CVE-2022-49975 bpf: Don't redirect packets with invalid pkt_len

In the Linux kernel, the following vulnerability has been resolved: bpf: Don't redirect packets with invalid pktlen Syzbot found an issue 1: fqcodeldrop try to drop a flow whitout any skbs, that is, the flow-head is null. The root cause, as the 2 says, is because that bpfprogtestrunskb run a bpf...

CVE-2024-56573 efi/libstub: Free correct pointer on failure

In the Linux kernel, the following vulnerability has been resolved: efi/libstub: Free correct pointer on failure cmdlineptr is an out parameter, which is not allocated by the function itself, and likely points into the caller's stack. cmdline refers to the pool allocation that should be freed whe...

CVE-2024-26716 usb: core: Prevent null pointer dereference in update_port_device_state

In the Linux kernel, the following vulnerability has been resolved: usb: core: Prevent null pointer dereference in updateportdevicestate Currently, the function updateportdevicestate gets the usbhub from udev-parent by calling usbhubtostructhub. However, in case the actconfig or the maxchild is 0...

CVE-2021-47170

In the Linux kernel, the following vulnerability has been resolved: USB: usbfs: Don't WARN about excessively large memory allocations Syzbot found that the kernel generates a WARNing if the user tries to submit a bulk transfer through usbfs with a buffer that is way too large. This isn't a bug in...

GSD-2023-1002376 net/sched: tcindex: update imperfect hash filters respecting rcu

net/sched: tcindex: update imperfect hash filters respecting rcu This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.169 by commit...

GSD-2023-1001883 net: phy: dp83822: Fix null pointer access on DP83825/DP83826 devices

net: phy: dp83822: Fix null pointer access on DP83825/DP83826 devices This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.11 by commit...

GSD-2023-1001789 regulator: da9211: Use irq handler when ready

regulator: da9211: Use irq handler when ready This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.164 by commit...

GSD-2023-1001601 hwrng: geode - Fix PCI device refcount leak

hwrng: geode - Fix PCI device refcount leak This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.337 by commit...

GSD-2023-1000137 netfilter: ctnetlink: fix compilation warning after data race fixes in ct mark

netfilter: ctnetlink: fix compilation warning after data race fixes in ct mark This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.83 by commi...

GSD-2022-1008042 bridge: switchdev: Fix memory leaks when changing VLAN protocol

bridge: switchdev: Fix memory leaks when changing VLAN protocol This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.157 by commit...

GSD-2022-1006594 gpiolib: cdev: Set lineevent_state::irq after IRQ register successfully

gpiolib: cdev: Set lineeventstate::irq after IRQ register successfully This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.146 by commit...

GSD-2022-1006517 netfilter: nf_tables: fix percpu memory leak at nf_tables_addchain()

netfilter: nftables: fix percpu memory leak at nftablesaddchain This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.12 by commit...

GSD-2022-1006285 media: pvrusb2: fix memory leak in pvr_probe

media: pvrusb2: fix memory leak in pvrprobe This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.327 by commit...

GSD-2022-1005953 tty: serial: Fix refcount leak bug in ucc_uart.c

tty: serial: Fix refcount leak bug in uccuart.c This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.211 by commit...

GSD-2022-1005453 netfilter: flowtable: fix stuck flows on cleanup due to pending work

netfilter: flowtable: fix stuck flows on cleanup due to pending work This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.64 by commit...

GSD-2022-1005050 netfilter: flowtable: fix stuck flows on cleanup due to pending work

netfilter: flowtable: fix stuck flows on cleanup due to pending work This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.6 by commit...

GSD-2022-1004875 xen/netfront: force data bouncing when backend is untrusted

xen/netfront: force data bouncing when backend is untrusted This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.287 by commit...

GSD-2022-1004725 PM / devfreq: exynos-ppmu: Fix refcount leak in of_get_devfreq_events

PM / devfreq: exynos-ppmu: Fix refcount leak in ofgetdevfreqevents This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.204 by commit...

GSD-2022-1002541 staging: rtl8712: fix uninit-value in usb_read8() and friends

staging: rtl8712: fix uninit-value in usbread8 and friends This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.4 by commit...

GSD-2022-1002356 power: supply: ab8500: Fix memory leak in ab8500_fg_sysfs_init

power: supply: ab8500: Fix memory leak in ab8500fgsysfsinit This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.238 by commit...