CVE-2022-50407 crypto: hisilicon/qm - increase the memory of local variables

In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/qm - increase the memory of local variables Increase the buffer to prevent stack overflow by fuzz test. The maximum length of the qos configuration buffer is 256 bytes. Currently, the value of the 'val buffer' i...

Linux Distros Unpatched Vulnerability : CVE-2021-47476

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - comedi: niusb6501: fix NULL-deref in command paths The driver uses endpoint-sized USB transfer buffers but had no sanity checks on the sizes. This can lead to...

Linux Distros Unpatched Vulnerability : CVE-2024-39510

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix slab-use-after-free in cachefilesondemanddaemonread We got the following iss...

Linux Distros Unpatched Vulnerability : CVE-2025-37773

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - virtiofs: add filesystem context source name check In certain scenarios, for example, during fuzz testing, the source name may be NULL, which could lead to a...

CVE-2022-49937

CVE-2022-49937 affects the Linux kernel mceusb driver in the media subsystem. Automatic fuzzing reported a WARN due to an unusual read on endpoint 0 caused by using legacy usb_control_msg_() routines and not setting USB_DIR_IN in bRequestType. The fix converts the driver to usb_control_msg_recv()...

CVE-2025-37773

In the Linux kernel, the following vulnerability has been resolved: virtiofs: add filesystem context source name check In certain scenarios, for example, during fuzz testing, the source name may be NULL, which could lead to a kernel panic. Therefore, an extra check for the source name should be...

PT-2025-18454

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability has been identified in the Linux kernel related to virtiofs, where in certain scenarios, such as during fuzz testing, the source name may be NULL. This could lead to a...

Linux Distros Unpatched Vulnerability : CVE-2024-57917

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: topology: Keep the cpumask unchanged when printing cpumap During fuzz testing, the following...

kernel: xfrm: fix one more kernel-infoleak in algo dumping

A vulnerability was found in the xfrm module in the Linux Kernel. This issue was discovered during fuzz testing, where uninitialized memory containing potentially sensitive data was inadvertently copied to user-space. This issue occurs when dumping IPsec algorithm data structures, exposing random...

CVE-2024-57917 topology: Keep the cpumask unchanged when printing cpumap

In the Linux kernel, the following vulnerability has been resolved: topology: Keep the cpumask unchanged when printing cpumap During fuzz testing, the following warning was discovered: different return values 15 and 11 from vsnprintf"%pbl ", ... test:keyward is WARNING in kvasprintf WARNING: CPU:...

CVE-2024-57917

CVE-2024-57917 : In the Linux kernel, the cpumask may be modified during printing of cpumap, causing mismatched lengths in kvasprintf-based formatting. The fix caches the cpumask to a temporary variable before cpumap_print_{list, cpumask}_to_buf() to keep it unchanged during printing. Impact is p...

CVE-2024-57917 topology: Keep the cpumask unchanged when printing cpumap

In the Linux kernel, the following vulnerability has been resolved: topology: Keep the cpumask unchanged when printing cpumap During fuzz testing, the following warning was discovered: different return values 15 and 11 from vsnprintf"%pbl ", ... test:keyward is WARNING in kvasprintf WARNING: CPU:...

kernel: xfrm: fix one more kernel-infoleak in algo dumping

A vulnerability was found in the xfrm module in the Linux Kernel. This issue was discovered during fuzz testing, where uninitialized memory containing potentially sensitive data was inadvertently copied to user-space. This issue occurs when dumping IPsec algorithm data structures, exposing random...

CVE-2024-50110

In the Linux kernel, the following vulnerability has been resolved: xfrm: fix one more kernel-infoleak in algo dumping During fuzz testing, the following issue was discovered: BUG: KMSAN: kernel-infoleak in copytoiter+0x598/0x2a30 copytoiter+0x598/0x2a30 skbdatagramiter+0x168/0x1060...

UBUNTU-CVE-2024-50110

In the Linux kernel, the following vulnerability has been resolved: xfrm: fix one more kernel-infoleak in algo dumping During fuzz testing, the following issue was discovered: BUG: KMSAN: kernel-infoleak in copytoiter+0x598/0x2a30 copytoiter+0x598/0x2a30 skbdatagramiter+0x168/0x1060...

SUSE CVE-2024-48426

A segmentation fault SEGV was detected in the SortByPTypeProcess::Execute function in the Assimp library during fuzz testing with AddressSanitizer. The crash occurred due to a read access to an invalid memory address 0x1000c9714971...

PYSEC-2024-294

A segmentation fault SEGV was detected in the SortByPTypeProcess::Execute function in the Assimp library during fuzz testing with AddressSanitizer. The crash occurred due to a read access to an invalid memory address 0x1000c9714971...

CVE-2024-48426

A segmentation fault SEGV was detected in the SortByPTypeProcess::Execute function in the Assimp library during fuzz testing with AddressSanitizer. The crash occurred due to a read access to an invalid memory address 0x1000c9714971...

PYSEC-2024-294

A segmentation fault SEGV was detected in the SortByPTypeProcess::Execute function in the Assimp library during fuzz testing with AddressSanitizer. The crash occurred due to a read access to an invalid memory address 0x1000c9714971...

CVE-2024-48426

A segmentation fault SEGV was detected in the SortByPTypeProcess::Execute function in the Assimp library during fuzz testing with AddressSanitizer. The crash occurred due to a read access to an invalid memory address 0x1000c9714971...