37 matches found
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: Media: dvb-frontends: dib3000mb: Fixed an uninitialized value issue found by KMSAN in dib3000readreg. The local variable rb2 is used as a read buffer in i2ctransfer. If that call fails, the buffer may contain undefined values...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: az6027: fix null-ptr-deref in az6027i2cxfer Wei Chen reports a kernel bug as follows: General protection fault, likely for non-canonical addresses. KASAN: Nullptrderef within the range...
Astra Linux - уязвимость в linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fixed a NULL pointer dereference in amdgpudmi2cxfer. When ddcserviceconstruct is called, it explicitly checks both the link type and whether there is something on the link that will determine whether the pin is...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: media: dw2102: Fixed a nullptrderef issue in dw2102i2ctransfer In dw2102i2ctransfer, msg is controlled by the user. When msgi.buf is null and msgi.len is zero, previous checks on msgi.buf will still be performed. Malicious data...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: m920x: A potential memory leak has been fixed in m920xi2cxfer. The read function is freed when it is determined to be NULL, but not when a read error occurs. The logic should be reversed to avoid a small leak if a...
Azure Linux 3.0 Security Update: kernel (CVE-2025-38229)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38229 advisory. - In the Linux kernel, the following vulnerability has been resolved: media: cxusb: no longer judge rbuf when...
SUSE CVE-2023-54266
In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: m920x: Fix a potential memory leak in m920xi2cxfer 'read' is freed when it is known to be NULL, but not when a read error occurs. Revert the logic to avoid a small leak, should a m920xread call fail...
SUSE CVE-2023-54314
In the Linux kernel, the following vulnerability has been resolved: media: af9005: Fix null-ptr-deref in af9005i2cxfer In af9005i2cxfer, msg is controlled by user. When msgi.buf is null and msgi.len is zero, former checks on msgi.buf would be passed. Malicious data finally reach af9005i2cxfer. If...
EUVD-2023-60375
In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: m920x: Fix a potential memory leak in m920xi2cxfer 'read' is freed when it is known to be NULL, but not when a read error occurs. Revert the logic to avoid a small leak, should a m920xread call fail...
CVE-2023-54266
In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: m920x: Fix a potential memory leak in m920xi2cxfer 'read' is freed when it is known to be NULL, but not when a read error occurs. Revert the logic to avoid a small leak, should a m920xread call fail...
CVE-2023-54314
In the Linux kernel, the following vulnerability has been resolved: media: af9005: Fix null-ptr-deref in af9005i2cxfer In af9005i2cxfer, msg is controlled by user. When msgi.buf is null and msgi.len is zero, former checks on msgi.buf would be passed. Malicious data finally reach af9005i2cxfer. If...
CVE-2023-54314
The CVE affects the Linux kernel subsystem media/af9005. In af9005_i2c_xfer, user-controlled msg[i].buf could be accessed when msg[i].buf is NULL and msg[i].len is 0, allowing a NULL pointer dereference. The fix adds a len check to prevent dereferencing an invalid buffer, mitigating a crash. The ...
CVE-2023-54314 media: af9005: Fix null-ptr-deref in af9005_i2c_xfer
In the Linux kernel, the following vulnerability has been resolved: media: af9005: Fix null-ptr-deref in af9005i2cxfer In af9005i2cxfer, msg is controlled by user. When msgi.buf is null and msgi.len is zero, former checks on msgi.buf would be passed. Malicious data finally reach af9005i2cxfer. If...
CVE-2023-54266 media: dvb-usb: m920x: Fix a potential memory leak in m920x_i2c_xfer()
In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: m920x: Fix a potential memory leak in m920xi2cxfer 'read' is freed when it is known to be NULL, but not when a read error occurs. Revert the logic to avoid a small leak, should a m920xread call fail...
PT-2025-54095
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to a potential memory leak within the m920x i2c xfer function. Specifically, memory associated with read may be freed incorrectly when it is NUL...
EUVD-2023-60260
In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb-v2: gl861: Fix null-ptr-deref in gl861i2cmasterxfer In gl861i2cmasterxfer, msg is controlled by user. When msgi.buf is null and msgi.len is zero, former checks on msgi.buf would be passed. Malicious data finally...
CVE-2023-54066
In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb-v2: gl861: Fix null-ptr-deref in gl861i2cmasterxfer In gl861i2cmasterxfer, msg is controlled by user. When msgi.buf is null and msgi.len is zero, former checks on msgi.buf would be passed. Malicious data finally...
CVE-2023-54066
CVE-2023-54066 (Linux kernel) affects the media: dvb-usb-v2 driver for the gl861 device. In gl861_i2c_master_xfer, the user-controlled msg can have buf == NULL while len == 0, allowing prior checks on msg[i].buf to pass and potentially reach gl861_i2c_master_xfer with a NULL dereference. The vend...
CVE-2023-54066 media: dvb-usb-v2: gl861: Fix null-ptr-deref in gl861_i2c_master_xfer
In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb-v2: gl861: Fix null-ptr-deref in gl861i2cmasterxfer In gl861i2cmasterxfer, msg is controlled by user. When msgi.buf is null and msgi.len is zero, former checks on msgi.buf would be passed. Malicious data finally...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: media: az6007: Fixed nullptrderef in az6007i2cxfer In az6007i2cxfer, msg is controlled by the user. When msgi.buf is null and msgi.len is zero, previous checks on msgi.buf would still be performed. Malicious data could...