MiracleLinux 8 : kernel-4.18.0-240.el8 (AXSA:2021-1489:04)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1489:04 advisory. kernel: use after free in the video driver leads to local privilege escalation CVE-2019-9458 kernel: use-after-free in drivers/bluetooth/hcildisc.c...

Linux Distros Unpatched Vulnerability : CVE-2025-38022

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/core: Fix KASAN: slab-use-after-free Read in ibregisterdevice problem Call Trace: dumpstack lib/dumpstack.c:94 inline dumpstacklvl+0x116/0x1f0...

CVE-2021-36144

The polling timer handler in ACRN before 2.5 has a use-after-free for a freed virtio device, related to devicemodel/hw/pci/virtio/.c...

CVE-2023-53023

The CVE-2023-53023 entry describes a use-after-free in the Linux kernel NFC local_cleanup path. Specifically, kfree_skb() can be invoked twice during nfc daemon teardown (e.g., neard) after detaching an NFC device, because local_cleanup() frees local->rx_pending and decrements local->ref tw...

CVE-2025-21856

In the Linux kernel, the following vulnerability has been resolved: s390/ism: add release function for struct device According to devicerelease in /drivers/base/core.c, a device without a release function is a broken device and must be fixed. The current code directly frees the device after calli...

CLSA-2025-1736778412 kernel: Fix of 17 CVEs

tracing: Free buffers when a used dynamic event is removed CVE-2022-49006 - ASoC: ops: Check bounds for second channel in sndsocputvolswsx CVE-2022-48951 - ext4: fix slab-use-after-free in ext4splitextentat CVE-2024-49884 - ext4: fix bug on in ext4escacheextent as ext4splitextentat failed...

PUB-A-319099367

there is a possible persistent Denial of Service due to test/debugging code left in a production build. This could lead to local denial of service of impaired use of the device with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2022-41849

drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a USB device while calling open, aka a race condition between ufxopsopen and ufxusbdisconnect...

CVE-2021-22368

There is a Permission Control Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect normal use of the device...

Design/Logic Flaw

There is a Permission Control Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect normal use of the device...

CVE-2021-3348

nbdaddsocket in drivers/block/nbd.c in the Linux kernel through 5.10.12 has an ndbqueuerq use-after-free that could be triggered by local attackers with access to the nbd device via an I/O request at a certain point during device setup, aka CID-b98e762e3d71...

CG-WLNCM4G may behave as an open resolver

Overview CG-WLNCM4G provided by Corega Inc is a network camera. CG-WLNCM4G contains an issue where it may behave as an open resolver. SASABE Tetsuro of The University of Tokyo reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...

RSA Survey Finds Mobile Device Breaches Rare

Most respondents in a recently released RSA study 93.2% answered “Yes” when asked if allowing employees to connect their personal mobile devices to the corporate network poses a security threat to their organization, but only 1.8% reported a “serious incident” as a result of an employee’s mobile...