63 matches found
CVE-2022-49975 bpf: Don't redirect packets with invalid pkt_len
In the Linux kernel, the following vulnerability has been resolved: bpf: Don't redirect packets with invalid pktlen Syzbot found an issue 1: fqcodeldrop try to drop a flow whitout any skbs, that is, the flow-head is null. The root cause, as the 2 says, is because that bpfprogtestrunskb run a bpf...
CVE-2022-49761 btrfs: always report error in run_one_delayed_ref()
In the Linux kernel, the following vulnerability has been resolved: btrfs: always report error in runonedelayedref Currently we have a btrfsdebug for runonedelayedref failure, but if end users hit such problem, there will be no chance that btrfsdebug is enabled. This can lead to very little usefu...
PT-2025-3583 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue concerns the Linux kernel's ASoC: SOF: Intel: hda-dai component, where the link DMA should not be released on a stop trigger, as a stream re-start might occur without closing...
CVE-2024-56573 efi/libstub: Free correct pointer on failure
In the Linux kernel, the following vulnerability has been resolved: efi/libstub: Free correct pointer on failure cmdlineptr is an out parameter, which is not allocated by the function itself, and likely points into the caller's stack. cmdline refers to the pool allocation that should be freed whe...
CVE-2024-26716 usb: core: Prevent null pointer dereference in update_port_device_state
In the Linux kernel, the following vulnerability has been resolved: usb: core: Prevent null pointer dereference in updateportdevicestate Currently, the function updateportdevicestate gets the usbhub from udev-parent by calling usbhubtostructhub. However, in case the actconfig or the maxchild is 0...
CVE-2021-47170
In the Linux kernel, the following vulnerability has been resolved: USB: usbfs: Don't WARN about excessively large memory allocations Syzbot found that the kernel generates a WARNing if the user tries to submit a bulk transfer through usbfs with a buffer that is way too large. This isn't a bug in...
GSD-2023-1002376 net/sched: tcindex: update imperfect hash filters respecting rcu
net/sched: tcindex: update imperfect hash filters respecting rcu This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.169 by commit...
GSD-2023-1002215 usb: gadget: f_fs: Prevent race during ffs_ep0_queue_wait
usb: gadget: ffs: Prevent race during ffsep0queuewait This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.231 by commit...
GSD-2023-1001883 net: phy: dp83822: Fix null pointer access on DP83825/DP83826 devices
net: phy: dp83822: Fix null pointer access on DP83825/DP83826 devices This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.11 by commit...
GSD-2023-1001789 regulator: da9211: Use irq handler when ready
regulator: da9211: Use irq handler when ready This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.164 by commit...
GSD-2023-1001601 hwrng: geode - Fix PCI device refcount leak
hwrng: geode - Fix PCI device refcount leak This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.337 by commit...
GSD-2023-1001443 mmc: alcor: fix return value check of mmc_add_host()
mmc: alcor: fix return value check of mmcaddhost This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.163 by commit...
GSD-2023-1000962 orangefs: Fix kmemleak in orangefs_prepare_debugfs_help_string()
orangefs: Fix kmemleak in orangefspreparedebugfshelpstring This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.86 by commit...
GSD-2023-1000581 igb: Do not free q_vector unless new one was allocated
igb: Do not free qvector unless new one was allocated This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...
GSD-2023-1000250 net: phy: fix null-ptr-deref while probe() failed
net: phy: fix null-ptr-deref while probe failed This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.158 by commit...
GSD-2023-1000137 netfilter: ctnetlink: fix compilation warning after data race fixes in ct mark
netfilter: ctnetlink: fix compilation warning after data race fixes in ct mark This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.83 by commi...
GSD-2022-1008042 bridge: switchdev: Fix memory leaks when changing VLAN protocol
bridge: switchdev: Fix memory leaks when changing VLAN protocol This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.157 by commit...
GSD-2022-1007853 netfilter: nf_tables: netlink notifier might race to release objects
netfilter: nftables: netlink notifier might race to release objects This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.8 by commit...
GSD-2022-1006898 slimbus: qcom-ngd: cleanup in probe error path
slimbus: qcom-ngd: cleanup in probe error path This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.3 by commit...
GSD-2022-1006778 powercap: intel_rapl: fix UBSAN shift-out-of-bounds issue
powercap: intelrapl: fix UBSAN shift-out-of-bounds issue This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.3 by commit...