1658 matches found
PT-2025-30777
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the rose rt device down function related to dangling neighbour pointers. Two bugs exist: modification of the loop bound t-count within a loop,...
PT-2025-36271
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The qla4xxx get ep fwdb function may not return NULL on error, potentially leading to an Oops in the caller due to error pointers being propagated from qla4xxx ep connect. The issue...
PT-2025-36479
Name of the Vulnerable Software and Affected Versions: SQLite FTS5 extension affected versions not specified Description: An integer overflow exists in the FTS5 extension. The issue occurs when calculating the size of an array of tombstone pointers, leading to truncation into a 32-bit integer. Th...
CVE-2024-56702
In the Linux kernel, the following vulnerability has been resolved: bpf: Mark rawtp arguments with PTRMAYBENULL Arguments to a raw tracepoint are tagged as trusted, which carries the semantics that the pointer will be non-NULL. However, in certain cases, a raw tracepoint argument may end up being...
SUSE CVE-2024-56702
In the Linux kernel, the following vulnerability has been resolved: bpf: Mark rawtp arguments with PTRMAYBENULL Arguments to a raw tracepoint are tagged as trusted, which carries the semantics that the pointer will be non-NULL. However, in certain cases, a raw tracepoint argument may end up being...
CVE-2024-56702
The CVE-2024-56702 issue is a Linux kernel fix for BPF raw tracepoints. It explains that raw_tp arguments were previously treated as non-NULL, risking NULL dereferences when NULL values occur. The fix marks raw_tp arguments as PTR_MAYBE_NULL and adjusts dereferences, arithmetic, and allowed passe...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the cred pointer not being passed correctly in the ceph module, resulting in redundant getcurrentcred calls and...
Unsound usages of `u8` type casting in spl-token-swap
The library provides a safe public API unpack to cast u8 array to arbitrary types, which can cause to undefined behaviors. The length check of array can only prevent out-of-bound access on the return type. However, it can't prevent misaligned pointer when casting u8 pointer to a type aligned to...
PT-2024-40316 · Solana · Solana Program Library
Name of the Vulnerable Software and Affected Versions: Solana Program Library affected versions not specified Description: The issue arises from the unpack function in the library, which casts a u8 array to arbitrary types. This can lead to undefined behaviors due to misaligned pointer dereferenc...
gstreamer1-plugins-good: uninitialized stack memory in Matroska/WebM demuxer
A flaw was found in the Matroska/WebM demuxer in the GStreamer library. Processing a specially crafted input file can cause the usage of uninitialized stack memory, allowing calls to uninitialized function pointers, potentially resulting in code execution or an application crash...
gstreamer1-plugins-good: uninitialized stack memory in Matroska/WebM demuxer
A flaw was found in the Matroska/WebM demuxer in the GStreamer library. Processing a specially crafted input file can cause the usage of uninitialized stack memory, allowing calls to uninitialized function pointers, potentially resulting in code execution or an application crash...
PT-2025-3335
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists between reference pointers in the Linux kernel's ethernet oa tc6 module. This issue arises from the management of two skb pointers: waiting tx skb and ongoing tx...
CVE-2024-50115
...
SUSE SLES15 Security Update : kernel RT (Live Patch 14 for SLE 15 SP5) (SUSE-SU-2024:4125-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:4125-1 advisory. This update for the Linux Kernel 5.14.21-1505001352 fixes several issues. The following security issues were fixed: - CVE-2021-47517: Fix panic...
CVE-2024-53128
In the Linux kernel, the following vulnerability has been resolved: sched/taskstack: fix objectisonstack for KASAN tagged pointers When CONFIGKASANSWTAGS and CONFIGKASANSTACK are enabled, the objectisonstack function may produce incorrect results due to the presence of tags in the obj pointer,...
SUSE CVE-2024-53128
In the Linux kernel, the following vulnerability has been resolved: sched/taskstack: fix objectisonstack for KASAN tagged pointers When CONFIGKASANSWTAGS and CONFIGKASANSTACK are enabled, the objectisonstack function may produce incorrect results due to the presence of tags in the obj pointer,...
CVE-2024-53133
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Handle dml allocation failure to avoid crash Why In the case where a dml allocation fails for any reason, the current state's dml contexts would no longer be valid. Then subsequent calls dcstatecopyinternal would...
AZL-54105 CVE-2024-53133 affecting package kernel 6.6.126.1-1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Handle dml allocation failure to avoid crash Why In the case where a dml allocation fails for any reason, the current state's dml contexts would no longer be valid. Then subsequent calls dcstatecopyinternal would...
AZL-54101 CVE-2024-53133 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Handle dml allocation failure to avoid crash Why In the case where a dml allocation fails for any reason, the current state's dml contexts would no longer be valid. Then subsequent calls dcstatecopyinternal would...
AZL-54277 CVE-2024-53128 affecting package kernel for versions less than 6.6.76.1-1
In the Linux kernel, the following vulnerability has been resolved: sched/taskstack: fix objectisonstack for KASAN tagged pointers When CONFIGKASANSWTAGS and CONFIGKASANSTACK are enabled, the objectisonstack function may produce incorrect results due to the presence of tags in the obj pointer,...