CVE-2023-53491 start_kernel: Add __no_stack_protector function attribute

In the Linux kernel, the following vulnerability has been resolved: startkernel: Add nostackprotector function attribute Back during the discussion of commit a9a3ed1eff36 "x86: Fix early boot crash on gcc-10, third try" we discussed the need for a function attribute to control the omission of sta...

CVE-2022-50469 staging: rtl8723bs: fix potential memory leak in rtw_init_drv_sw()

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix potential memory leak in rtwinitdrvsw In rtwinitdrvsw, there are various init functions are called to populate the padapter structure and some checks for their return value. However, except for the first o...

CVE-2022-50468

CVE-2022-50468 affects the Linux kernel, specifically the Cros USB PD notifier driver (platform/chrome: cros_usbpd_notify). The issue arises because cros_usbpd_notify_init() does not check the return value of platform_driver_register(), allowing cros_usbpd_notify to install even if registration f...

CVE-2022-50467

CVE-2022-50467 affects the Linux kernel LPFC SCSI driver (lpfc). The vulnerability arises in lpfc_cmpl_ct_cmd_gft_id() where an abnormal exit path could call lpfc_nlp_put() with a null pointer to a nodelist structure, risking a null dereference. The changelog indicates the root cause was a missin...

CVE-2022-50464 mt76: mt7915: Fix PCI device refcount leak in mt7915_pci_init_hif2()

In the Linux kernel, the following vulnerability has been resolved: mt76: mt7915: Fix PCI device refcount leak in mt7915pciinithif2 As comment of pcigetdevice says, it returns a pcidevice with its refcount increased. We need to call pcidevput to decrease the refcount. Save the return value of...

CVE-2022-50464

In the Linux kernel, mt76 MT7915 PCI path had a refcount leak in mt7915_pci_init_hif2(); the issue stems from pci_get_device() returning a device with increased refcount and not balancing with pci_dev_put(). The fix saves the returned pci_device and ensures a pci_dev_put() is called to decrease t...

CVE-2022-50452 net: sched: cake: fix null pointer access issue when cake_init() fails

In the Linux kernel, the following vulnerability has been resolved: net: sched: cake: fix null pointer access issue when cakeinit fails When the default qdisc is cake, if the qdisc of devqueue fails to be inited during mqprioinit, cakereset is invoked to clear resources. In this case, the tins is...

CVE-2022-50452

CVE-2022-50452 describes a null-pointer dereference in the Linux kernel net:sched: cake path during cake_init() failure. If the default qdisc is cake and mqprio_init() fails, cake_reset() clears resources but q->tins remains NULL, leading to a NULL dereference in cake_dequeue_one(). The connec...

CVE-2022-50452 net: sched: cake: fix null pointer access issue when cake_init() fails

In the Linux kernel, the following vulnerability has been resolved: net: sched: cake: fix null pointer access issue when cakeinit fails When the default qdisc is cake, if the qdisc of devqueue fails to be inited during mqprioinit, cakereset is invoked to clear resources. In this case, the tins is...

CVE-2023-53452 wifi: rtw89: fix potential race condition between napi_init and napi_enable

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix potential race condition between napiinit and napienable A race condition can happen if netdev is registered, but NAPI isn't initialized yet, and meanwhile user space starts the netdev that will enable NAPI. Then...

CVE-2023-53452

Observation: CVE-2023-53452 concerns a race condition in the Linux kernel affecting the wifi driver path for rtW89. When a netdev is registered but NAPI isn’t initialized yet, a race can occur if user space opens the netdev and enables NAPI, causing a kernel BUG at net/core/dev.c:6423 and an inva...

CVE-2023-53449 s390/dasd: Fix potential memleak in dasd_eckd_init()

In the Linux kernel, the following vulnerability has been resolved: s390/dasd: Fix potential memleak in dasdeckdinit dasdreservereq is allocated before dasdvolinforeq, and it also needs to be freed before the error returns, just like the other cases in this function...

CVE-2025-39903

In the Linux kernel, the following vulnerability has been resolved: ofnuma: fix uninitialized memory nodes causing kernel panic When there are memory-only nodes nodes without CPUs, these nodes are not properly initialized, causing kernel panic during boot. ofnumainit ofnumaparsecpunodes nodesetni...

AZL-68007 CVE-2025-39891 affecting package kernel for versions less than 6.6.112.1-1

In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Initialize the chanstats array to zero The adapter-chanstats array is initialized in mwifiexinitchannelscangap with vmalloc, which doesn't zero out memory. The array is filled in mwifiexupdatechanstatistics and the...

CVE-2025-39891

In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Initialize the chanstats array to zero The adapter-chanstats array is initialized in mwifiexinitchannelscangap with vmalloc, which doesn't zero out memory. The array is filled in mwifiexupdatechanstatistics and the...

AZL-75122 CVE-2025-39891 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Initialize the chanstats array to zero The adapter-chanstats array is initialized in mwifiexinitchannelscangap with vmalloc, which doesn't zero out memory. The array is filled in mwifiexupdatechanstatistics and the...

UBUNTU-CVE-2025-39891

In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Initialize the chanstats array to zero The adapter-chanstats array is initialized in mwifiexinitchannelscangap with vmalloc, which doesn't zero out memory. The array is filled in mwifiexupdatechanstatistics and the...

UBUNTU-CVE-2025-39904

In the Linux kernel, the following vulnerability has been resolved: arm64: kexec: initialize kexecbuf struct in loadothersegments Patch series "kexec: Fix invalid field access". The kexecbuf structure was previously declared without initialization. commit bf454ec31add "kexecfile: allow to place...

External Initialization of Trusted Variables or Data Stores

Overview ch.qos.logback:logback-core is a logback-core module. Affected versions of this package are vulnerable to External Initialization of Trusted Variables or Data Stores via the conditional processing of the logback.xml configuration file when both the Janino library and Spring Framework are...

CVE-2025-39904 arm64: kexec: initialize kexec_buf struct in load_other_segments()

In the Linux kernel, the following vulnerability has been resolved: arm64: kexec: initialize kexecbuf struct in loadothersegments Patch series "kexec: Fix invalid field access". The kexecbuf structure was previously declared without initialization. commit bf454ec31add "kexecfile: allow to place...