914 matches found
USN-7380-1 linux-lowlatency vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - x86...
CVE-2023-53019 net: mdio: validate parameter addr in mdiobus_get_phy()
In the Linux kernel, the following vulnerability has been resolved: net: mdio: validate parameter addr in mdiobusgetphy The caller may pass any value as addr, what may result in an out-of-bounds access to array mdiomap. One existing case is stmmacinitphy that may pass -1 as addr. Therefore valida...
CVE-2023-52985
The CVE-2023-52985 entry relates to the Linux kernel, specifically arm64 systems with imx8mm-verdin support. The vulnerability concerns the fec driver attempting to power down the ethernet PHY during suspend (freeze or memory state), which can crash the kernel. The underlying cause is that the PH...
CVE-2023-52984 net: phy: dp83822: Fix null pointer access on DP83825/DP83826 devices
In the Linux kernel, the following vulnerability has been resolved: net: phy: dp83822: Fix null pointer access on DP83825/DP83826 devices The probe function is only used for the DP83822 PHY, leaving the private data pointer uninitialized for the smaller DP83825/26 models. While all uses of the...
CVE-2023-52984
CVE-2023-52984 affects the Linux kernel PHY code for DP83822 family: DP83825/DP83826 devices can dereference a NULL private data pointer because probe() initializes only the DP83822 path and interrupt setup is shared. The fix adds a NULL-pointer check/verifies the pointer before use, preventing t...
CVE-2023-52985 arm64: dts: imx8mm-verdin: Do not power down eth-phy
In the Linux kernel, the following vulnerability has been resolved: arm64: dts: imx8mm-verdin: Do not power down eth-phy Currently if suspending using either freeze or memory state, the fec driver tries to power down the phy which leads to crash of the kernel and non-responsible kernel with the...
CVE-2023-52985 arm64: dts: imx8mm-verdin: Do not power down eth-phy
In the Linux kernel, the following vulnerability has been resolved: arm64: dts: imx8mm-verdin: Do not power down eth-phy Currently if suspending using either freeze or memory state, the fec driver tries to power down the phy which leads to crash of the kernel and non-responsible kernel with the...
CVE-2023-52985
In the Linux kernel, the following vulnerability has been resolved: arm64: dts: imx8mm-verdin: Do not power down eth-phy Currently if suspending using either freeze or memory state, the fec driver tries to power down the phy which leads to crash of the kernel and non-responsible kernel with the...
CVE-2022-49756 phy: usb: sunplus: Fix potential null-ptr-deref in sp_usb_phy_probe()
In the Linux kernel, the following vulnerability has been resolved: phy: usb: sunplus: Fix potential null-ptr-deref in spusbphyprobe spusbphyprobe will call platformgetresourcebyname that may fail and return NULL. devmioremap will use usbphy-moon4resmem-start as input, which may causes...
CVE-2022-49756
CVE-2022-49756 is about a Linux kernel issue in the USB sunplus PHY path. A null pointer dereference could occur in sp_usb_phy_probe() because platform_get_resource_byname() may fail and yield NULL, and devm_ioremap() could then use usbphy->moon4_res_mem->start as input. The fixes described...
CVE-2022-49756 phy: usb: sunplus: Fix potential null-ptr-deref in sp_usb_phy_probe()
In the Linux kernel, the following vulnerability has been resolved: phy: usb: sunplus: Fix potential null-ptr-deref in spusbphyprobe spusbphyprobe will call platformgetresourcebyname that may fail and return NULL. devmioremap will use usbphy-moon4resmem-start as input, which may causes...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from spusbphyprobe null pointer dereference...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a kernel crash when the arm64 dts imx8mm-verdin component attempts to turn off eth-phy...
PT-2025-13298 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A potential null pointer dereference issue has been identified in the Linux kernel, specifically in the sp usb phy probe function. This function calls platform get resource byname, whi...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates from the net phy dp83822 component not initializing the private data pointer on DP83825/26 devices, resultin...
The vulnerability of the pm8001_phy_control() function in the Linux kernel SCSI driver allows a hacker to cause a service failure.
The vulnerability of the pm8001phycontrol function in the Linux kernel SCSI driver is related to the reutilization of previously freed memory. Exploiting this vulnerability can allow an attacker to cause a service failure...
Linux Distros Unpatched Vulnerability : CVE-2024-50269
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: musb: sunxi: Fix accessing an released usb phy Commit 6ed05c68cbca usb: musb: sunxi: Explicitly release USB PHY on exit will cause that usb phy @glue-xceiv...
Linux Distros Unpatched Vulnerability : CVE-2024-50023
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: phy: Remove LED entry from LEDs list on unregister Commit c938ab4da0eb net: phy: Manual...
CVE-2025-21801
Technical details for CVE-2025-21801 are not provided in the connected documents. Publicly available information within these sources is insufficient to describe affected products/versions, root cause, or mitigations. Monitor for updates from the connected feeds.
SUSE CVE-2022-49061
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: stmmac: fix altrtsepcs function when using a fixed-link When using a fixed-link, the altrtsepcs driver crashes due to null-pointer dereference as no phydevice is provided to tsepcsfixmacspeed function. Fix this by...