22 matches found
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013788)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013788 advisory. In the Linux kernel, the following vulnerability has been resolved: mcb: mcb-parse: fix error handing in chameleonparsegdd If mcbdeviceregister returns error in...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011037)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011037 advisory. In the Linux kernel, the following vulnerability has been resolved: mcb: mcb-parse: fix error handing in chameleonparsegdd If mcbdeviceregister returns error in...
ROS-20260202-73-0029
A vulnerability in the chameleonparsegdd function of the Linux operating system kernel is related to memory re-release. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
Azure Linux 3.0 Security Update: kernel (CVE-2025-37817)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37817 advisory. - In the Linux kernel, the following vulnerability has been resolved: mcb: fix a double free bug in...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993064)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993064 advisory. In the Linux kernel, the following vulnerability has been resolved: mcb: fix a double free bug in chameleonparsegdd In chameleonparsegdd, if mcbdeviceregister fails,...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992625)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992625 advisory. In the Linux kernel, the following vulnerability has been resolved: mcb: fix a double free bug in chameleonparsegdd In chameleonparsegdd, if mcbdeviceregister fails,...
UBUNTU-CVE-2022-50522
In the Linux kernel, the following vulnerability has been resolved: mcb: mcb-parse: fix error handing in chameleonparsegdd If mcbdeviceregister returns error in chameleonparsegdd, the refcount of bus and device name are leaked. Fix this by calling putdevice to give up the reference, so they can b...
CVE-2022-50522
In the Linux kernel, the following vulnerability has been resolved: mcb: mcb-parse: fix error handing in chameleonparsegdd If mcbdeviceregister returns error in chameleonparsegdd, the refcount of bus and device name are leaked. Fix this by calling putdevice to give up the reference, so they can b...
CVE-2022-50522
The CVE-2022-50522 entry corresponds to a Linux kernel issue in mcb-parse (chameleon_parse_gdd). When mcb_device_register() returns an error, the refcount for the bus and device name is leaked. The fix adds a put_device() to relinquish the reference so resources can be released during mcb_release...
EUVD-2025-32844
In the Linux kernel, the following vulnerability has been resolved: mcb: mcb-parse: fix error handing in chameleonparsegdd If mcbdeviceregister returns error in chameleonparsegdd, the refcount of bus and device name are leaked. Fix this by calling putdevice to give up the reference, so they can b...
mcb: fix a double free bug in chameleon_parse_gdd()
...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: mcb: fixed a double-free bug in chameleonparsegdd. In chameleonparsegdd, if mcbdeviceregister fails, ‘mdev’ will be released through putdevice in mcbdeviceregister. As a result, the statement “goto ‘err’ label” and the subsequent...
SUSE CVE-2025-37817
In the Linux kernel, the following vulnerability has been resolved: mcb: fix a double free bug in chameleonparsegdd In chameleonparsegdd, if mcbdeviceregister fails, 'mdev' would be released in mcbdeviceregister via putdevice. Thus, goto 'err' label and free 'mdev' again causes a double free. Jus...
DEBIAN-CVE-2025-37817
In the Linux kernel, the following vulnerability has been resolved: mcb: fix a double free bug in chameleonparsegdd In chameleonparsegdd, if mcbdeviceregister fails, 'mdev' would be released in mcbdeviceregister via putdevice. Thus, goto 'err' label and free 'mdev' again causes a double free. Jus...
CVE-2025-37817 mcb: fix a double free bug in chameleon_parse_gdd()
In the Linux kernel, the following vulnerability has been resolved: mcb: fix a double free bug in chameleonparsegdd In chameleonparsegdd, if mcbdeviceregister fails, 'mdev' would be released in mcbdeviceregister via putdevice. Thus, goto 'err' label and free 'mdev' again causes a double free. Jus...
PT-2025-20346
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A double free bug has been identified in the chameleon parse gdd function. When mcb device register fails, the mdev device is released via put device. However, if the function then...
GSD-2023-1000656 mcb: mcb-parse: fix error handing in chameleon_parse_gdd()
mcb: mcb-parse: fix error handing in chameleonparsegdd This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...
CS and XSS vulnerabilities in GDD FLVPlayer
Hello 3APA3A! These are Content Spoofing and Cross-Site Scripting vulnerabilities in GDD FLVPlayer. ------------------------- Affected products: ------------------------- Vulnerable are GDD FLVPlayer v3.635 and previous versions. ------------------------- Affected vendors: -----------------------...
Vulnerabilities in multiple web applications with GDD FLVPlayer
Hello 3APA3A! These are Content Spoofing and Cross-Site Scripting vulnerabilities in multiple web applications with GDD FLVPlayer. Earlier I've wrote about vulnerabilities in GDD FLVPlayer http://seclists.org/fulldisclosure/2013/Aug/247. This is video and audio player, which is used at thousands...
Vulnerabilities in multiple plugins for WordPress with GDD FLVPlayer
Hello 3APA3A! These are Content Spoofing and Cross-Site Scripting vulnerabilities in multiple web applications with GDD FLVPlayer. Earlier I wrote about vulnerabilities in GDD FLVPlayer http://seclists.org/fulldisclosure/2013/Aug/247. This is video and audio player, which is used at thousands web...