27 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Abrupt exit when failing to load firmware in pspinitcapmicrocode. In the function pspinitcapmicrocode, an abrupt exit should occur when attempting to load firmware fails; otherwise, it may lead to invalid memory acces...
CVE-2025-66664
Insufficient parameter sanitization in AMD Secure Processor ASP TEE SOC Driver could allow an attacker to issue a malformed DRVSOCCMDIDLOADGFXIPFW SR-IOV command to cause out-of-bounds read, potentially resulting in SOC Driver memory contents exposure or an exception...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: Wifi: carl9170 – Do not perform a ping on a device that has failed to load its firmware. Syzkaller reports that crashes occur when attempting to perform a ping on a device that has failed to load its firmware. Since such devic...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005750)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005750 advisory. In the Linux kernel, the following vulnerability has been resolved: media: platform: mediatek: vpu: fix NULL ptr dereference If pdev is NULL, then it is still...
SUSE CVE-2022-50701
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921s: fix slab-out-of-bounds access in sdio host SDIO may need addtional 511 bytes to align bus operation. If the tailroom of this skb is not big enough, we would access invalid memory region. For low level...
CVE-2022-50701
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921s: fix slab-out-of-bounds access in sdio host SDIO may need addtional 511 bytes to align bus operation. If the tailroom of this skb is not big enough, we would access invalid memory region. For low level...
Linux Distros Unpatched Vulnerability : CVE-2025-40208
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: iris: fix module removal if firmware download failed Fix remove if firmware failed to load: qcom- iris aa00000.video-codec: Direct firmware load for...
CVE-2025-40208
In the Linux kernel, the following vulnerability has been resolved: media: iris: fix module removal if firmware download failed Fix remove if firmware failed to load: qcom-iris aa00000.video-codec: Direct firmware load for qcom/vpu/vpu33p4.mbn failed with error -2 qcom-iris aa00000.video-codec:...
SUSE CVE-2023-53425
In the Linux kernel, the following vulnerability has been resolved: media: platform: mediatek: vpu: fix NULL ptr dereference If pdev is NULL, then it is still dereferenced. This fixes this smatch warning: drivers/media/platform/mediatek/vpu/mtkvpu.c:570 vpuloadfirmware warn: address of NULL point...
CVE-2023-53425
In the Linux kernel, the following vulnerability has been resolved: media: platform: mediatek: vpu: fix NULL ptr dereference If pdev is NULL, then it is still dereferenced. This fixes this smatch warning: drivers/media/platform/mediatek/vpu/mtkvpu.c:570 vpuloadfirmware warn: address of NULL point...
UBUNTU-CVE-2023-53425
In the Linux kernel, the following vulnerability has been resolved: media: platform: mediatek: vpu: fix NULL ptr dereference If pdev is NULL, then it is still dereferenced. This fixes this smatch warning: drivers/media/platform/mediatek/vpu/mtkvpu.c:570 vpuloadfirmware warn: address of NULL point...
CVE-2023-53392
In the Linux kernel, CVE-2023-53392 describes a fix for a kernel panic in the intel-ish-hid/ISHTP path during warm resets. If a bus driver is registered after device->fw_client is set to NULL and before new firmware clients are enumerated, ishtp_cl_bus_match() dereferences device->fw_client...
wifi: carl9170: do not ping device which has failed to load firmware
...
DEBIAN-CVE-2025-38420
In the Linux kernel, the following vulnerability has been resolved: wifi: carl9170: do not ping device which has failed to load firmware Syzkaller reports 1, 2 crashes caused by an attempts to ping the device which has failed to load firmware. Since such a device doesn't pass 'ieee80211registerhw...
DEBIAN-CVE-2022-50162
In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: Fix possible refcount leak in ifusbprobe usbgetdev will be called before lbsgetfirmwareasync which means that usbputdev need to be called when lbsgetfirmwareasync fails...
UBUNTU-CVE-2022-49881
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: fix memory leak in queryregdbfile In the function queryregdbfile the alpha2 parameter is duplicated using kmemdup and subsequently freed in regdbfwcb. However, requestfirmwarenowait can fail without calling...
SUSE CVE-2025-21784
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: bail out when failed to load fw in pspinitcapmicrocode In function pspinitcapmicrocode, it should bail out when failed to load firmware, otherwise it may cause invalid memory access...
DEBIAN-CVE-2025-21784
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: bail out when failed to load fw in pspinitcapmicrocode In function pspinitcapmicrocode, it should bail out when failed to load firmware, otherwise it may cause invalid memory access...
CVE-2025-21784 drm/amdgpu: bail out when failed to load fw in psp_init_cap_microcode()
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: bail out when failed to load fw in pspinitcapmicrocode In function pspinitcapmicrocode, it should bail out when failed to load firmware, otherwise it may cause invalid memory access...
CVE-2025-21784 drm/amdgpu: bail out when failed to load fw in psp_init_cap_microcode()
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: bail out when failed to load fw in pspinitcapmicrocode In function pspinitcapmicrocode, it should bail out when failed to load firmware, otherwise it may cause invalid memory access...