67 matches found
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi: avoid null dereference in deinit. If venusprobe fails at pmruntimeputsync, it first calls hfiDestroy, and then hficoredeinit. Since hfiDestroy sets core-ops to NULL, hficoredeinit can no longer call the...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005099)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005099 advisory. In the Linux kernel, the following vulnerability has been resolved: media: venus: fix use after free in vdecclose There appears to be a possible use after free with...
Azure Linux 3.0 Security Update: kernel (CVE-2025-23158)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-23158 advisory. - In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi: add check to handle...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989745)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989745 advisory. In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi: avoid null dereference in deinit If venusprobe fails at pmruntimeputsync the...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-986441)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986441 advisory. In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi: avoid null dereference in deinit If venusprobe fails at pmruntimeputsync the...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987394)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987394 advisory. In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi: avoid null dereference in deinit If venusprobe fails at pmruntimeputsync the...
EUVD-2025-13087
Malicious code in bioql PyPI...
EUVD-2022-54703
Malicious code in bioql PyPI...
EUVD-2025-26790
Malicious code in bioql PyPI...
SUSE CVE-2025-39709
In the Linux kernel, the following vulnerability has been resolved: media: venus: protect against spurious interrupts during probe Make sure the interrupt handler is initialized before the interrupt is registered. If the IRQ is registered before hficreate, it's possible that an interrupt fires...
media: venus: Fix OOB read due to missing payload bound check
...
Linux Distros Unpatched Vulnerability : CVE-2025-38679
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: venus: Fix OOB read due to missing payload bound check Currently, The eventseqchanged handler processes a variable number of properties sent by the...
SUSE CVE-2025-39710
In the Linux kernel, the following vulnerability has been resolved: media: venus: Add a check for packet size after reading from shared memory Add a check to ensure that the packet size does not exceed the number of available words after reading the packet header from shared memory. This ensures...
CVE-2025-39710
In the Linux kernel, the following vulnerability has been resolved: media: venus: Add a check for packet size after reading from shared memory Add a check to ensure that the packet size does not exceed the number of available words after reading the packet header from shared memory. This ensures...
AZL-66929 CVE-2025-39709 affecting package kernel for versions less than 6.6.104.2-1
In the Linux kernel, the following vulnerability has been resolved: media: venus: protect against spurious interrupts during probe Make sure the interrupt handler is initialized before the interrupt is registered. If the IRQ is registered before hficreate, it's possible that an interrupt fires...
AZL-66944 CVE-2025-39710 affecting package kernel for versions less than 6.6.104.2-1
In the Linux kernel, the following vulnerability has been resolved: media: venus: Add a check for packet size after reading from shared memory Add a check to ensure that the packet size does not exceed the number of available words after reading the packet header from shared memory. This ensures...
UBUNTU-CVE-2025-39709
In the Linux kernel, the following vulnerability has been resolved: media: venus: protect against spurious interrupts during probe Make sure the interrupt handler is initialized before the interrupt is registered. If the IRQ is registered before hficreate, it's possible that an interrupt fires...
UBUNTU-CVE-2025-39710
In the Linux kernel, the following vulnerability has been resolved: media: venus: Add a check for packet size after reading from shared memory Add a check to ensure that the packet size does not exceed the number of available words after reading the packet header from shared memory. This ensures...
CVE-2025-39710 media: venus: Add a check for packet size after reading from shared memory
In the Linux kernel, the following vulnerability has been resolved: media: venus: Add a check for packet size after reading from shared memory Add a check to ensure that the packet size does not exceed the number of available words after reading the packet header from shared memory. This ensures...
CVE-2025-39710
CVE-2025-39710: In the Linux kernel, the Venus media driver adds a packet-size validation after reading the header from shared memory to ensure the reported size cannot exceed the number of available words. This fixes potential out-of-bounds memory accesses by firmware-provided sizes. The fix tar...