UBUNTU-CVE-2023-53232

In the Linux kernel, the following vulnerability has been resolved: mt76: mt7921: fix kernel panic by accessing unallocated eeprom.data The MT7921 driver no longer uses eeprom.data, but the relevant code has not been removed completely since commit 16d98b548365 "mt76: mt7921: rely on...

UBUNTU-CVE-2022-50334

In the Linux kernel, the following vulnerability has been resolved: hugetlbfs: fix null-ptr-deref in hugetlbfsparseparam Syzkaller reports a null-ptr-deref bug as follows: ====================================================== KASAN: null-ptr-deref in range 0x0000000000000000-0x0000000000000007...

CVE-2022-50334 hugetlbfs: fix null-ptr-deref in hugetlbfs_parse_param()

In the Linux kernel, the following vulnerability has been resolved: hugetlbfs: fix null-ptr-deref in hugetlbfsparseparam Syzkaller reports a null-ptr-deref bug as follows: ====================================================== KASAN: null-ptr-deref in range 0x0000000000000000-0x0000000000000007...

CVE-2022-50334 hugetlbfs: fix null-ptr-deref in hugetlbfs_parse_param()

In the Linux kernel, the following vulnerability has been resolved: hugetlbfs: fix null-ptr-deref in hugetlbfsparseparam Syzkaller reports a null-ptr-deref bug as follows: ====================================================== KASAN: null-ptr-deref in range 0x0000000000000000-0x0000000000000007...

CVE-2023-53261

CVE-2023-53261 : Linux kernel coresight memory leak in acpi_buffer->pointer. The leak occurs because the temporary buffer is not freed before returning from acpi_get_dsd_graph(); the fix moves buf to acpi_coresight_parse_graph() and frees it prior to function return. Affected: Linux kernel (as...

CVE-2023-53232

CVE-2023-53232 affects the Linux kernel MT7921/MT76 stack. The vulnerability arises from a kernel panic due to accessing unallocated eeprom.data, leading to a NULL dereference in mt7921_mcu_parse_response. A fix is present: the MT7921 driver no longer uses eeprom.data, and the code referencing it...

CVE-2023-53232 mt76: mt7921: fix kernel panic by accessing unallocated eeprom.data

In the Linux kernel, the following vulnerability has been resolved: mt76: mt7921: fix kernel panic by accessing unallocated eeprom.data The MT7921 driver no longer uses eeprom.data, but the relevant code has not been removed completely since commit 16d98b548365 "mt76: mt7921: rely on...

CVE-2023-53170

CVE-2023-53170 relates to the Linux kernel where the patch eliminates an unnecessary of_node_put in felix_parse_ports_node (net: dsa). The fix removes the of_node_put from the continue path to prevent the child node from being released twice, which could otherwise lead to resource leaks or other ...

CVE-2023-53170 net: dsa: Removed unneeded of_node_put in felix_parse_ports_node

In the Linux kernel, the following vulnerability has been resolved: net: dsa: Removed unneeded ofnodeput in felixparseportsnode Remove unnecessary ofnodeput from the continue path to prevent child node from being released twice, which could avoid resource leak or other unexpected issues...

CVE-2023-53170 net: dsa: Removed unneeded of_node_put in felix_parse_ports_node

In the Linux kernel, the following vulnerability has been resolved: net: dsa: Removed unneeded ofnodeput in felixparseportsnode Remove unnecessary ofnodeput from the continue path to prevent child node from being released twice, which could avoid resource leak or other unexpected issues...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from a null pointer dereference in the hugetlbfsparseparam function...

Amazon Linux 2023 : gstreamer1-plugins-good, gstreamer1-plugins-good-gtk (ALAS2023-2025-1185)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1185 advisory. In GStreamer through 1.26.1, the isomp4 plugin's qtdemuxparsetree function may read past the end of a heap buffer while parsing an MP4 file, leading to information disclosure. CVE-2025-47183 I...

PT-2025-37636

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a null pointer dereference issue in the hugetlbfs parse param function. This occurs when parsing mount parameters, specifically when an illegal parameter like...

Medium: gstreamer1-plugins-good

Issue Overview: In GStreamer through 1.26.1, the isomp4 plugin's qtdemuxparsetree function may read past the end of a heap buffer while parsing an MP4 file, leading to information disclosure. CVE-2025-47183 In GStreamer through 1.26.1, the isomp4 plugin's qtdemuxparsetrak function may read past t...

PT-2025-37673

Name of the Vulnerable Software and Affected Versions: Linux kernel versions affected versions not specified Description: A kernel panic issue in the MT7921 driver was resolved. The issue stemmed from accessing unallocated memory eeprom.data within the mt7921 mcu parse response function,...

Advisory ROSA-SA-2025-2993

software: htmldoc 1.9.20 OS: ROSA-CHROME unaffected versions = htmldoc-1.9.20-1 affected versions htmldoc-1.9.20-1 CVE-ID: CVE-2024-45508 BDU-ID: 2025-04747 CVE-Crit: CRITICAL CVE-DESC.: A vulnerability in the parseparagraph function of the ps-pdf.cxx component of the HTMLDOC document conversion...

PT-2025-39377

Name of the Vulnerable Software and Affected Versions MikroTik RouterOS version 7 Description A buffer overflow issue exists in MikroTik RouterOS 7. The issue is located in the parse json element function within the libjson.so component, specifically accessible through the /rest/ip/address/print...

Linux Distros Unpatched Vulnerability : CVE-2023-49551

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjsopjsonparse function in the msj.c file. CVE-2023-49551 Note that...

Linux Distros Unpatched Vulnerability : CVE-2024-40675

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In parseUriInternal of Intent.java, there is a possible infinite loop due to improper input validation. This could lead to local denial of service with no...

Linux Distros Unpatched Vulnerability : CVE-2018-18829

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There exists a NULL pointer dereference in ffvc1parseframeheaderadv in vc1.c in Libav 12.3, which allows attackers to cause a denial-of-service through a crafte...