160 matches found
CVE-2023-53093
CVE-2023-53093 affects the Linux kernel tracing subsystem, where histogram values are not allowed to use certain modifiers. The root cause is that histogram code was not prepared to handle modifiers for histograms, leading to a NULL pointer dereference and kernel oops when printing histograms via...
CVE-2022-49824
In the Linux kernel, CVE-2022-49824 affects the ata_tlink_add() path in libata-transport. The root cause is that transport_add_device()'s return value is not checked, which can lead to a NULL pointer dereference during module removal when transport_remove_device() is called for a device that wasn...
CVE-2025-22096 drm/msm/gem: Fix error code msm_parse_deps()
In the Linux kernel, the following vulnerability has been resolved: drm/msm/gem: Fix error code msmparsedeps The SUBMITERROR macro turns the error code negative. This extra '-' operation turns it back to positive EINVAL again. The error code is passed to ERRPTR and since positive values are not a...
CVE-2025-22092 PCI: Fix NULL dereference in SR-IOV VF creation error path
In the Linux kernel, the following vulnerability has been resolved: PCI: Fix NULL dereference in SR-IOV VF creation error path Clean up when virtfn setup fails to prevent NULL pointer dereference during device removal. The kernel oops below occurred due to incorrect error handling flow when...
CVE-2025-22086 RDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix mlx5pollone curqp update flow When curqp isn't NULL, in order to avoid fetching the QP from the radix tree again we check if the next cqe QP is identical to the one we already have. The bug however is that we are...
PT-2025-29001
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A NULL pointer dereference issue was identified in the mt7996 thermal init function within the mt7996 driver of the Linux kernel. The devm kasprintf function can return a NULL pointer ...
CVE-2025-21949
In the Linux kernel, the following vulnerability has been resolved: LoongArch: Set hugetlb mmap base address aligned with pmd size With ltp test case "testcases/bin/hugefork02", there is a dmesg error report message such as: kernel BUG at mm/hugetlb.c:5550! Oops - BUG1: CPU: 0 UID: 0 PID: 1517...
CVE-2025-21982
CVE-2025-21982 affects the Linux kernel’s pinctrl nuvoton npcm8xx GPIO firmware path. The issue stems from devm_kasprintf() potentially returning NULL on failure, with the NULL return not being checked in npcm8xx_gpio_fw(), leading to a kernel NULL pointer dereference. A fix adds a NULL-check in ...
CVE-2025-21949
CVE-2025-21949: LoongArch Linux kernel vulnerability in hugetlb mmap base address alignment. The issue occurred when the base address allocated from hugetlbfs was not aligned to the PMD size, triggering a kernel BUG in mm/hugetlb.c. A patch was added to check hugetlbfs mappings and align the mmap...
DEBIAN-CVE-2022-49741
In the Linux kernel, the following vulnerability has been resolved: fbdev: smscufx: fix error handling code in ufxusbprobe The current error handling code in ufxusbprobe have many unmatching issues, e.g., missing ufxfreeusblist, destroymodedb label should only include framebufferrelease,...
CVE-2022-49761
In the Linux kernel, the following vulnerability has been resolved: btrfs: always report error in runonedelayedref Currently we have a btrfsdebug for runonedelayedref failure, but if end users hit such problem, there will be no chance that btrfsdebug is enabled. This can lead to very little usefu...
Linux Distros Unpatched Vulnerability : CVE-2024-50292
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ASoC: stm32: spdifrx: fix dma channel release in stm32spdifrxremove In case of error when...
Linux Distros Unpatched Vulnerability : CVE-2024-58082
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: media: nuvoton: Fix an error check in npcmvideoeceinit When function offinddevicebynode fail...
Linux Distros Unpatched Vulnerability : CVE-2021-47143
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/smc: remove device from smcddevlist after failed deviceadd If the deviceadd for a smcddev fails, there's no cleanup step that rolls back the earlier listadd...
Linux Distros Unpatched Vulnerability : CVE-2022-49130
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ath11k: mhi: use mhisyncpowerup If amss.bin was missing ath11k would crash during 'rmmod ath11kpci'. The reason for that was that we were using mhiasyncpowerup...
Linux Distros Unpatched Vulnerability : CVE-2022-48818
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: dsa: mv88e6xxx: don't use devres for mdiobus As explained in commits: 74b6d7d13307 net: dsa: realtek: register the MDIO bus under devres 5135e96a3dd2 net:...
Linux Distros Unpatched Vulnerability : CVE-2022-49670
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: linux/dim: Fix divide by 0 in RDMA DIM Fix a divide 0 error in rdmadimstatscompare when...
Linux Distros Unpatched Vulnerability : CVE-2024-47665
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - i3c: mipi-i3c-hci: Error out instead on BUGON in IBI DMA setup Definitely condition dmagetcachealignment defined value 256 during driver initialization is not...
Linux Distros Unpatched Vulnerability : CVE-2024-46795
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ksmbd: unset the binding mark of a reused connection Steve French reported null pointer...
Linux Distros Unpatched Vulnerability : CVE-2023-52877
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: Fix NULL pointer dereference in tcpmpdsvdm It is possible that...