152 matches found
PT-2022-34828 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.71 Description: A potential security issue exists where kmalloc failure is not properly handled, potentially leading to undefined behavior. The issue was introduced in version v2.6.22 and is fixed in versi...
PT-2022-34599 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.9 Description: A potential security issue exists where the scmnd-result is set without checking if scmnd is NULL. The actual impact and attack plausibility have not yet been proven. This issue was introduc...
GSD-2022-1006036 wifi: iwlegacy: 4965: fix potential off-by-one overflow in il4965_rs_fill_link_cmd()
wifi: iwlegacy: 4965: fix potential off-by-one overflow in il4965rsfilllinkcmd This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.211 by commi...
GSD-2022-1005625 wifi: wil6210: debugfs: fix info leak in wil_write_file_wmi()
wifi: wil6210: debugfs: fix info leak in wilwritefilewmi This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.61 by commit...
GSD-2022-1005362 drm/fb-helper: Fix out-of-bounds access
drm/fb-helper: Fix out-of-bounds access This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.2 by commit...
GSD-2022-1005062 kprobes: don't call disarm_kprobe() for disabled kprobes
kprobes: don't call disarmkprobe for disabled kprobes This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.6 by commit...
PT-2022-33566 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.2 Description: The issue concerns the handling of periods in the pwm: lpc18xx component. It was introduced in version v4.3 and fixed in version v5.19.2. The actual impact and attack plausibility have not y...
PT-2022-33450 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.2 Description: The issue concerns a stack-out-of-bound access in SPMI tracing functions. It was introduced in version v4.3 and fixed in Linux Kernel version v5.19.2. The actual impact and attack plausibili...
PT-2022-33419 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.4 Description: A NULL pointer dereference issue exists in the dev parse header protocol function when skb-dev is null. This issue was introduced in version v5.12 and is fixed in Linux Kernel version v5.19....
PT-2022-33427 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.3 Description: The issue is related to an overflow check in the register shm helper function. It was introduced in version v4.16 and fixed in version v5.19.3. The actual impact and attack plausibility have...
PT-2022-33710 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.64 Description: The issue concerns data-races around weight p and dev weight rtx bias. It was introduced in version v4.11 and fixed in version v5.15.64. The actual impact and attack plausibility have not y...
CVE-2022-2735
A vulnerability was found in the PCS project. This issue occurs due to incorrect permissions on a Unix socket used for internal communication between PCS daemons. A privilege escalation could happen by obtaining an authentication token for a hacluster user. With the "hacluster" token, this flaw...
CVE-2022-2585
It was discovered that when exec'ing from a non-leader thread, armed POSIX CPU timers would be left on a list but freed, leading to a use-after-free...
GSD-2022-1004714 dmaengine: pl330: Fix lockdep warning about non-static key
dmaengine: pl330: Fix lockdep warning about non-static key This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.205 by commit...
GSD-2022-1004697 sfc: fix use after free when disabling sriov
sfc: fix use after free when disabling sriov This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.207 by commit...
GSD-2022-1004646 comedi: vmk80xx: fix expression for tx buffer size
comedi: vmk80xx: fix expression for tx buffer size This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.124 by commit...
GSD-2022-1004451 tick/nohz: unexport __init-annotated tick_nohz_full_setup()
tick/nohz: unexport init-annotated ticknohzfullsetup This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.52 by commit...
GSD-2022-1004412 btrfs: zoned: fix a leaked bioc in read_zone_info
btrfs: zoned: fix a leaked bioc in readzoneinfo This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.56 by commit...
GSD-2022-1004411 drm/panfrost: Fix shrinker list corruption by madvise IOCTL
drm/panfrost: Fix shrinker list corruption by madvise IOCTL This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.56 by commit...
GSD-2022-1004050 jffs2: fix memory leak in jffs2_do_fill_super
jffs2: fix memory leak in jffs2dofillsuper This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.318 by commit...