50 matches found
Linux Distros Unpatched Vulnerability : CVE-2022-49299
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: gadget: don't reset gadget's driver-bus UDC driver should not touch gadget's driv...
Linux Distros Unpatched Vulnerability : CVE-2023-52664
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: atlantic: eliminate double free in error handling logic Driver has a logic leak in ring data allocation/free, where aqringfree could be called multiple tim...
CVE-2022-49241
In the Linux kernel, the following vulnerability has been resolved: ASoC: atmel: Fix error handling in sam9x5wm8731driverprobe The devicenode pointer is returned by ofparsephandle with refcount incremented. We should use ofnodeput on it when done. This function only calls ofnodeput in the regular...
CVE-2022-49551
In the Linux kernel, the following vulnerability has been resolved: usb: isp1760: Fix out-of-bounds array access Running the driver through kasan gives an interesting splat: BUG: KASAN: global-out-of-bounds in isp1760register+0x180/0x70c Read of size 20 at addr f1db2e64 by task swapper/0/1...
CVE-2025-21656
In the Linux kernel, the following vulnerability has been resolved: hwmon: drivetemp Fix driver producing garbage data when SCSI errors occur scsiexecutecmd function can return both negative linux codes and positive scsicmnd result field error codes. Currently the driver just passes error codes o...
CVE-2024-44964
In the Linux kernel, the following vulnerability has been resolved: idpf: fix memory leaks and crashes while performing a soft reset The second tagged commit introduced a UAF, as it removed restoring qvector-vport pointers after reinitializating the structures. This is due to that all queue...
CVE-2024-44964 idpf: fix memory leaks and crashes while performing a soft reset
In the Linux kernel, the following vulnerability has been resolved: idpf: fix memory leaks and crashes while performing a soft reset The second tagged commit introduced a UAF, as it removed restoring qvector-vport pointers after reinitializating the structures. This is due to that all queue...
kernel: scsi: qedf: Fix NULL dereference in error handling
A NULL pointer dereference was found in the QLogic qedf FCoE driver. In the error handling path of qedfallocglobalqueues, calling qedffreeglobalqueues when nothing was allocated causes a crash...
kernel: scsi: qedf: Fix NULL dereference in error handling
A NULL pointer dereference was found in the QLogic qedf FCoE driver. In the error handling path of qedfallocglobalqueues, calling qedffreeglobalqueues when nothing was allocated causes a crash...
CVE-2021-47205
In the Linux kernel, the following vulnerability has been resolved: clk: sunxi-ng: Unregister clocks/resets when unbinding Currently, unbinding a CCU driver unmaps the device's MMIO region, while leaving its clocks/resets and their providers registered. This can cause a page fault later when some...
USN-6686-3 linux-oracle, linux-oracle-5.15 vulnerabilities
It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the Linux kernel did not properly handle certain error conditions during device registration. A local attacker could possibly use this to cause a denial of service system crash. CVE-2023-22995 It was discovered that a race...
UNISOC Chipsets Security Vulnerability
UNISOC Chipsets is a chipset from China's Purple Spreadtrum UNISOC. A security vulnerability exists in UNISOC Chipsets that originates from an error in the logic of the vsp driver and may be exploited after release. It could result in a local denial of service that requires system execution...
CVE-2023-23001
In the Linux kernel before 5.16.3, drivers/scsi/ufs/ufs-mediatek.c misinterprets the regulatorget return value expects it to be NULL in the error case, whereas it is actually an error pointer...
CVE-2023-23002
In the Linux kernel before 5.16.3, drivers/bluetooth/hciqca.c misinterprets the devmgpiodgetindexoptional return value expects it to be NULL in the error case, whereas it is actually an error pointer...
CVE-2022-32659
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705066; Issue ID: GN20220705066...
USN-5757-2 linux-aws-hwe, linux-gcp, linux-hwe, linux-oracle vulnerabilities
Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-427...
USN-5755-1 linux, linux-aws, linux-aws-5.15, linux-gcp, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-intel-iotg, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-oracle, linux-oracle-5.15, linux-raspi vulnerabilities
It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-43945 Jann Horn discovered that the...
PT-2025-25981 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, related to the iavf driver's adminq error handling. The issue involves the allocation of DMA coherent memory for VF mailbox using...
USN-5164-1 linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-dell300x, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities
It was discovered that the Option USB High Speed Mobile device driver in the Linux kernel did not properly handle error conditions. A physically proximate attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-37159 It was discovered that th...
Acronis Agent 安全漏洞
Acronis Agent is an agent software from Acronis Singapore. A security vulnerability exists in Acronis Agent that originates from a logic error in the program's system monitoring driver, which allows bypassing Windows memory protection and accessing sensitive data...