CVE-2023-54271

In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Fix NULL deref caused by blkgpolicydata being installed before init blk-iocost sometimes causes the following crash: BUG: kernel NULL pointer dereference, address: 00000000000000e0 ... RIP: 0010:rawspinlock+0x17/0x30...

PT-2025-54100

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contained a flaw in the block cgroup blk-cgroup subsystem. Specifically, a NULL pointer dereference could occur due to blkg policy data being installed before...

UBUNTU-CVE-2022-40959

During iframe navigation, certain pages did not have their FeaturePolicy fully initialized leading to a bypass that leaked device permissions into untrusted subdocuments. This vulnerability affects Firefox ESR 102.3, Thunderbird 102.3, and Firefox 105...

kernel: cpufreq: Init completion before kobject_init_and_add()

An initialization order bug was found in the Linux kernel's cpufreq subsystem during policy allocation. A local user can trigger this issue when CPU frequency policy initialization fails after kobject registration but before completion initialization, causing the cleanup path to attempt to use an...