3 matches found
CVE-2025-39836 efi: stmm: Fix incorrect buffer allocation method
In the Linux kernel, the following vulnerability has been resolved: efi: stmm: Fix incorrect buffer allocation method The communication buffer allocated by setupmmhdr is later on passed to teeshmregisterkernelbuf. The latter expects those buffers to be contiguous pages, but setupmmhdr just uses...
CVE-2025-38481 comedi: Fail COMEDI_INSNLIST ioctl if n_insns is too large
In the Linux kernel, the following vulnerability has been resolved: comedi: Fail COMEDIINSNLIST ioctl if ninsns is too large The handling of the COMEDIINSNLIST ioctl allocates a kernel buffer to hold the array of struct comediinsn, getting the length from the ninsns member of the struct...
CVE-2025-38481 comedi: Fail COMEDI_INSNLIST ioctl if n_insns is too large
In the Linux kernel, the following vulnerability has been resolved: comedi: Fail COMEDIINSNLIST ioctl if ninsns is too large The handling of the COMEDIINSNLIST ioctl allocates a kernel buffer to hold the array of struct comediinsn, getting the length from the ninsns member of the struct...