesc...

kernel: net: ena: Fix incorrect descriptor free behavior

This is a vulnerability in the Linux kernel's Elastic Network Adapter ENA driver, which manages network interfaces on certain platforms. The driver utilizes two types of transmit TX queues: one for packets from the network stack and another for packets directed by XDP eXpress Data Path operations...

kernel: net: ena: Fix incorrect descriptor free behavior

This is a vulnerability in the Linux kernel's Elastic Network Adapter ENA driver, which manages network interfaces on certain platforms. The driver utilizes two types of transmit TX queues: one for packets from the network stack and another for packets directed by XDP eXpress Data Path operations...

SUSE CVE-2024-26659

In the Linux kernel, the following vulnerability has been resolved: xhci: handle isoc Babble and Buffer Overrun events properly xHCI 4.9 explicitly forbids assuming that the xHC has released its ownership of a multi-TRB TD when it reports an error on one of the early TRBs. Yet the driver makes su...

CVE-2021-25370

An incorrect implementation handling file descriptor in dpu driver prior to SMR Mar-2021 Release 1 results in memory corruption leading to kernel panic...

CVE-2004-1270

lppasswd in CUPS 1.1.22, when run in environments that do not ensure that file descriptors 0, 1, and 2 are open when lppasswd is called, does not verify that the passwd.new file is different from STDERR, which allows local users to control output to passwd.new via certain user input that triggers...

ISC BIND 8.2.2 / IRIX 6.5.17 / Solaris 7.0 - NXT Overflow / Denial of Service

// source: https://www.securityfocus.com/bid/788/info There are several vulnerabilities in recent BIND packages pre 8.2.2. The first is a buffer overflow condition which is a result of BIND improperly validating NXT records. The consequence of this being exploited is a remote root compromise...