CVE-2026-46286

A flaw was found in the Linux kernel's qcom-lpg LED driver. This vulnerability, an array overflow, occurs when the driver attempts to select high-resolution values. Due to incorrect indexing, the system may read random data from memory, which could lead to information disclosure or unpredictable...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: led: qcom-lpg: Fixed sleeping in atomic operations The lpgh brightnessset function can enter a sleeping state, while the led’s brightnessset callback must be non-blocking. The LPG driver should use brightnesssetblocking instea...

EUVD-2016-1473

Malware in sbrugna...

EUVD-2016-1480

Malware in sbrugna...

EUVD-2017-1061

Malware in sbrugna...

EUVD-2018-13331

Malware in sbrugna...

leds: mlxreg: Use devm_mutex_init() for mutex initialization

...

SUSE CVE-2022-50371

In the Linux kernel, the following vulnerability has been resolved: led: qcom-lpg: Fix sleeping in atomic lpgbrighnessset function can sleep, while led's brightnessset callback must be non-blocking. Change LPG driver to use brightnesssetblocking instead. BUG: sleeping function called from invalid...

CVE-2022-50371 led: qcom-lpg: Fix sleeping in atomic

In the Linux kernel, the following vulnerability has been resolved: led: qcom-lpg: Fix sleeping in atomic lpgbrighnessset function can sleep, while led's brightnessset callback must be non-blocking. Change LPG driver to use brightnesssetblocking instead. BUG: sleeping function called from invalid...

CVE-2022-50371

CVE-2022-50371 concerns the Linux kernel, specifically the qcom-lpg LED driver. The issue arises because lpg_brighness_set() could sleep while the brightness_set() callback for the LED must be non-blocking, leading to sleeping in atomic context (as shown by the stack trace and in_atomic/irq state...

CVE-2022-50371

In the Linux kernel, the following vulnerability has been resolved: led: qcom-lpg: Fix sleeping in atomic lpgbrighnessset function can sleep, while led's brightnessset callback must be non-blocking. Change LPG driver to use brightnesssetblocking instead. BUG: sleeping function called from invalid...

Linux Distros Unpatched Vulnerability : CVE-2024-42128

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - leds: an30259a: Use devmmutexinit for mutex initialization In this driver LEDs are registered using devmledclassdevregister so they are automatically unregister...

SUSE CVE-2024-42129

In the Linux kernel, the following vulnerability has been resolved: leds: mlxreg: Use devmmutexinit for mutex initialization In this driver LEDs are registered using devmledclassdevregister so they are automatically unregistered after module's remove is done. ledclassdevunregister calls module's...

CVE-2024-42129

A flaw was found in the Linux kernel. The ledclassdevunregister calls the ledsetbrightness module to turn off the LEDs. This callback uses mutex, which was destroyed in the remove module...

CVE-2024-42129 leds: mlxreg: Use devm_mutex_init() for mutex initialization

In the Linux kernel, the following vulnerability has been resolved: leds: mlxreg: Use devmmutexinit for mutex initialization In this driver LEDs are registered using devmledclassdevregister so they are automatically unregistered after module's remove is done. ledclassdevunregister calls module's...

CVE-2021-33094

Insecure inherited permissions in the installer for the IntelR NUC M15 Laptop Kit Keyboard LED Service driver pack before version 1.0.0.4 may allow an authenticated user to potentially enable escalation of privilege via local access...

Integer overflow

drivers/leds/leds-aw2023.c in the led driver for custom Linux kernels on the Xiaomi Redmi 6pro daisy-o-oss phone has several integer overflows because of a left-shifting operation when the right-hand operand can be equal to or greater than the integer length. This can be exploited by a crafted...

CVE-2018-20788

drivers/leds/leds-aw2023.c in the led driver for custom Linux kernels on the Xiaomi Redmi 6pro daisy-o-oss phone has several integer overflows because of a left-shifting operation when the right-hand operand can be equal to or greater than the integer length. This can be exploited by a crafted...

CVE-2018-20788

CVE-2018-20788 affects the Linux led driver for the Xiaomi Redmi 6pro (drivers/leds/leds-aw2023.c). The underlying issue is integer overflows caused by a left-shift when the right-hand operand is equal to or exceeds the integer length, which can be exploited by a crafted application to cause a de...

Google Android HTC Component Elevation of Privilege Vulnerability

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA for short. LED driver is one of the LED drivers. There is an elevation vulnerability in the LED driver in Android. An attacker can exploit this vulnerability to gain elevated...