340 matches found
UBUNTU-CVE-2023-53454
In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: Correct devm device reference for hidinput inputdev name Reference the HID device rather than the input device for the devm allocation of the inputdev name. Referencing the inputdev would lead to a use-after-free...
SUSE CVE-2022-50276
In the Linux kernel, the following vulnerability has been resolved: power: supply: fix null pointer dereferencing in powersupplygetbatteryinfo when kmalloc fail to allocate memory in kasprintf, propname will be NULL, strcmp called by ofgetproperty will cause null pointer dereference. So return...
CVE-2022-50276
In the Linux kernel, the following vulnerability has been resolved: power: supply: fix null pointer dereferencing in powersupplygetbatteryinfo when kmalloc fail to allocate memory in kasprintf, propname will be NULL, strcmp called by ofgetproperty will cause null pointer dereference. So return...
DEBIAN-CVE-2022-50276
In the Linux kernel, the following vulnerability has been resolved: power: supply: fix null pointer dereferencing in powersupplygetbatteryinfo when kmalloc fail to allocate memory in kasprintf, propname will be NULL, strcmp called by ofgetproperty will cause null pointer dereference. So return...
UBUNTU-CVE-2022-50276
In the Linux kernel, the following vulnerability has been resolved: power: supply: fix null pointer dereferencing in powersupplygetbatteryinfo when kmalloc fail to allocate memory in kasprintf, propname will be NULL, strcmp called by ofgetproperty will cause null pointer dereference. So return...
CVE-2022-50276 power: supply: fix null pointer dereferencing in power_supply_get_battery_info
In the Linux kernel, the following vulnerability has been resolved: power: supply: fix null pointer dereferencing in powersupplygetbatteryinfo when kmalloc fail to allocate memory in kasprintf, propname will be NULL, strcmp called by ofgetproperty will cause null pointer dereference. So return...
CVE-2022-50276 power: supply: fix null pointer dereferencing in power_supply_get_battery_info
In the Linux kernel, the following vulnerability has been resolved: power: supply: fix null pointer dereferencing in powersupplygetbatteryinfo when kmalloc fail to allocate memory in kasprintf, propname will be NULL, strcmp called by ofgetproperty will cause null pointer dereference. So return...
CVE-2022-50276
CVE-2022-50276 is a Linux kernel issue: when kmalloc() fails in kasprintf(), propname becomes NULL and a strcmp() dereferences it in of_get_property(), causing a NULL pointer dereference. The fix is to return ENOMEM when kasprintf() returns NULL. The vulnerability affects the kernel's power suppl...
Linux Distros Unpatched Vulnerability : CVE-2025-39765
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ALSA: timer: fix idafree call while not allocated In the sndutimercreate function, if the kasprintf function return NULL, sndutimerputid will be called, finally...
SUSE CVE-2025-39765
In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: fix idafree call while not allocated In the sndutimercreate function, if the kasprintf function return NULL, sndutimerputid will be called, finally use idafree to free the unallocated id 0. the syzkaller reported the...
CVE-2025-39765
In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: fix idafree call while not allocated In the sndutimercreate function, if the kasprintf function return NULL, sndutimerputid will be called, finally use idafree to free the unallocated id 0. the syzkaller reported the...
DEBIAN-CVE-2025-39765
In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: fix idafree call while not allocated In the sndutimercreate function, if the kasprintf function return NULL, sndutimerputid will be called, finally use idafree to free the unallocated id 0. the syzkaller reported the...
UBUNTU-CVE-2025-39765
In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: fix idafree call while not allocated In the sndutimercreate function, if the kasprintf function return NULL, sndutimerputid will be called, finally use idafree to free the unallocated id 0. the syzkaller reported the...
CVE-2025-39765
CVE-2025-39765 affects Linux kernel ALSA timer handling. The issue is in snd_utimer_create() where, if kasprintf() returns NULL, snd_utimer_put_id() frees an ID that was never allocated, leading to ida_free() being called on id=0. The root cause is that utimer->id is not guaranteed to be valid...
CVE-2025-39765 ALSA: timer: fix ida_free call while not allocated
In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: fix idafree call while not allocated In the sndutimercreate function, if the kasprintf function return NULL, sndutimerputid will be called, finally use idafree to free the unallocated id 0. the syzkaller reported the...
CVE-2025-39765 ALSA: timer: fix ida_free call while not allocated
In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: fix idafree call while not allocated In the sndutimercreate function, if the kasprintf function return NULL, sndutimerputid will be called, finally use idafree to free the unallocated id 0. the syzkaller reported the...
PT-2025-37223
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.15.8 Description: A flaw exists in the Linux kernel's ALSA timer functionality. Specifically, within the snd utimer create function, a potential issue arises if the kasprintf function returns NULL. This can le...
kernel: powerpc/powernv: Add a null pointer check in opal_event_init()
In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv: Add a null pointer check in opaleventinit kasprintf returns a pointer to dynamically allocated memory which can be NULL upon failure...
SUSE CVE-2025-38629
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb: scarlett2: Fix missing NULL check scarlett2inputselectctlinfo sets up the string arrays allocated via kasprintf, but it misses NULL checks, which may lead to NULL dereference Oops. Let's add the proper NULL check...
CVE-2025-38635
In the Linux kernel, the following vulnerability has been resolved: clk: davinci: Add NULL check in davincilpscclkregister devmkasprintf returns NULL when memory allocation fails. Currently, davincilpscclkregister does not check for this case, which results in a NULL pointer dereference. Add NULL...