CVE-2022-49226

In the Linux kernel, the following vulnerability has been resolved: net: asix: add proper error handling of usb read errors Syzbot once again hit uninit value in asix driver. The problem still the same -- asixreadcmd reads less bytes, than was requested by caller. Since all read requests are...

CVE-2022-49226 net: asix: add proper error handling of usb read errors

In the Linux kernel, the following vulnerability has been resolved: net: asix: add proper error handling of usb read errors Syzbot once again hit uninit value in asix driver. The problem still the same -- asixreadcmd reads less bytes, than was requested by caller. Since all read requests are...

CVE-2022-49189 clk: qcom: clk-rcg2: Update logic to calculate D value for RCG

In the Linux kernel, the following vulnerability has been resolved: clk: qcom: clk-rcg2: Update logic to calculate D value for RCG The display pixel clock has a requirement on certain newer platforms to support M/N as 2/3 and the final D value calculated results in underflow errors. As the curren...

CVE-2022-49189 clk: qcom: clk-rcg2: Update logic to calculate D value for RCG

In the Linux kernel, the following vulnerability has been resolved: clk: qcom: clk-rcg2: Update logic to calculate D value for RCG The display pixel clock has a requirement on certain newer platforms to support M/N as 2/3 and the final D value calculated results in underflow errors. As the curren...

CVE-2022-49189

CVE-2022-49189 : In the Linux kernel (clk-rcg2, Qualcomm display pixel clock), final D calculation for the M/N ratio could fall outside the accepted range, causing underflow. The fix updates the D-value calculation to respect the valid range for given M and N, preventing underflow. Affected compo...

CVE-2022-49167

In the Linux kernel, the following vulnerability has been resolved: btrfs: do not double complete bio on errors during compressed reads I hit some weird panics while fixing up the error handling from btrfslookupbiosums. Turns out the compression path will complete the bio we use if we set up any ...

CVE-2022-49168

The CVE-2022-49168 entry concerns a Linux kernel bug in the btrfs repair path. The issue occurred when the repair submission failed and the code attempted to clean up the repair bio simultaneously with endio, creating potential use-after-free and NULL dereference conditions due to racing with bio...

CVE-2022-49152

In the Linux kernel, the following vulnerability has been resolved: XArray: Fix xascreaterange when multi-order entry present If there is already an entry present that is of order = XACHUNKSHIFT when we call xascreaterange, xascreaterange will misinterpret that entry as a node and dereference...

The vulnerability of the do_repack_createinstallmedia function in Parallels Desktop hypervisors allows a hacker to increase their privileges.

The vulnerability of the dorepackcreateinstallmedia function in Parallels Desktop hypervisors is related to synchronization errors when using a shared resource “Race Situation”. Exploiting this vulnerability can allow an attacker to gain increased privileges...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the mediatek clock driver not properly handling error branches during probing, which could lead to a memory...

The vulnerability of the ext4_mb_find_good_group_avg_frag_lists() function in the ext4 file system of the Linux operating system allows a attacker to cause a service failure.

The vulnerability of the ext4mbfindgoodgroupavgfraglists function in the ext4 file system of the Linux operating system is related to read errors beyond the memory boundary. Exploiting this vulnerability could allow an attacker to cause a service failure...

ROS-20250226-08

A vulnerability in the OpenJPEG image encoding and decoding library is related to memory boundary errors. memory boundary errors. Exploitation of the vulnerability could allow an attacker to execute arbitrary code A vulnerability in the OpenJPEG image encoding and decoding library is related to a...

ROS-20250226-07

Apache Tomcat application server vulnerability is related to synchronization errors when using a shared resource due to lack of case-sensitivity when writing servlets to the file system. as a result of file system case insensitivity when writing servlets. Exploitation exploitation of the...

The vulnerability of the mm component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the mm component in the Linux operating system’s kernel is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the NFC component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the NFC component in the Linux operating system’s kernel is related to zero-division errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the mlxsw component in the Linux operating system’s kernel, which allows a hacker to trigger a service failure

The vulnerability of the mlxsw component in the Linux operating system’s kernel is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

Siemens SCALANCE W700 Double Free (CVE-2023-29469)

An issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic and memory errors, such as a double free. This behavior occurs because there is an attempt to...

The vulnerability of the netem component in the Linux operating system’s kernel allows a hacker to gain elevated privileges within the system.

The vulnerability of the netem component in the Linux operating system’s kernel is related to errors that occur after decompression. Exploiting this vulnerability can allow an attacker to gain elevated privileges within the system...

The vulnerability of the memcg component in the Linux operating system allows a hacker to gain elevated privileges within the system.

The vulnerability of the memcg component in the Linux operating system’s kernel is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to gain elevated privileges within the system...

The vulnerabilities of the sched/smt components in Linux operating systems allow attackers to trigger service failures.

The vulnerability of the sched/smt components in Linux operating systems is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause service failures...