78 matches found
UBUNTU-CVE-2023-53168
In the Linux kernel, the following vulnerability has been resolved: usb: ucsiacpi: Increase the command completion timeout Commit 130a96d698d7 "usb: typec: ucsi: acpi: Increase command completion timeout value" increased the timeout from 5 seconds to 60 seconds due to issues related to alternate...
CVE-2023-53195
CVE-2023-53195 affects the Linux kernel mlxsw minimal subsystem. The vulnerability stems from a memory leak in mlxsw_m_linecards_init(), where the line cards array was not freed in the error path. The patch fixes this by freeing the array in the error path, making it equivalent to mlxsw_m_linecar...
PT-2025-37554
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A memory leak exists in the VXLAN implementation of the Linux kernel. The memory allocated by vxlan vnigroup init is not freed in the error path, leading to memory leaks. This can be...
kernel: drm/vkms: Fix use after free and double free on init error
In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix use after free and double free on init error If the driver initialization fails, the vkmsexit function might access an uninitialized or freed defaultconfig pointer and it might double free it. Fix both possible erro...
kernel: drm/vkms: Fix use after free and double free on init error
In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix use after free and double free on init error If the driver initialization fails, the vkmsexit function might access an uninitialized or freed defaultconfig pointer and it might double free it. Fix both possible erro...
Linux Distros Unpatched Vulnerability : CVE-2024-42307
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential null pointer use in destroyworkqueue in initcifs error path Dan Carpente...
SUSE CVE-2022-50135
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix BUG: KASAN: null-ptr-deref in rxeqpdocleanup The function rxecreateqp calls rxeqpfrominit. If some error occurs, the error handler of function rxeqpfrominit will set both scq and rcq to NULL. Then rxecreateqp calls...
SUSE CVE-2025-22097
In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix use after free and double free on init error If the driver initialization fails, the vkmsexit function might access an uninitialized or freed defaultconfig pointer and it might double free it. Fix both possible erro...
DEBIAN-CVE-2025-22097
In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix use after free and double free on init error If the driver initialization fails, the vkmsexit function might access an uninitialized or freed defaultconfig pointer and it might double free it. Fix both possible erro...
UBUNTU-CVE-2025-22097
In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix use after free and double free on init error If the driver initialization fails, the vkmsexit function might access an uninitialized or freed defaultconfig pointer and it might double free it. Fix both possible erro...
CVE-2025-30211
CVE-2025-30211 affects Erlang/OTP: prior to OTP-27.3.1, 26.2.5.10, and 25.3.2.19, a malicious KEX init message can trigger high memory usage because the implementation does not verify RFC limits on 64-character algorithm names in KEX init messages, leading to memory allocation for processing mali...
SUSE CVE-2025-21810
In the Linux kernel, the following vulnerability has been resolved: driver core: class: Fix wild pointer dereferences in API classdeviternext There are a potential wild pointer dereferences issue regarding APIs classdeviterinit|next|exit, as explained by below typical usage: // All members of @it...
PT-2025-8895 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A crash issue in the Linux kernel has been resolved. The problem occurs when the gpiochip get ngpios function is called, which uses chip macros to print messages. However, these macros...
CLSA-2025-1739525795 kernel: Fix of 24 CVEs
media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in uvcparseformat CVE-2024-53104 - wifi: ath9k: add range check for connrspepid in htcconnectservice CVE-2024-53156 - xsk: fix OOB map writes when deleting elements CVE-2024-56614 - hvsock: Initializing vsk-trans to NULL to prevent a...
CVE-2024-53191 wifi: ath12k: fix warning when unbinding
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix warning when unbinding If there is an error during some initialization related to firmware, the buffers dp-txringi.txstatus are released. However this is released again when the device is unbinded ath12kpci, and...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-48879: efi: fix NULL-deref in init error path bsc1229556. CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1231893. CVE-2022-48957:...
CVE-2024-47694 IB/mlx5: Fix UMR pd cleanup on error flow of driver init
In the Linux kernel, the following vulnerability has been resolved: IB/mlx5: Fix UMR pd cleanup on error flow of driver init The cited commit moves the pd allocation from function mlx5rumrresourcecleanup to a new function mlx5rumrcleanup. So the fix in commit 1 is broken. In error flow, will hit...
CVE-2022-48879
In the Linux kernel, the following vulnerability has been resolved: efi: fix NULL-deref in init error path In cases where runtime services are not supported or have been disabled, the runtime services workqueue will never have been allocated. Do not try to destroy the workqueue unconditionally in...
CVE-2022-48879 efi: fix NULL-deref in init error path
In the Linux kernel, the following vulnerability has been resolved: efi: fix NULL-deref in init error path In cases where runtime services are not supported or have been disabled, the runtime services workqueue will never have been allocated. Do not try to destroy the workqueue unconditionally in...
DEBIAN-CVE-2024-42303
In the Linux kernel, the following vulnerability has been resolved: media: imx-pxp: Fix ERRPTR dereference in pxpprobe devmregmapinitmmio can fail, add a check and bail out in case of error...