49 matches found
CVE-2025-39947 net/mlx5e: Harden uplink netdev access against device unbind
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Harden uplink netdev access against device unbind The function mlx5uplinknetdevget gets the uplink netdevice pointer from mdev-mlx5eres.uplinknetdev. However, the netdevice can be removed and its pointer cleared when...
CVE-2025-39947 net/mlx5e: Harden uplink netdev access against device unbind
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Harden uplink netdev access against device unbind The function mlx5uplinknetdevget gets the uplink netdevice pointer from mdev-mlx5eres.uplinknetdev. However, the netdevice can be removed and its pointer cleared when...
PT-2025-40643
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The mlx5 uplink netdev get function in the Linux kernel does not properly validate a netdevice pointer before use, potentially leading to a kernel panic when the device is unbound...
EUVD-2025-22614
Malicious code in bioql PyPI...
EUVD-2024-53772
Malicious code in bioql PyPI...
SUSE CVE-2022-50453
In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: fix NULL-pointer dereferences There are several places where we can crash the kernel by requesting lines, unbinding the GPIO device, then calling any of the system calls relevant to the GPIO character device's...
CVE-2022-50453
In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: fix NULL-pointer dereferences There are several places where we can crash the kernel by requesting lines, unbinding the GPIO device, then calling any of the system calls relevant to the GPIO character device's...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: Driver core: Fixed a potential NULL pointer dereferencing in devuevent. If the user space reads the “uevent” device attribute at the same time as other threads unbinding the device from its driver, changing the value of dev-drive...
SUSE CVE-2022-49826
In the Linux kernel, the following vulnerability has been resolved: ata: libata-transport: fix double atahostput in atatportadd In the error path in atatportadd, when calling putdevice, atatportrelease is called, it will put the refcount of 'ap-host'. And then atahostput is called again, the...
CVE-2024-58079 media: uvcvideo: Fix crash during unbind if gpio unit is in use
In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix crash during unbind if gpio unit is in use We used the wrong device for the device managed functions. We used the usb device, when we should be using the interface device. If we unbind the driver from the usb...
CVE-2024-58079 media: uvcvideo: Fix crash during unbind if gpio unit is in use
In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix crash during unbind if gpio unit is in use We used the wrong device for the device managed functions. We used the usb device, when we should be using the interface device. If we unbind the driver from the usb...
CVE-2024-57844
In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix fault on fd close after unbind If userspace holds an fd open, unbinds the device and then closes it, the driver shouldn't try to access the hardware. Protect it by using drmdeventer/drmdevexit. This fixes the followin...
CVE-2024-57844
In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix fault on fd close after unbind If userspace holds an fd open, unbinds the device and then closes it, the driver shouldn't try to access the hardware. Protect it by using drmdeventer/drmdevexit. This fixes the followin...
UBUNTU-CVE-2024-57844
In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix fault on fd close after unbind If userspace holds an fd open, unbinds the device and then closes it, the driver shouldn't try to access the hardware. Protect it by using drmdeventer/drmdevexit. This fixes the followin...
CVE-2024-57844
CVE-2024-57844 – Linux kernel (drm/xe): A fault occurs when a userspace fd is kept open, the device is unbound, and the fd is closed; the driver may dereference hardware state, leading to a kernel page fault. The upstream fix guards the critical section with drm_dev_enter()/drm_dev_exit() to avoi...
CVE-2024-57844 drm/xe: Fix fault on fd close after unbind
In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix fault on fd close after unbind If userspace holds an fd open, unbinds the device and then closes it, the driver shouldn't try to access the hardware. Protect it by using drmdeventer/drmdevexit. This fixes the followin...
CVE-2024-53188
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix crash when unbinding If there is an error during some initialization related to firmware, the function ath12kdpcccleanup is called to release resources. However this is released again when the device is unbinded...
SUSE CVE-2024-39479
In the Linux kernel, the following vulnerability has been resolved: drm/i915/hwmon: Get rid of devm When both hwmon and hwmon drvdata on which hwmon depends are device managed resources, the expectation, on device unbind, is that hwmon will be released before drvdata. However, in i915 there are t...
DEBIAN-CVE-2024-39479
In the Linux kernel, the following vulnerability has been resolved: drm/i915/hwmon: Get rid of devm When both hwmon and hwmon drvdata on which hwmon depends are device managed resources, the expectation, on device unbind, is that hwmon will be released before drvdata. However, in i915 there are t...
CVE-2024-39479
In the Linux kernel, the following vulnerability has been resolved: drm/i915/hwmon: Get rid of devm When both hwmon and hwmon drvdata on which hwmon depends are device managed resources, the expectation, on device unbind, is that hwmon will be released before drvdata. However, in i915 there are t...