CVE-2022-49530 drm/amd/pm: fix double free in si_parse_power_table()

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fix double free in siparsepowertable In function siparsepowertable, array adev-pm.dpm.ps and its member is allocated. If the allocation of each member fails, the array itself is freed and returned with an error code...

CVE-2022-49481 regulator: pfuze100: Fix refcount leak in pfuze_parse_regulators_dt

In the Linux kernel, the following vulnerability has been resolved: regulator: pfuze100: Fix refcount leak in pfuzeparseregulatorsdt ofnodeget returns a node with refcount incremented. Calling ofnodeput to drop the reference when not needed anymore...

CVE-2022-49477 ASoC: samsung: Fix refcount leak in aries_audio_probe

In the Linux kernel, the following vulnerability has been resolved: ASoC: samsung: Fix refcount leak in ariesaudioprobe ofparsephandle returns a node pointer with refcount incremented, we should use ofnodeput on it when done. If extconfindedevbynode fails, it doesn't call ofnodeput Calling...

CVE-2022-49473 ASoC: ti: j721e-evm: Fix refcount leak in j721e_soc_probe_*

In the Linux kernel, the following vulnerability has been resolved: ASoC: ti: j721e-evm: Fix refcount leak in j721esocprobe ofparsephandle returns a node pointer with refcount incremented, we should use ofnodeput on it when not needed anymore. Add missing ofnodeput to avoid refcount leak...

CVE-2022-49439 powerpc/fsl_rio: Fix refcount leak in fsl_rio_setup

In the Linux kernel, the following vulnerability has been resolved: powerpc/fslrio: Fix refcount leak in fslriosetup ofparsephandle returns a node pointer with refcount incremented, we should use ofnodeput on it when not need anymore. Add missing ofnodeput to avoid refcount leak...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a reference count leak due to a missing ofnodeput in wcd934xcodecparsedata...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a node reference returned by ofparsephandle not being properly freed in ariesaudioprobe...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a failure to check macid in the rtw89phycfoparse function, resulting in an array out-of-bounds...

Amazon Linux 2023 : soci-snapshotter (ALAS2023-2025-858)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-858 advisory. An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service...

Low: docker

Issue Overview: golang-jwt is a Go implementation of JSON Web Tokens. Unclear documentation of the error behavior in ParseWithClaims can lead to situation where users are potentially not checking errors in the way they should be. Especially, if a token is both expired and invalid, the errors...

Low: docker

Issue Overview: golang-jwt is a Go implementation of JSON Web Tokens. Unclear documentation of the error behavior in ParseWithClaims can lead to situation where users are potentially not checking errors in the way they should be. Especially, if a token is both expired and invalid, the errors...

OESA-2025-1148 python3 security update

Python combines remarkable power with very clear syntax. It has modules, classes, exceptions, very high level dynamic data types, and dynamic typing. There are interfaces to many system calls and libraries, as well as to various windowing systems. New built-in modules are easily written in C or C...

SUSE CVE-2024-45775

A flaw was found in grub2 where the grubextcmddispatcher function calls grubarglistalloc to allocate memory for the grub's argument list. However, it fails to check in case the memory allocation fails. Once the allocation fails, a NULL point will be processed by the parseoption function, leading...

PT-2025-7595 · Libming · Libming

Name of the Vulnerable Software and Affected Versions: libming version 0.4.8 Description: A memory leak has been identified in the parseSWF EXPORTASSETS function in util/parser.c of libming. Recommendations: For libming version 0.4.8, consider disabling the parseSWF EXPORTASSETS function as a...

DEBIAN-CVE-2024-45775

A flaw was found in grub2 where the grubextcmddispatcher function calls grubarglistalloc to allocate memory for the grub's argument list. However, it fails to check in case the memory allocation fails. Once the allocation fails, a NULL point will be processed by the parseoption function, leading...

PT-2025-34421

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The parse longname function in the Ceph subsystem does not guarantee a NUL-terminated string when using strrchr, leading to a potential issue. The function utilizes kmemdup nul to crea...

PT-2025-7663 · Net Snmp · Net-Snmp

Name of the Vulnerable Software and Affected Versions: netsnmp affected versions not specified Description: The issue is related to a heap-use-after-free error. Technical details about the error include the netsnmp hex to binary function, snmpv3 parse arg function, and netsnmp parse args function...

CVE-2025-25285 @octokit/endpoint has a Regular Expression in parse that Leads to ReDoS Vulnerability Due to Catastrophic Backtracking

@octokit/endpoint turns REST API endpoints into generic request options. Starting in version 4.1.0 and prior to version 10.1.3, by crafting specific options parameters, the endpoint.parseoptions call can be triggered, leading to a regular expression denial-of-service ReDoS attack. This causes the...

GHSA-X4C5-C7RF-JJGV @octokit/endpoint has a Regular Expression in parse that Leads to ReDoS Vulnerability Due to Catastrophic Backtracking

Summary By crafting specific options parameters, the endpoint.parseoptions call can be triggered, leading to a regular expression denial-of-service ReDoS attack. This causes the program to hang and results in high CPU utilization. Details The issue occurs in the parse function within the parse.ts...

@octokit/endpoint has a Regular Expression in parse that Leads to ReDoS Vulnerability Due to Catastrophic Backtracking

Summary By crafting specific options parameters, the endpoint.parseoptions call can be triggered, leading to a regular expression denial-of-service ReDoS attack. This causes the program to hang and results in high CPU utilization. Details The issue occurs in the parse function within the parse.ts...