2279 matches found
CVE-2023-54308
In the Linux kernel, the following vulnerability has been resolved: ALSA: ymfpci: Create card with device-managed snddevmcardnew sndcardymfpciremove was removed in commit c6e6bb5eab74 "ALSA: ymfpci: Allocate resources with device-managed APIs", but the call to sndcardnew was not replaced with...
CVE-2023-54308 ALSA: ymfpci: Create card with device-managed snd_devm_card_new()
In the Linux kernel, the following vulnerability has been resolved: ALSA: ymfpci: Create card with device-managed snddevmcardnew sndcardymfpciremove was removed in commit c6e6bb5eab74 "ALSA: ymfpci: Allocate resources with device-managed APIs", but the call to sndcardnew was not replaced with...
CVE-2023-54301 serial: 8250_bcm7271: fix leak in `brcmuart_probe`
In the Linux kernel, the following vulnerability has been resolved: serial: 8250bcm7271: fix leak in brcmuartprobe Smatch reports: drivers/tty/serial/8250/8250bcm7271.c:1120 brcmuartprobe warn: 'baudmuxclk' from clkprepareenable not released on lines: 1032. The issue is fixed by using a managed...
CVE-2023-54301 serial: 8250_bcm7271: fix leak in `brcmuart_probe`
In the Linux kernel, the following vulnerability has been resolved: serial: 8250bcm7271: fix leak in brcmuartprobe Smatch reports: drivers/tty/serial/8250/8250bcm7271.c:1120 brcmuartprobe warn: 'baudmuxclk' from clkprepareenable not released on lines: 1032. The issue is fixed by using a managed...
CVE-2023-54301
CVE-2023-54301 concerns the Linux kernel serial driver 8250_bcm7271 (brcmuart) leak. The issue occurs in brcmuart_probe where a clock (baud_mux_clk) is acquired via clk_prepare_enable() and not released, leading to a leak in the probe path. The vulnerability has been addressed by adopting a manag...
CVE-2023-54228 regulator: raa215300: Fix resource leak in case of error
In the Linux kernel, the following vulnerability has been resolved: regulator: raa215300: Fix resource leak in case of error The clkregisterclkdev allocates memory by calling vclkdevalloc and this memory is not freed in the error path. Similarly, resources allocated by clkregisterfixedrate are no...
CVE-2023-54221 clk: imx93: fix memory leak and missing unwind goto in imx93_clocks_probe
In the Linux kernel, the following vulnerability has been resolved: clk: imx93: fix memory leak and missing unwind goto in imx93clocksprobe In function probe, it returns directly without unregistered hws when error occurs. Fix this by adding 'goto unregisterhws;' on line 295 and line 310. Use...
CVE-2023-54207 HID: uclogic: Correct devm device reference for hidinput input_dev name
In the Linux kernel, the following vulnerability has been resolved: HID: uclogic: Correct devm device reference for hidinput inputdev name Reference the HID device rather than the input device for the devm allocation of the inputdev name. Referencing the inputdev would lead to a use-after-free wh...
PT-2025-54154
In the Linux kernel, the following vulnerability has been resolved: ALSA: ymfpci: Create card with device-managed snd devm card new snd card ymfpci remove was removed in commit c6e6bb5eab74 "ALSA: ymfpci: Allocate resources with device-managed APIs", but the call to snd card new was not replaced...
CVE-2025-2515
A vulnerability was found in BlueChi, a multi-node systemd service controller used in RHIVOS. This flaw allows a user with root privileges on a managed node qm to create or override systemd service unit files that affect the host node. This issue can lead to privilege escalation, unauthorized...
CVE-2025-2515
A vulnerability was found in BlueChi, a multi-node systemd service controller used in RHIVOS. This flaw allows a user with root privileges on a managed node qm to create or override systemd service unit files that affect the host node. This issue can lead to privilege escalation, unauthorized...
EUVD-2025-205290
A vulnerability was found in BlueChi, a multi-node systemd service controller used in RHIVOS. This flaw allows a user with root privileges on a managed node qm to create or override systemd service unit files that affect the host node. This issue can lead to privilege escalation, unauthorized...
CVE-2025-2515 Bluechi: privilege escalation in bluechi via unrestricted cross-node systemd dependencies
A vulnerability was found in BlueChi, a multi-node systemd service controller used in RHIVOS. This flaw allows a user with root privileges on a managed node qm to create or override systemd service unit files that affect the host node. This issue can lead to privilege escalation, unauthorized...
CVE-2025-2515
CVE-2025-2515 concerns BlueChi, a multi-node systemd service controller used in RHIVOS. The vulnerability allows a user with root privileges on a managed node (qm) to create or override systemd service unit files that affect the host node, enabling privilege escalation, unauthorized service execu...
CVE-2025-2515 Bluechi: privilege escalation in bluechi via unrestricted cross-node systemd dependencies
A vulnerability was found in BlueChi, a multi-node systemd service controller used in RHIVOS. This flaw allows a user with root privileges on a managed node qm to create or override systemd service unit files that affect the host node. This issue can lead to privilege escalation, unauthorized...
UBUNTU-CVE-2023-54044
In the Linux kernel, the following vulnerability has been resolved: spmi: Add a check for remove callback when removing a SPMI driver When removing a SPMI driver, there can be a crash due to NULL pointer dereference if it does not have a remove callback defined. This is one such call trace observ...
RLSA-2025:23738 Important: mod_md security update
This module manages common properties of domains for one or more virtual hosts. Specifically it can use the ACME protocol to automate certificate provisioning. Certificates will be configured for managed domains and their virtual hosts automatically, including at renewal. Security Fixes: modmd:...
PT-2025-53317
Name of the Vulnerable Software and Affected Versions BlueChi affected versions not specified Description A flaw exists in BlueChi, a multi-node systemd service controller used in RHIVOS. A user possessing root privileges on a managed node qm can create or override systemd service unit files...
EUVD-2025-204957
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.451, an authenticated command injection vulnerability in PostgreSQL Init Script Filename handling allows users with application/service management permissions to execute...
Important: mod_md security update
This module manages common properties of domains for one or more virtual hosts. Specifically it can use the ACME protocol to automate certificate provisioning. Certificates will be configured for managed domains and their virtual hosts automatically, including at renewal. Security Fixes: modmd:...