307 matches found
kernel: ALSA: bcd2000: Fix a UAF bug on the error path of probing
In the Linux kernel, the following vulnerability has been resolved: ALSA: bcd2000: Fix a UAF bug on the error path of probing When the driver fails in sndcardregister at probe time, it will free the 'bcd2k-midiouturb' before killing it, which may cause a UAF bug. The following log can reveal it:...
Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-56576)
media: i2c: tc358743: crash in the probe error path when using polling. If an error occurs in the probe function, the polling timer that was alarmed earlier should be removed, otherwise the timer is called with arguments that are already freed, which results in a crash. This plugin only works wit...
CVE-2025-40156 PM / devfreq: mtk-cci: Fix potential error pointer dereference in probe()
In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: mtk-cci: Fix potential error pointer dereference in probe The drv-sramreg pointer could be set to ERRPTR-EPROBEDEFER which would lead to a error pointer dereference. Use ISERRORNULL to check that the pointer is vali...
CVE-2025-40144 nvdimm: ndtest: Return -ENOMEM if devm_kcalloc() fails in ndtest_probe()
In the Linux kernel, the following vulnerability has been resolved: nvdimm: ndtest: Return -ENOMEM if devmkcalloc fails in ndtestprobe devmkcalloc may fail. ndtestprobe allocates three DMA address arrays dcrdma, labeldma, dimmdma and later unconditionally uses them in ndtestnvdimminit, which can...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988905)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988905 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: musb: dsps: Fix the probe error path Commit 7c75bde329d7 usb: musb: musbdsps: requestirq aft...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990048)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990048 advisory. In the Linux kernel, the following vulnerability has been resolved: media: i2c: tc358743: Fix crash in the probe error path when using polling If an error occurs in...
Unity Linux 20.1050e Security Update: kernel (UTSA-2025-990053)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990053 advisory. In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qmp: fix reset-controller leak on probe errors Make sure to release the lane reset...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989011)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989011 advisory. In the Linux kernel, the following vulnerability has been resolved: isdn: mISDN: netjet: Fix crash in njprobe: 'njsetup' in netjet.c might fail with -EIO and in this...
Unity Linux 20.1050e Security Update: kernel (UTSA-2025-990004)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990004 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: musb: dsps: Fix the probe error path Commit 7c75bde329d7 usb: musb: musbdsps: requestirq aft...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988790)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988790 advisory. In the Linux kernel, the following vulnerability has been resolved: NFC: port100: fix use-after-free in port100sendcomplete Syzbot reported UAF in port100sendcomplet...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989381)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989381 advisory. In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: Fix error handling in mt8173max98090devprobe Call ofnodeputplatformnode to avoid...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990337)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990337 advisory. In the Linux kernel, the following vulnerability has been resolved: media: i2c: tc358743: Fix crash in the probe error path when using polling If an error occurs in...
EUVD-2025-36466
In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/qm - set NULL to qm-debug.qmdiffregs When the initialization of qm-debug.accdiffreg fails, the probe process does not exit. However, after qm-debug.qmdiffregs is freed, it is not set to NULL. This can lead to a...
CVE-2023-53696 scsi: qla2xxx: Fix memory leak in qla2x00_probe_one()
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix memory leak in qla2x00probeone There is a memory leak reported by kmemleak: unreferenced object 0xffffc900003f0000 size 12288: comm "modprobe", pid 19117, jiffies 4299751452 age 42490.264s hex dump first 32...
PT-2025-51585
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the crypto/aspeed module where a double free issue can occur due to improper clock management with devm clk get enabled. Specifically, the clock...
Linux Distros Unpatched Vulnerability : CVE-2022-50525
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iommu/fslpamu: Fix resource leak in fslpamuprobe The fslpamuprobe returns directly when createcsd failed, leaving irq and memories unreleased. Fix by jumping to...
Linux Distros Unpatched Vulnerability : CVE-2025-39893
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: spi: spi-qpic-snand: unregister ECC engine on probe error and device remove The on-host...
SUSE CVE-2023-53638
In the Linux kernel, the following vulnerability has been resolved: octeonep: cancel queued works in probe error path If it fails to get the devices's MAC address, octepprobe exits while leaving the delayed work intrpolltask queued. When the work later runs, it's a use after free. Move the...
CVE-2023-53638
In the Linux kernel, the following vulnerability has been resolved: octeonep: cancel queued works in probe error path If it fails to get the devices's MAC address, octepprobe exits while leaving the delayed work intrpolltask queued. When the work later runs, it's a use after free. Move the...
UBUNTU-CVE-2023-53658
In the Linux kernel, the following vulnerability has been resolved: spi: bcm-qspi: return error if neither hifmspi nor mspi is available If neither a "hifmspi" nor "mspi" resource is present, the driver will just early exit in probe but still return success. Apart from not doing anything...