UBUNTU-CVE-2022-49937

In the Linux kernel, the following vulnerability has been resolved: media: mceusb: Use new usbcontrolmsg routines Automatic kernel fuzzing led to a WARN about invalid pipe direction in the mceusb driver: ------------ cut here ------------ usb 6-1: BOGUS control dir, pipe 80000380 doesn't match...

AZL-63962 CVE-2025-38080 affecting package kernel for versions less than 6.6.96.1-1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Increase blocksequence array size Why It's possible to generate more than 50 steps in hwssbuildfastsequence, for example with a 6-pipe asic where all pipes are in one MPC chain. This overflows the blocksequence...

AZL-70304 CVE-2025-38080 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Increase blocksequence array size Why It's possible to generate more than 50 steps in hwssbuildfastsequence, for example with a 6-pipe asic where all pipes are in one MPC chain. This overflows the blocksequence...

DEBIAN-CVE-2025-38080

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Increase blocksequence array size Why It's possible to generate more than 50 steps in hwssbuildfastsequence, for example with a 6-pipe asic where all pipes are in one MPC chain. This overflows the blocksequence...

UBUNTU-CVE-2025-38080

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Increase blocksequence array size Why It's possible to generate more than 50 steps in hwssbuildfastsequence, for example with a 6-pipe asic where all pipes are in one MPC chain. This overflows the blocksequence...

UBUNTU-CVE-2025-38021

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix null check of pipectx-planestate for updatedchubpdpp Similar to commit 6a057072ddd1 "drm/amd/display: Fix null check for pipectx-planestate in dcn20programpipe" that addresses a null pointer dereference on...

CVE-2025-38080

The CVE-2025-38080 issue affects the Linux kernel DRM/AMD display path. Root cause: hwss_build_fast_sequence can generate more than 50 steps, overflowing the block_sequence buffer for multi-pipe (e.g., 6-pipe) ASICs and corrupting block_sequence_steps, leading to a crash. Fix: increase the block_...

CVE-2025-38021 drm/amd/display: Fix null check of pipe_ctx->plane_state for update_dchubp_dpp

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix null check of pipectx-planestate for updatedchubpdpp Similar to commit 6a057072ddd1 "drm/amd/display: Fix null check for pipectx-planestate in dcn20programpipe" that addresses a null pointer dereference on...

PT-2025-25854

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved. The issue is related to the drm/amd/display component, where it's possible to generate more than 50 steps in hwss build fast...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to check pipectx-planestate, which could result in a null pointer dereference...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from media mceusb using an invalid pipe direction, which could result in a control request error...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Increase blocksequence array size Why It's possible to generate more than 50 steps in hwssbuildfastsequence, for example with a 6-pipe asic where all pipes are in one MPC chain. This overflows the blocksequence...

CVE-2025-5491

Acer ControlCenter contains Remote Code Execution vulnerability. The program exposes a Windows Named Pipe that uses a custom protocol to invoke internal functions. However, this Named Pipe is misconfigured, allowing remote users with low privileges to interact with it and access its features. One...

CVE-2025-5491

Acer ControlCenter contains Remote Code Execution vulnerability. The program exposes a Windows Named Pipe that uses a custom protocol to invoke internal functions. However, this Named Pipe is misconfigured, allowing remote users with low privileges to interact with it and access its features. One...

CVE-2025-5491 Acer ControlCenter - Remote Code Execution

Acer ControlCenter contains Remote Code Execution vulnerability. The program exposes a Windows Named Pipe that uses a custom protocol to invoke internal functions. However, this Named Pipe is misconfigured, allowing remote users with low privileges to interact with it and access its features. One...

CVE-2025-5491

Affected product: Acer ControlCenter (Windows). The CVE-2025-5491 entry describes a Remote Code Execution via a misconfigured Windows Named Pipe that uses a custom protocol to invoke internal functions, allowing low-privilege remote users to execute arbitrary code as NT AUTHORITY\SYSTEM and thus ...

PT-2025-25374 · Acer · Acer Controlcenter

Name of the Vulnerable Software and Affected Versions: Acer ControlCenter versions prior to 4.00.3058 Description: Acer ControlCenter contains a Remote Code Execution vulnerability. The program exposes a Windows Named Pipe that uses a custom protocol to invoke internal functions. This Named Pipe ...

AZL-63821 CVE-2025-5918 affecting package cmake for versions less than 3.21.4-20

A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially allowing for reading past the end of the file. This out-of-bounds read can lead to unintended consequences, including unpredictable program behavior, memo...

📄 TightVNC 2.8.83 Control Pipe Manipulation

TightVNC version 2.8.83 suffers from a control pipe manipulation vulnerability. Exploit Title: TightVNC 2.8.83 - Control Pipe Manipulation Date: 06/09/2025 Exploit Author: Ionut Zevedei [email protected] Exploit Repository: https://github.com/zeved/CVE-2024-42049-PoC Vendor Homepage:...

TightVNC 2.8.83 - Control Pipe Manipulation

Exploit Title: TightVNC 2.8.83 - Control Pipe Manipulation Date: 06/09/2025 Exploit Author: Ionut Zevedei [email protected] Exploit Repository: https://github.com/zeved/CVE-2024-42049-PoC Vendor Homepage: https://www.tightvnc.com/ Software Link: https://www.tightvnc.com/download.php Version: 2.8.83...