517 matches found
openssh: Machine-in-the-middle attack if VerifyHostKeyDNS is enabled
A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. Fo...
CVE-2022-50415
In the Linux kernel, the following vulnerability has been resolved: parisc: led: Fix potential null-ptr-deref in starttask starttask calls createsinglethreadworkqueue and not checked the ret value, which may return NULL. And a null-ptr-deref may happen: starttask createsinglethreadworkqueue faile...
serial: 8250: fix panic due to PSLVERR
...
CVE-2025-39716
In the Linux kernel, the following vulnerability has been resolved: parisc: Revise getuser to probe user read access Because of the way read access support is implemented, read access interruptions are only triggered at privilege levels 2 and 3. The kernel executes at privilege level 0, so getuse...
CVE-2025-39716 parisc: Revise __get_user() to probe user read access
In the Linux kernel, the following vulnerability has been resolved: parisc: Revise getuser to probe user read access Because of the way read access support is implemented, read access interruptions are only triggered at privilege levels 2 and 3. The kernel executes at privilege level 0, so getuse...
UBUNTU-CVE-2025-38712
In the Linux kernel, the following vulnerability has been resolved: hfsplus: don't use BUGON in hfspluscreateattributesfile When the volume header contains erroneous values that do not reflect the actual state of the filesystem, hfsplusfillsuper assumes that the attributes file is not yet created...
CVE-2025-38656
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: Fix error code in iwlopmodedvmstart Preserve the error code if iwlsetupdeferredwork fails. The current code returns ERRPTR0 which is NULL on this path. I believe the missing error code potentially leads to a use...
AZL-71023 CVE-2025-38656 affecting package kernel 6.6.126.1-1
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: Fix error code in iwlopmodedvmstart Preserve the error code if iwlsetupdeferredwork fails. The current code returns ERRPTR0 which is NULL on this path. I believe the missing error code potentially leads to a use...
UBUNTU-CVE-2025-38656
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: Fix error code in iwlopmodedvmstart Preserve the error code if iwlsetupdeferredwork fails. The current code returns ERRPTR0 which is NULL on this path. I believe the missing error code potentially leads to a use...
CVE-2025-38656
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: Fix error code in iwlopmodedvmstart Preserve the error code if iwlsetupdeferredwork fails. The current code returns ERRPTR0 which is NULL on this path. I believe the missing error code potentially leads to a use...
CVE-2025-38656
CVE-2025-38656 affects the Linux kernel’s wifi iwlwifi path (iwl_op_mode_dvm_start). The vulnerability stems from preserving the error code when iwl_setup_deferred_work() fails; the code previously returned ERR_PTR(0) (NULL), which could cause a use-after-free involving debugfs. A patch has been ...
CVE-2025-38656 wifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start()
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: Fix error code in iwlopmodedvmstart Preserve the error code if iwlsetupdeferredwork fails. The current code returns ERRPTR0 which is NULL on this path. I believe the missing error code potentially leads to a use...
UBUNTU-CVE-2025-38381
In the Linux kernel, the following vulnerability has been resolved: Input: cs40l50-vibra - fix potential NULL dereference in cs40l50uploadowt The cs40l50uploadowt function allocates memory via kmalloc without checking for allocation failure, which could lead to a NULL pointer dereference. Return...
CVE-2025-38399 scsi: target: Fix NULL pointer dereference in core_scsi3_decode_spec_i_port()
In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix NULL pointer dereference in corescsi3decodespeciport The function corescsi3decodespeciport, in its error code path, unconditionally calls corescsi3lunaclundependitem passing the destsedeve pointer, which may be...
CVE-2025-38399
In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix NULL pointer dereference in corescsi3decodespeciport The function corescsi3decodespeciport, in its error code path, unconditionally calls corescsi3lunaclundependitem passing the destsedeve pointer, which may be...
CVE-2025-5987
CVE-2025-5987 affects libssh when using ChaCha20 with OpenSSL. Root cause: OpenSSL error codes alias with SSH_OK, causing libssh to miss detection of an error during ChaCha20-Poly1305 key setup, potentially leading to a partially initialized cipher context and undefined behavior that can compromi...
SUSE CVE-2025-38172
In the Linux kernel, the following vulnerability has been resolved: erofs: avoid using multiple devices with different type For multiple devices, both primary and extra devices should be the same type. erofsinitdevice has already guaranteed that if the primary is a file-backed device, extra devic...
AZL-64523 CVE-2025-38142 affecting package kernel for versions less than 6.6.96.1-1
In the Linux kernel, the following vulnerability has been resolved: hwmon: asus-ec-sensors check sensor index in readstring Prevent a potential invalid memory access when the requested sensor is not found. findecsensorindex may return a negative value e.g. -ENOENT, but its result was used without...
CVE-2025-38142
In the Linux kernel, the following vulnerability has been resolved: hwmon: asus-ec-sensors check sensor index in readstring Prevent a potential invalid memory access when the requested sensor is not found. findecsensorindex may return a negative value e.g. -ENOENT, but its result was used without...
CVE-2025-38142
The CVE-2025-38142 issue affects the Linux kernel hwmon path (asus-ec-sensors) where read_string() could read a non-existent sensor because find_ec_sensor_index() returned a negative value (for example -ENOENT) and was used without validation. The fix introduces a check to ensure sensor_index is ...