CVE-2023-53796

The CVE-2023-53796 issue concerns the Linux kernel f2fs: when converting an inline directory to a regular one, f2fs leaks uninitialized memory to disk because the entire directory block isn’t zero-initialized. This security flaw was introduced by commit 4ec17d688d74 and was uncovered by xfstest g...

CVE-2023-53796 f2fs: fix information leak in f2fs_move_inline_dirents()

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix information leak in f2fsmoveinlinedirents When converting an inline directory to a regular one, f2fs is leaking uninitialized memory to disk because it doesn't initialize the entire directory block. Fix this by...

CVE-2023-53796 f2fs: fix information leak in f2fs_move_inline_dirents()

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix information leak in f2fsmoveinlinedirents When converting an inline directory to a regular one, f2fs is leaking uninitialized memory to disk because it doesn't initialize the entire directory block. Fix this by...

CVE-2022-50656 nfc: pn533: Clear nfc_target before being used

In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: Clear nfctarget before being used Fix a slab-out-of-bounds read that occurs in nlaput called from nfcgenlsendtarget when target-sensbreslen, which is duplicated from an nfctarget in pn533, is too large as the nfctarge...

CVE-2022-50656 nfc: pn533: Clear nfc_target before being used

In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: Clear nfctarget before being used Fix a slab-out-of-bounds read that occurs in nlaput called from nfcgenlsendtarget when target-sensbreslen, which is duplicated from an nfctarget in pn533, is too large as the nfctarge...

CVE-2022-50646 scsi: hpsa: Fix possible memory leak in hpsa_init_one()

In the Linux kernel, the following vulnerability has been resolved: scsi: hpsa: Fix possible memory leak in hpsainitone The hpdaallocctlrinfo allocates h and its field replymap. However, in hpsainitone, if allocpercpu failed, the hpsainitone jumps to clean1 directly, which frees h and leaks the...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a resource leak on removal of the ASoC codecs wcd-mbhc-v2 component, which could lead to a failure in the...

EDK2 安全漏洞

EDK2 is a set of cross-platform firmware development environments from the Tianocore community based on the UEFI and PI specifications. A security vulnerability exists in EDK2 that stems from improper input validation and could lead to arbitrary command execution...

PT-2025-49723

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's md/raid10 component, specifically within the raid10 sync request function. The issue involves a null pointer dereference that can occur when recovery ...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates from a memory leak in the ipw2200 wifi driver initialization error path...

PT-2025-49726

In the Linux kernel, the following vulnerability has been resolved: ext4: don't clear SB RDONLY when remounting r/w until quota is re-enabled When a file system currently mounted read/only is remounted read/write, if we clear the SB RDONLY flag too early, before the quota is initialized, and ther...

PT-2025-49658

In the Linux kernel, the following vulnerability has been resolved: ethtool: Fix uninitialized number of lanes It is not possible to set the number of lanes when setting link modes using the legacy IOCTL ethtool interface. Since 'struct ethtool link ksettings' is not initialized in this path,...

PT-2025-49696

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue within the ath11k module related to handling disconnected Wi-Fi peers. Specifically, a failure log occurs when attempting to find a peer with an ID of ...

PT-2025-49691

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the ipw2200 driver within the Linux kernel. Specifically, the issue occurs in the ipw wdev init function, where memory allocated within the function is not releas...

PT-2025-49702

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to RDMA/rxe functionality. Specifically, a potential NULL pointer dereference can occur within the rxe qp init req function when rxe queue init...

PT-2025-49636

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s NFC subsystem, specifically within the pn533 component. The issue involves a slab-out-of-bounds read occurring in the nla put function, which is calle...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates from a memory leak in the stmmac driver initialization error path...

EUVD-2025-201745

In initpkvmhypvcpu of pkvm.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

EUVD-2025-201764

In initDecoder of C2SoftDav1dDec.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

Multiple vulnerabilities in GroupSession

Overview GroupSession provided by Japan Total System Co.,Ltd. contains multiple vulnerabilities listed below. Stored cross-site scripting CWE-79 - CVE-2025-53523 Stored cross-site scripting CWE-79 - CVE-2025-54407 Reflected cross-site scripting CWE-79 - CVE-2025-57883 Cross-site request forgery...