CVE-2023-53325 drm/mediatek: dp: Change logging to dev for mtk_dp_aux_transfer()

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: dp: Change logging to dev for mtkdpauxtransfer Change logging from drmerr,info to deverr,info in functions mtkdpauxtransfer and mtkdpauxdotransfer: this will be essential to avoid getting NULL pointer kernel panics ...

CVE-2023-53325

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: dp: Change logging to dev for mtkdpauxtransfer Change logging from drmerr,info to deverr,info in functions mtkdpauxtransfer and mtkdpauxdotransfer: this will be essential to avoid getting NULL pointer kernel panics ...

CVE-2023-53314

In the Linux kernel, the following vulnerability has been resolved: fbdev/ep93xx-fb: Do not assign to struct fbinfo.dev Do not assing the Linux device to struct fbinfo.dev. The call to registerframebuffer initializes the field to the fbdev device. Drivers should not override its value. Fixes a bu...

CVE-2023-53314 fbdev/ep93xx-fb: Do not assign to struct fb_info.dev

In the Linux kernel, the following vulnerability has been resolved: fbdev/ep93xx-fb: Do not assign to struct fbinfo.dev Do not assing the Linux device to struct fbinfo.dev. The call to registerframebuffer initializes the field to the fbdev device. Drivers should not override its value. Fixes a bu...

CVE-2023-53312

CVE-2023-53312 : In the Linux kernel, a trace-event interaction with skb_transport_offset() in net_dev_start_xmit could lead to unsafe skb_transport_offset usage. The issue arises after a blamed commit and is fixed by the kernel remediation described in the initial document (commit references inc...

CVE-2023-53307 rbd: avoid use-after-free in do_rbd_add() when rbd_dev_create() fails

In the Linux kernel, the following vulnerability has been resolved: rbd: avoid use-after-free in dorbdadd when rbddevcreate fails If getting an ID or setting up a work queue in rbddevcreate fails, use-after-free on rbddev-rbdclient, rbddev-spec and rbddev-opts is triggered in dorbdadd. The root...

CVE-2022-50343 rapidio: fix possible name leaks when rio_add_device() fails

In the Linux kernel, the following vulnerability has been resolved: rapidio: fix possible name leaks when rioadddevice fails Patch series "rapidio: fix three possible memory leaks". This patchset fixes three name leaks in error handling. - patch 1 fixes two name leaks while rioadddevice fails. -...

CVE-2025-39808

CVE-2025-39808 – Linux kernel HID-ntrig null-deref fix . Affects HID-ntrig in the Linux kernel. In ntrig_report_version(), a hdev structure copied from hid_probe() could lead to a page fault when a descriptor was sent to /dev/uhid if hdev->dev.parent->parent was NULL. The fix adds a null-ch...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to free the name assigned by devsetname when rioadddevice fails, which could lead to a memory leak...

Linux Distros Unpatched Vulnerability : CVE-2022-50337

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ocxl: fix pci device refcount leak when calling getfunction0 getfunction0 calls...

PT-2025-37959

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A NULL pointer dereference issue exists in the ice unplug aux dev function when a reset is issued on a driver loaded without RDMA support. This can lead to a kernel crash. The issue...

Important: Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.23.0 Release.

Red Hat OpenShift Dev Spaces 3.23.0 has been released. Red Hat OpenShift Dev Spaces provides a cloud developer workspace server and a browser-based IDE built for teams and organizations. Dev Spaces runs in OpenShift and is well-suited for container-based development. The 3.23 release is based on...

CVE-2022-50318

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/uncore: Fix reference count leak in hswephaslimitsbox pcigetdevice will increase the reference count for the returned 'dev'. We need to call pcidevput to decrease the reference count. Since 'dev' is only used in...

DEBIAN-CVE-2022-50278

In the Linux kernel, the following vulnerability has been resolved: PNP: fix name memory leak in pnpallocdev After commit 1fa5ae857bb1 "driver core: get rid of struct device's busid string array", the name of device is allocated dynamically, move devsetname after pnpaddid to avoid memory leak...

UBUNTU-CVE-2022-50278

In the Linux kernel, the following vulnerability has been resolved: PNP: fix name memory leak in pnpallocdev After commit 1fa5ae857bb1 "driver core: get rid of struct device's busid string array", the name of device is allocated dynamically, move devsetname after pnpaddid to avoid memory leak...

CVE-2022-50331

CVE-2022-50331 refers to a Linux kernel vulnerability in the wwan_hwsim subsystem. The description documents a memory leak in wwan_hwsim_dev_new() that can occur when probing a module if device_register() fails and the kobject refcount is not decremented to zero, leaking the name allocated in dev...

CVE-2023-53234 watchdog: Fix kmemleak in watchdog_cdev_register

In the Linux kernel, the following vulnerability has been resolved: watchdog: Fix kmemleak in watchdogcdevregister kmemleak reports memory leaks in watchdogdevregister, as follows: unreferenced object 0xffff888116233000 size 2048: comm ""modprobe"", pid 28147, jiffies 4353426116 age 61.741s hex...

CVE-2022-50278 PNP: fix name memory leak in pnp_alloc_dev()

In the Linux kernel, the following vulnerability has been resolved: PNP: fix name memory leak in pnpallocdev After commit 1fa5ae857bb1 "driver core: get rid of struct device's busid string array", the name of device is allocated dynamically, move devsetname after pnpaddid to avoid memory leak...

CVE-2025-10433

1Panel-dev MaxKB versions up to 2.0.2/2.1.0 are affected by a vulnerability in the handling of the file /admin/api/workspace/default/tool/debug, where manipulation of the code argument can lead to a deserialization attack. The issue is exploitable remotely and has publicly disclosed proofs of con...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...