439 matches found
CVE-2023-54295 mtd: spi-nor: Fix shift-out-of-bounds in spi_nor_set_erase_type
In the Linux kernel, the following vulnerability has been resolved: mtd: spi-nor: Fix shift-out-of-bounds in spinorseterasetype spinorseterasetype was used either to set or to mask out an erase type. When we used it to mask out an erase type a shift-out-of-bounds was hit: UBSAN: shift-out-of-boun...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992548)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992548 advisory. In the Linux kernel, the following vulnerability has been resolved: mtd: partitions: Fix refcount leak in parseredbootof ofgetchildbyname returns a node pointer with...
Linux Distros Unpatched Vulnerability : CVE-2023-54104
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mtd: rawnand: fslupm: Fix an off-by one test in funexecop 'op-cs' is copied in 'fun-mchipnumber' which is used to access the 'mchipoffsets' and the 'rnbgpio'...
SUSE CVE-2023-54104
In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: fslupm: Fix an off-by one test in funexecop 'op-cs' is copied in 'fun-mchipnumber' which is used to access the 'mchipoffsets' and the 'rnbgpio' arrays. These arrays have NANDMAXCHIPS elements, so the index must be...
EUVD-2023-60341
In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: fslupm: Fix an off-by one test in funexecop 'op-cs' is copied in 'fun-mchipnumber' which is used to access the 'mchipoffsets' and the 'rnbgpio' arrays. These arrays have NANDMAXCHIPS elements, so the index must be...
UBUNTU-CVE-2023-54104
In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: fslupm: Fix an off-by one test in funexecop 'op-cs' is copied in 'fun-mchipnumber' which is used to access the 'mchipoffsets' and the 'rnbgpio' arrays. These arrays have NANDMAXCHIPS elements, so the index must be...
CVE-2023-54104
Technical details for CVE-2023-54104 are not publicly available in the provided documents; monitor for updates.
CVE-2023-54104 mtd: rawnand: fsl_upm: Fix an off-by one test in fun_exec_op()
In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: fslupm: Fix an off-by one test in funexecop 'op-cs' is copied in 'fun-mchipnumber' which is used to access the 'mchipoffsets' and the 'rnbgpio' arrays. These arrays have NANDMAXCHIPS elements, so the index must be...
PT-2025-53181
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Linux kernel related to out-of-bounds access within the fun exec op function in the rawnand/fsl upm module. The op-cs value is copied into fun-mchip number, which ...
CVE-2025-68238
In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: cadence: fix DMA device NULL pointer dereference The DMA device pointer dmadev was being dereferenced before ensuring that cdnsctrl-dmac is properly initialized. Move the assignment of dmadev after successfully...
UBUNTU-CVE-2025-68237
In the Linux kernel, the following vulnerability has been resolved: mtdchar: fix integer overflow in read/write ioctls The "req.start" and "req.len" variables are u64 values that come from the user at the start of the function. We mask away the high 32 bits of "req.len" so that's capped at U32MAX...
CVE-2025-68238 mtd: rawnand: cadence: fix DMA device NULL pointer dereference
In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: cadence: fix DMA device NULL pointer dereference The DMA device pointer dmadev was being dereferenced before ensuring that cdnsctrl-dmac is properly initialized. Move the assignment of dmadev after successfully...
Ubuntu 14.04 LTS / 16.04 LTS : Linux kernel vulnerabilities (USN-7930-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7930-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...
Linux Distros Unpatched Vulnerability : CVE-2025-68238
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mtd: rawnand: cadence: fix DMA device NULL pointer dereference The DMA device pointer dmadev was being dereferenced before ensuring that cdnsctrl-dmac is proper...
USN-7930-2: Linux kernel (FIPS) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - ACPI drivers; - Hardware monitoring drivers; - InfiniBand drivers; - MTD block device drivers;...
USN-7930-2 linux-fips vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - ACPI drivers; - Hardware monitoring drivers; - InfiniBand drivers; - MTD block device drivers;...
USN-7930-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - ACPI drivers; - Hardware monitoring drivers; - InfiniBand drivers; - MTD block device drivers;...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989697)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989697 advisory. In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: denali: Use managed device resources All of the resources used by this driver has...
Linux Distros Unpatched Vulnerability : CVE-2022-50566
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mtd: Fix device name leak when register device failed in addmtddevice There is a kmemleak when register device failed: unreferenced object 0xffff888101aab550 si...
SUSE CVE-2022-50566
In the Linux kernel, the following vulnerability has been resolved: mtd: Fix device name leak when register device failed in addmtddevice There is a kmemleak when register device failed: unreferenced object 0xffff888101aab550 size 8: comm "insmod", pid 3922, jiffies 4295277753 age 925.408s hex du...