CVE-2024-56561

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Fix PCI domain ID release in pciepcdestroy pciepcdestroy invokes pcibusreleasedomainnr to release the PCI domain ID, but there are two issues: - 'epc-dev' is passed to pcibusreleasedomainnr which was already freed...

CVE-2024-56742

The CVE-2024-56742 entry concerns the Linux kernel VFIO/MLX5 path. It fixes an unwind issue in mlx5vf_add_migration_pages() where pages allocated but not added to the SG table must be freed to prevent a memory leak; pages already added to the SG table are freed via mlx5vf_free_data_buffer(). Affe...

CVE-2024-56713

Technical details for CVE-2024-56713 are not provided in the connected documents. The initial description mentions nsim_pp_hold_write() issues in the Linux kernel but lacks explicit product/version/remediation details. Monitor for authoritative updates.

CVE-2024-56661 tipc: fix NULL deref in cleanup_bearer()

In the Linux kernel, the following vulnerability has been resolved: tipc: fix NULL deref in cleanupbearer syzbot found 1 that after blamed commit, ub-ubsock-sk was NULL when attempting the atomicdec : atomicdec&tipcnetsocknetub-ubsock-sk-wqcount; Fix this by caching the tipcnet pointer. 1 Oops:...

CVE-2024-56608 drm/amd/display: Fix out-of-bounds access in 'dcn21_link_encoder_create'

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix out-of-bounds access in 'dcn21linkencodercreate' An issue was identified in the dcn21linkencodercreate function where an out-of-bounds access could occur when the hpdsource index was used to reference the...

CVE-2024-56561

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Fix PCI domain ID release in pciepcdestroy pciepcdestroy invokes pcibusreleasedomainnr to release the PCI domain ID, but there are two issues: - 'epc-dev' is passed to pcibusreleasedomainnr which was already freed ...

CVE-2024-53237

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix use-after-free in deviceforeachchild Syzbot has reported the following KASAN splat: BUG: KASAN: slab-use-after-free in deviceforeachchild+0x18f/0x1a0 Read of size 8 at addr ffff88801f605308 by task kbnepd bnep0/498...

CVE-2024-43874 crypto: ccp - Fix null pointer dereference in __sev_snp_shutdown_locked

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix null pointer dereference in sevsnpshutdownlocked Fix a null pointer dereference induced by DEBUGTESTDRIVERREMOVE. Return from sevsnpshutdownlocked if the pspdevice or the sevdevice structs are not initialized...

CVE-2024-26855 net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink()

In the Linux kernel, the following vulnerability has been resolved: net: ice: Fix potential NULL pointer dereference in icebridgesetlink The function icebridgesetlink may encounter a NULL pointer dereference if nlmsgfindattr returns NULL and brspec is dereferenced subsequently in nlaforeachnested...

CVE-2021-47190

In the Linux kernel, the following vulnerability has been resolved: perf bpf: Avoid memory leak from perfenvinsertbtf perfenvinsertbtf doesn't insert if a duplicate BTF id is encountered and this causes a memory leak. Modify the function to return a success/error value and then free the memory if...

CVE-2024-26716 usb: core: Prevent null pointer dereference in update_port_device_state

In the Linux kernel, the following vulnerability has been resolved: usb: core: Prevent null pointer dereference in updateportdevicestate Currently, the function updateportdevicestate gets the usbhub from udev-parent by calling usbhubtostructhub. However, in case the actconfig or the maxchild is 0...

CVE-2021-47065

In the Linux kernel, the following vulnerability has been resolved: rtw88: Fix array overrun in rtwgettxpowerparams Using a kernel with the Undefined Behaviour Sanity Checker UBSAN enabled, the following array overrun is logged:...

CVE-2024-26599 pwm: Fix out-of-bounds access in of_pwm_single_xlate()

In the Linux kernel, the following vulnerability has been resolved: pwm: Fix out-of-bounds access in ofpwmsinglexlate With args-argscount == 2 args-args2 is not defined. Actually the flags are contained in args-args1...

SUSE-SU-2023:0602-1 Security update for google-osconfig-agent

This update for google-osconfig-agent fixes the following issues: Updated to version 20230222.00 and bumped go API version to 1.18 to address the following bsc1208723: - CVE-2021-38297: Fixed data overwrite when passing large arguments to GOARCH=wasm GOOS=js bsc1191468. - CVE-2022-23806: Fixed...

PT-2025-26105 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A use-after-free issue was identified in the Linux kernel, specifically in the ath9k hif usb rx cb function. This issue was reported by Syzbot and is related to incorrect initializatio...

GSD-2022-1007235 drm: Use size_t type for len variable in drm_copy_field()

drm: Use sizet type for len variable in drmcopyfield This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.150 by commit...

PT-2022-24304 · Xpdf · Xpdf

Name of the Vulnerable Software and Affected Versions: XPDF affected versions not specified Description: A segmentation violation was discovered in XPDF via the DCTStream::getChar function at /xpdf/Stream.cc. This issue affects the DCTStream::getChar function, which is located in the...

openSUSE Security Update : froxlor (openSUSE-2021-415)

This update for froxlor fixes the following issues : - Upstream upgrade to version 0.10.23 boo846355 - Upstream upgrade to version 0.10.22 boo846355 - BuildRequire cron as this contains now the cron directories - Use %license for COPYING file instead of %doc boo1082318 Upstream upgrade to version...

Security update for froxlor (moderate)

openSUSE Security Update: Security update for froxlor Announcement ID: openSUSE-SU-2021:0415-1 Rating: moderate References: 1025193 1082318 846355 958100 Cross-References: CVE-2016-5100 CVSS scores: CVE-2016-5100 NVD : 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE...

SUSE-SU-2021:0125-1 Security update for php72

This update for php72 fixes the following issue: - CVE-2020-7071: Fixed an insufficient filter in parseurl that accepted URLs with invalid userinfo bsc1180706...