CVE-2022-50887 regulator: core: fix unbalanced of node refcount in regulator_dev_lookup()

In the Linux kernel, the following vulnerability has been resolved: regulator: core: fix unbalanced of node refcount in regulatordevlookup I got the the following report: OF: ERROR: memory leak, expected refcount 1 instead of 2, ofnodeget/ofnodeput unbalanced - destroy cset entry: attach overlay...

CVE-2022-50882

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix memory leak in uvcgpioparse Previously the unit buffer was allocated before checking the IRQ for privacy GPIO. In case of error, the unit buffer was leaked. Allocate the unit buffer after the IRQ to avoid it...

CVE-2023-54183

In the Linux kernel, the following vulnerability has been resolved: media: v4l2-core: Fix a potential resource leak in v4l2fwnodeparselink If fwnodegraphgetremoteendpoint fails, 'fwnode' is known to be NULL, so fwnodehandleput is a no-op. Release the reference taken from a previous...

CVE-2023-54183 media: v4l2-core: Fix a potential resource leak in v4l2_fwnode_parse_link()

In the Linux kernel, the following vulnerability has been resolved: media: v4l2-core: Fix a potential resource leak in v4l2fwnodeparselink If fwnodegraphgetremoteendpoint fails, 'fwnode' is known to be NULL, so fwnodehandleput is a no-op. Release the reference taken from a previous...

PT-2025-54123

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s regulator core, specifically within the regulator dev lookup function, leading to an unbalanced device tree node reference count. This occurs because...

PT-2025-54118

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak existed in the uvc gpio parse function within the uvcvideo module. The unit buffer was allocated before checking the Interrupt Request IRQ for privacy GPIO. If an error...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from improper resource release in the v4l2fwnodeparselink function, which could lead to a resource leak...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992354)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992354 advisory. In the Linux kernel, the following vulnerability has been resolved: pinctrl: nomadik: Fix refcount leak in nmkpinctrldtsubnodetomap ofparsephandle returns a node...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992483)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992483 advisory. In the Linux kernel, the following vulnerability has been resolved: powerpc/64: Init jump labels before parseearlyparam On 64-bit, calling jumplabelinit in...

Linux Distros Unpatched Vulnerability : CVE-2025-15284

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Input Validation vulnerability in qs parse modules allows HTTP DoS.This issue affects qs: 6.14.1. Summary The arrayLimit option in qs did not enforce...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992197)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992197 advisory. In the Linux kernel, the following vulnerability has been resolved: ACPICA: Fix error code path in acpidscallcontrolmethod A use-after-free in acpipsparseaml after a...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992416)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992416 advisory. In the Linux kernel, the following vulnerability has been resolved: ASoC: mt6797-mt6351: Fix refcount leak in mt6797mt6351devprobe ofparsephandle returns a node...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992548)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992548 advisory. In the Linux kernel, the following vulnerability has been resolved: mtd: partitions: Fix refcount leak in parseredbootof ofgetchildbyname returns a node pointer with...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992625)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992625 advisory. In the Linux kernel, the following vulnerability has been resolved: mcb: fix a double free bug in chameleonparsegdd In chameleonparsegdd, if mcbdeviceregister fails,...

CVE-2025-15284

Improper Input Validation vulnerability in qs parse modules allows HTTP DoS.This issue affects qs: 6.14.1. Summary The arrayLimit option in qs did not enforce limits for bracket notation a=1&a=2, only for indexed notation a0=1. This is a consistency bug; arrayLimit should apply uniformly across a...

DEBIAN-CVE-2025-15284

Improper Input Validation vulnerability in qs parse modules allows HTTP DoS.This issue affects qs: 6.14.1. Summary The arrayLimit option in qs did not enforce limits for bracket notation a=1&a=2, only for indexed notation a0=1. This is a consistency bug; arrayLimit should apply uniformly across a...

CVE-2025-15284

Improper Input Validation vulnerability in qs parse modules allows HTTP DoS.This issue affects qs: 6.14.1. Summary The arrayLimit option in qs did not enforce limits for bracket notation a=1&a=2, only for indexed notation a0=1. This is a consistency bug; arrayLimit should apply uniformly across a...

CVE-2025-15284 arrayLimit bypass in bracket notation allows DoS via memory exhaustion

Improper Input Validation vulnerability in qs parse modules allows HTTP DoS.This issue affects qs: 6.14.1. Summary The arrayLimit option in qs did not enforce limits for bracket notation a=1&a=2, only for indexed notation a0=1. This is a consistency bug; arrayLimit should apply uniformly across a...

CVE-2025-15284 arrayLimit bypass in bracket notation allows DoS via memory exhaustion

Improper Input Validation vulnerability in qs parse modules allows HTTP DoS.This issue affects qs: 6.14.1. Summary The arrayLimit option in qs did not enforce limits for bracket notation a=1&a=2, only for indexed notation a0=1. This is a consistency bug; arrayLimit should apply uniformly across a...

CVE-2025-15284

CVE-2025-15284 is a vulnerability in the qs library (parse modules) where the arrayLimit check does not apply to bracket notation (a[]=...) as in the vulnerable code path (lib/parse.js:159-162). The issue enables potential DoS via memory exhaustion by creating larger-than-expected arrays, though ...