CVE-2023-52989

In the Linux kernel, the following vulnerability has been resolved: firewire: fix memory leak for payload of request subaction to IEC 61883-1 FCP region This patch is fix for Linux kernel v2.6.33 or later. For request subaction to IEC 61883-1 FCP region, Linux FireWire subsystem have had an issue...

CVE-2023-52977

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix flow memory leak in ovsflowcmdnew Syzkaller reports a memory leak of newflow in ovsflowcmdnew as it is not freed when an allocation of a key fails. BUG: memory leak unreferenced object 0xffff888116668000 siz...

CVE-2023-53020

CVE-2023-53020 affects the Linux kernel: l2tp_tunnel_register() contains race conditions that modify the tunnel socket after publishing, call setup_udp_tunnel_sock() on an existing socket without locking, and change sock lock class on the fly. A patch fixes these by initializing the socket before...

CVE-2023-52989 firewire: fix memory leak for payload of request subaction to IEC 61883-1 FCP region

In the Linux kernel, the following vulnerability has been resolved: firewire: fix memory leak for payload of request subaction to IEC 61883-1 FCP region This patch is fix for Linux kernel v2.6.33 or later. For request subaction to IEC 61883-1 FCP region, Linux FireWire subsystem have had an issue...

CVE-2022-49760 mm/hugetlb: fix PTE marker handling in hugetlb_change_protection()

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix PTE marker handling in hugetlbchangeprotection Patch series "mm/hugetlb: uffd-wp fixes for hugetlbchangeprotection". Playing with virtio-mem and background snapshots using uffd-wp on hugetlb in QEMU, I managed to...

CVE-2025-21892

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix the recovery flow of the UMR QP This patch addresses an issue in the recovery flow of the UMR QP, ensuring tasks do not get stuck, as highlighted by the call trace 1. During recovery, before transitioning the QP to...

CVE-2025-23204 GraphQl securityAfterResolver not called

API Platform Core is a system to create hypermedia-driven REST and GraphQL APIs. Starting in version 3.3.8, a security check that gets called after GraphQl resolvers is always replaced by another one as there's no break in a clause. As this falls back to security, the impact is there only when...

In-memory stored Cross-site scripting (XSS) vulnerability in pineconesim

Impact The Pinecone Simulator pineconesim included in Pinecone up to commit https://github.com/matrix-org/pinecone/commit/ea4c33717fd74ef7d6f49490625a0fa10e3f5bbc is vulnerable to stored cross-site scripting. The payload storage is not permanent and will be wiped when restarting pineconsim. Patch...

PT-2025-18411

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, specifically in the media: venus: hfi parser component. The issue arises when the init codecs function is invoked multiple times...

CVE-2024-52557

In the Linux kernel, the following vulnerability has been resolved: drm: zynqmpdp: Fix integer overflow in zynqmpdprateget This patch fixes a potential integer overflow in the zynqmpdprateget The issue comes up when the expression drmdpbwcodetolinkratedp-test.bwcode 10000 is evaluated using 32-bi...

SUSE CVE-2022-49489

In the Linux kernel, the following vulnerability has been resolved: drm/msm/disp/dpu1: set vbif hw config to NULL to avoid use after memory free during pm runtime resume BUG: Unable to handle kernel paging request at virtual address 006b6b6b6b6b6be3 Call trace: dpuvbifinitmemtypes+0x40/0xb8...

CVE-2022-49493

In the Linux kernel, the following vulnerability has been resolved: ASoC: rt5645: Fix errorenous cleanup order There is a logic error when removing rt5645 device as the function rt5645i2cremove first cancel the &rt5645-jackdetectwork and delete the &rt5645-btnchecktimer latter. However, since the...

CVE-2022-49383

In the Linux kernel, the following vulnerability has been resolved: watchdog: rzg2lwdt: Fix 'BUG: Invalid wait context' This patch fixes the issue 'BUG: Invalid wait context' during restart callback by using clkprepareenable instead of pmruntimegetsync for turning on the clocks during restart. Th...

CVE-2022-49326

In the Linux kernel, the following vulnerability has been resolved: rtl818x: Prevent using not initialized queues Using not existing queues can panic the kernel with rtl8180/rtl8185 cards. Ignore the skb priority for those cards, they only have one tx queue. Pierre Asselin [email protected] reported t...

UBUNTU-CVE-2022-49697

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix requestsock leak in sk lookup helpers A customer reported a requestsocket leak in a Calico cloud environment. We found that a BPF program was doing a socket lookup with takes a refcnt on the socket and that it was findin...

UBUNTU-CVE-2022-49551

In the Linux kernel, the following vulnerability has been resolved: usb: isp1760: Fix out-of-bounds array access Running the driver through kasan gives an interesting splat: BUG: KASAN: global-out-of-bounds in isp1760register+0x180/0x70c Read of size 20 at addr f1db2e64 by task swapper/0/1...

UBUNTU-CVE-2022-49641

In the Linux kernel, the following vulnerability has been resolved: sysctl: Fix data races in procdouintvec. A sysctl variable is accessed concurrently, and there is always a chance of data-race. So, all readers and writers need some basic protection to avoid load/store-tearing. This patch change...

UBUNTU-CVE-2022-49664

In the Linux kernel, the following vulnerability has been resolved: tipc: move bc link creation back to tipcnodecreate Shuang Li reported a NULL pointer dereference crash: BUG: kernel NULL pointer dereference, address: 0000000000000068 RIP: 0010:tipclinkisup+0x5/0x10 tipc Call Trace:...

DEBIAN-CVE-2022-49154

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: fix panic on out-of-bounds guest IRQ As guestirq is coming from KVMIRQFD API call, it may trigger crash in svmupdatepiirte due to out-of-bounds: crash bt PID: 22218 TASK: ffff951a6ad74980 CPU: 73 COMMAND: "vcpu8" 0...

CVE-2022-49489 drm/msm/disp/dpu1: set vbif hw config to NULL to avoid use after memory free during pm runtime resume

In the Linux kernel, the following vulnerability has been resolved: drm/msm/disp/dpu1: set vbif hw config to NULL to avoid use after memory free during pm runtime resume BUG: Unable to handle kernel paging request at virtual address 006b6b6b6b6b6be3 Call trace: dpuvbifinitmemtypes+0x40/0xb8...