6944 matches found
DEBIAN-CVE-2022-50196
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: ocmem: Fix refcount leak in ofgetocmem ofparsephandle returns a node pointer with refcount incremented, we should use ofnodeput on it when not need anymore. Add missing ofnodeput to avoid refcount leak. ofnodeput will...
CVE-2022-50158
In the Linux kernel, the following vulnerability has been resolved: mtd: partitions: Fix refcount leak in parseredbootof ofgetchildbyname returns a node pointer with refcount incremented, we should use ofnodeput on it when not need anymore. Add missing ofnodeput to avoid refcount leak...
DEBIAN-CVE-2022-50158
In the Linux kernel, the following vulnerability has been resolved: mtd: partitions: Fix refcount leak in parseredbootof ofgetchildbyname returns a node pointer with refcount incremented, we should use ofnodeput on it when not need anymore. Add missing ofnodeput to avoid refcount leak...
AZL-70355 CVE-2022-50073 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: net: tap: NULL pointer derefence in devparseheaderprotocol when skb-dev is null Fixes a NULL pointer derefence bug triggered from tap driver. When tapgetuser calls virtionethdrtoskb the skb-dev is null in tap.c skb-dev is set aft...
DEBIAN-CVE-2022-50061
In the Linux kernel, the following vulnerability has been resolved: pinctrl: nomadik: Fix refcount leak in nmkpinctrldtsubnodetomap ofparsephandle returns a node pointer with refcount incremented, we should use ofnodeput on it when not need anymore. Add missing ofnodeput to avoid refcount leak."...
CVE-2022-50012
In the Linux kernel, the following vulnerability has been resolved: powerpc/64: Init jump labels before parseearlyparam On 64-bit, calling jumplabelinit in setupfeaturekeys is too late because static keys may be used in subroutines of parseearlyparam which is again subroutine of earlyinitdevtree...
DEBIAN-CVE-2022-50012
In the Linux kernel, the following vulnerability has been resolved: powerpc/64: Init jump labels before parseearlyparam On 64-bit, calling jumplabelinit in setupfeaturekeys is too late because static keys may be used in subroutines of parseearlyparam which is again subroutine of earlyinitdevtree...
UBUNTU-CVE-2022-50111
In the Linux kernel, the following vulnerability has been resolved: ASoC: mt6359: Fix refcount leak bug In mt6359parsedt and mt6359accdetparsedt, we should call ofnodeput for the reference returned by ofgetchildbyname which has increased the refcount...
UBUNTU-CVE-2022-50073
In the Linux kernel, the following vulnerability has been resolved: net: tap: NULL pointer derefence in devparseheaderprotocol when skb-dev is null Fixes a NULL pointer derefence bug triggered from tap driver. When tapgetuser calls virtionethdrtoskb the skb-dev is null in tap.c skb-dev is set aft...
CVE-2022-50158
In the Linux kernel, the following vulnerability has been resolved: mtd: partitions: Fix refcount leak in parseredbootof ofgetchildbyname returns a node pointer with refcount incremented, we should use ofnodeput on it when not need anymore. Add missing ofnodeput to avoid refcount leak...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which stems from a tap driver call to devparseheaderprotocol when skb-dev is null resulting in a null pointer dereference...
PT-2025-25987
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A refcount leak issue has been identified in the Linux kernel, specifically in the pinctrl: nomadik component. The of parse phandle function returns a node pointer with an incremented...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a refcount leak in the parseredbootof function...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the qcomsmd driver not releasing node references in parseedge, which could lead to a reference count leak...
libsoup: Out of bounds reads in soup_headers_parse_request()
A flaw was found in libsoup, where the soupheadersparserequest function may be vulnerable to an out-of-bound read. This flaw allows a malicious user to use a specially crafted HTTP request to crash the HTTP server...
Stack-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow via the postprocesstermcap function in the parseentry.c file. An attacker can cause a crash or disrupt normal operation by providing specially crafted input. Remediation Upgrade ncurses to version 6.5 or...
DEBIAN-CVE-2025-6141
A vulnerability has been found in GNU ncurses up to 6.5-20250322 and classified as problematic. This vulnerability affects the function postprocesstermcap of the file tinfo/parseentry.c. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. Upgrading to...
UBUNTU-CVE-2025-6141
A vulnerability has been found in GNU ncurses up to 6.5-20250322 and classified as problematic. This vulnerability affects the function postprocesstermcap of the file tinfo/parseentry.c. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. Upgrading to...
Astra Linux – Vulnerability in gst-plugins-good1.0
GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gstmatroskademuxparseblockgrouporsimpleblock function within matroska-demux.c. This function does not properly check the validity of the GstBuffer sub...
Astra Linux – Vulnerability in gst-plugins-good1.0
GStreamer is a library for constructing graphs of media-handling components. The function qtdemuxparsesbgp in qtdemux.c is affected by a null dereference vulnerability. This vulnerability has been fixed in version 1.24.10...