DEBIAN-CVE-2022-49731

In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: fix NULL pointer deref in atahostallocpinfo In an unlikely and probably wrong? case that the 'ppi' parameter of atahostallocpinfo points to an array starting with a NULL pointer, there's going to be a kernel oop...

CVE-2022-49511

In the Linux kernel, the following vulnerability has been resolved: fbdev: defio: fix the pagelist corruption Easily hit the below list corruption: == listadd corruption. prev-next should be next ffffffffc0ceb090, but was ffffec604507edc8. prev=ffffec604507edc8. WARNING: CPU: 65 PID: 3959 at...

CVE-2022-49511 fbdev: defio: fix the pagelist corruption

In the Linux kernel, the following vulnerability has been resolved: fbdev: defio: fix the pagelist corruption Easily hit the below list corruption: == listadd corruption. prev-next should be next ffffffffc0ceb090, but was ffffec604507edc8. prev=ffffec604507edc8. WARNING: CPU: 65 PID: 3959 at...

CVE-2022-49511

In the Linux kernel, the following vulnerability has been resolved: fbdev: defio: fix the pagelist corruption Easily hit the below list corruption: == listadd corruption. prev-next should be next ffffffffc0ceb090, but was ffffec604507edc8. prev=ffffec604507edc8. WARNING: CPU: 65 PID: 3959 at...

CVE-2022-49478

CVE-2022-49478 affects the Linux kernel via the media: pvrusb2 driver, specifically a faulty check in pvr2_i2c_core_init that permits an array index of -1 to be used. The issue arises when hdw->unit_number is initialized to -1 and may remain unchanged if the init-table walk fails, leading to o...

CVE-2022-49181

This CVE-2022-49181 entry is rejected and does not represent an active vulnerability.

PT-2025-18423

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability has been resolved in the Linux kernel. The issue is related to the jfs file system, where the imap allocated in the diMount function is not properly initialized after...

net/mlx5: Fix command bitmask initialization

...

CVE-2024-56677

CVE-2024-56677 (Linux kernel, powerpc fadump) : The issue arises during early init when CMA_MIN_ALIGNMENT_BYTES can be PAGE_SIZE because pageblock_order is not yet initialized. This bypasses the CMA memory alignment check in cma_init_reserved_mem(), allowing a potential misalignment that can trig...

CVE-2024-50264

...

PT-2025-3602 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the Linux kernel's ptrace functionality, specifically with the arm64 architecture. The problem arises when the poe set function does not initialize a temporary...

CVE-2022-48972 mac802154: fix missing INIT_LIST_HEAD in ieee802154_if_add()

In the Linux kernel, the following vulnerability has been resolved: mac802154: fix missing INITLISTHEAD in ieee802154ifadd Kernel fault injection test reports null-ptr-deref as follows: BUG: kernel NULL pointer dereference, address: 0000000000000008 RIP: 0010:cfg802154netdevnotifiercall+0x120/0x3...

UBUNTU-CVE-2024-46816

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Stop amdgpudm initialize when link nums greater than maxlinks Why Coverity report OVERRUN warning. There are only maxlinks elements within dc-links. link count could up to AMDGPUDMMAXDISPLAYINDEX 31. How Make sur...

Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init()

...

DEBIAN-CVE-2024-44945

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink: Initialise extack before use in ACKs Add missing extack initialisation when ACKing BATCHBEGIN and BATCHEND...

SUSE CVE-2024-42161

In the Linux kernel, the following vulnerability has been resolved: bpf: Avoid uninitialized value in BPFCOREREADBITFIELD Changes from V1: - Use a default branch in the switch statement to initialize val'. GCC warns that val' may be used uninitialized in the BPFCREREADBITFIELD macro, defined in...

AZL-47219 CVE-2024-42076 affecting package kernel for versions less than 6.6.43.1-7

In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: Initialize unused data in j1939sendone syzbot reported kernel-infoleak in rawrecvmsg 1. j1939sendone creates full frame including unused data, but it doesn't initialize it. This causes the kernel-infoleak issue...

AZL-68340 CVE-2024-41079 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: nvmet: always initialize cqe.result The spec doesn't mandate that the first two double words aka results for the command queue entry need to be set to 0 when they are not used not specified. Though, the target implemention return...

kernel: blk-cgroup: Reinit blkg_iostat_set after clearing in blkcg_reset_stats()

In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Reinit blkgiostatset after clearing in blkcgresetstats When blkgalloc is called to allocate a blkcggq structure with the associated blkgiostatset's, there are 2 fields within blkgiostatset that requires proper...

CVE-2024-40925

In the Linux kernel, the following vulnerability has been resolved: block: fix request.queuelist usage in flush Friedrich Weber reported a kernel crash problem and bisected to commit 81ada09cc25e "blk-flush: reuse rq queuelist in flush state machine". The root cause is that we use...