kernel: Linux kernel: Denial of Service due to function prototype mismatch

A flaw was found in the Linux kernel. A local attacker with low privileges could trigger a function prototype mismatch in the rtc: msc313 component's msc313rtcprobe function. This issue, related to kernel Control Flow Integrity kCFI validation, can lead to a system crash or process termination,...

kernel: usb: typec: wusb3801: fix fwnode refcount leak in wusb3801_probe()

A reference count leak was found in the wusb3801 USB Type-C driver. When wusb3801hwinit fails during probe, the firmware node reference is not properly released, causing a gradual memory leak...

kernel: firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails

In the Linux kernel, the following vulnerability has been resolved: firmware: armscpi: Ensure scpiinfo is not assigned if the probe fails When scpi probe fails, at any point, we need to ensure that the scpiinfo is not set and will remain NULL until the probe succeeds. If it is not taken care, the...

kernel: Linux kernel: Denial of Service in iwlwifi due to NULL pointer dereference

A flaw was found in the Linux kernel's iwlwifi driver. This vulnerability allows a local attacker with low privileges to cause a denial of service DoS by triggering a NULL pointer dereference. This occurs when the iwlpciprobe function fails and frees a transaction structure, but the iwlpciremove...

kernel: HID: intel-ish-hid: ipc: Fix potential use-after-free in work function

In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: ipc: Fix potential use-after-free in work function When a reset notify IPC message is received, the ISR schedules a work function and passes the ISHTP device to it via a global pointer ishtpdev. If ishprobe...

kernel: i40e: Fix kernel crash during reboot when adapter is in recovery mode

A flaw was found in the i40e module in the Linux kernel. When the firmware is in recovery mode during the probe phase, some probe functions are skipped, causing a NULL pointer dereference when the system shuts down or is rebooted. This issue results in a denial of service...

kernel: usb: dwc3: core: fix some leaks in probe

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: core: fix some leaks in probe The dwc3getproperties function calls: dwc-usbpsy = powersupplygetbynameusbpsyname; so there is some additional clean up required on these error paths...

CVE-2023-33061

Transient DOS in WLAN Firmware while parsing WLAN beacon or probe-response frame...

CVE-2023-33061

CVE-2023-33061 describes a transient Denial of Service in the WLAN firmware when parsing WLAN beacon or probe-response frames. The vulnerability is associated with Qualcomm chipsets’ WLAN firmware (closed‑source components). The CVE is listed with a base score of 7.5 (High) on the CVSSv3.1 scale,...

Rocky Linux 8 : firefox (RLSA-2022:8554)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:8554 advisory. - Service Workers should not be able to infer information about opaque cross-origin responses; but timing information for cross-origin media combined wi...

Qualcomm Chipsets Security Vulnerability

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated. A security vulnerability exists in Qualcomm Chipsets that originates from a transient denial of service in the WLAN firmware when parsing WLAN beacons or probing response frames...

PT-2025-18835 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A issue in the Linux kernel has been identified where attempting to probe a mt7921e PCI card without firmware results in a successful probe, but ieee80211 register hw is not called. Wh...

PT-2023-24166 · Unknown · Wlan Firmware

Name of the Vulnerable Software and Affected Versions: WLAN Firmware affected versions not specified Description: The issue is related to a transient Denial of Service DOS in the WLAN Firmware that occurs while parsing WLAN beacon or probe-response frames. Recommendations: At the moment, there is...

Siemens Xpedition Layout Browser Stack Overflow Vulnerability

Xpedition Layout Browser is a free tool to view and share Xedition PCB layout designs and schematic cross-probing to Xedition. Siemens Xpedition Layout Browser suffers from a stack overflow vulnerability that can be exploited by an attacker to execute code in the context of the current process...

PT-2023-9542 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a potential use-after-free UAF in the ca8210 probe function. If of clk add provider fails in ca8210 register ext clock, it calls clk unregister to release...

Security Bulletin: Due to the use of Netty, IBM Tivoli Netcool/OMNIbus Integration Libraries are vulnerable to a denial of service.

Summary Netty is used by IBM Tivoli Netcool/OMNIbus Transport Module Common Integration Library and Probe DSL Factory Framework. CVE-2023-34462 Vulnerability Details CVEID:CVE-2023-34462 DESCRIPTION: Netty is vulnerable to a denial of service, caused by a flaw with allocating up to 16MB of heap f...

PT-2023-9462 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a potential memory leak in the sony probe function of the Linux kernel. If an error occurs after a successful usb alloc urb call, usb free urb should be called ...

STOREFRONT monitor status DOWN with reason "Probe failed" in NetScaler

customer found the Monitor result show "Probe failed" when binding STOREFRONT monitor to Load balance storefront service. There is no issue for TCP type monitor...

monitor status "Unkown" with Last response "Probe Skipped, Service status OFS"

...

PT-2023-27211 · Geonode · Geonode

Name of the Vulnerable Software and Affected Versions: GeoNode versions 3.2.0 through 4.1.2 Description: The issue concerns a server-side request forgery problem in GeoNode. Specifically, the endpoint /proxy/?url= does not properly protect against this type of attack, allowing an attacker to port...