7454 matches found
CVE-2023-53755 dmaengine: ptdma: check for null desc before calling pt_cmd_callback
In the Linux kernel, the following vulnerability has been resolved: dmaengine: ptdma: check for null desc before calling ptcmdcallback Resolves a panic that can occur on AMD systems, typically during host shutdown, after the PTDMA driver had been exercised. The issue was the ptissuepending functi...
CVE-2023-53748
The CVE-2023-53748 entry concerns a Linux kernel issue in media: mediatek: vcodec where an array bounds check was missing in decoder queue_setup. The vulnerability arises because *nplanes is user-provided and can range up to 8, while q_data->fmt->num_planes is 1–3; an index i could access b...
CVE-2023-53748 media: mediatek: vcodec: Fix potential array out-of-bounds in decoder queue_setup
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fix potential array out-of-bounds in decoder queuesetup variable nplanes is provided by user via system call argument. The possible value of qdata-fmt-numplanes is 1-3, while the value of nplanes can be...
CVE-2023-53748
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fix potential array out-of-bounds in decoder queuesetup variable nplanes is provided by user via system call argument. The possible value of qdata-fmt-numplanes is 1-3, while the value of nplanes can be...
CVE-2023-53748 media: mediatek: vcodec: Fix potential array out-of-bounds in decoder queue_setup
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fix potential array out-of-bounds in decoder queuesetup variable nplanes is provided by user via system call argument. The possible value of qdata-fmt-numplanes is 1-3, while the value of nplanes can be...
DEBIAN-CVE-2025-40302
In the Linux kernel, the following vulnerability has been resolved: media: videobuf2: forbid removebufs when legacy fileio is active vb2ioctlremovebufs call manipulates queue internal buffer list, potentially overwriting some pointers used by the legacy fileio access mode. Forbid that ioctl when...
CVE-2025-40290
In the Linux kernel, the following vulnerability has been resolved: xsk: avoid data corruption on cq descriptor number Since commit 30f241fcf52a "xsk: Fix immature cq descriptor production", the descriptor number is stored in skb control block and xskcqsubmitaddrlocked relies on it to put the ume...
DEBIAN-CVE-2025-40290
In the Linux kernel, the following vulnerability has been resolved: xsk: avoid data corruption on cq descriptor number Since commit 30f241fcf52a "xsk: Fix immature cq descriptor production", the descriptor number is stored in skb control block and xskcqsubmitaddrlocked relies on it to put the ume...
UBUNTU-CVE-2025-40302
In the Linux kernel, the following vulnerability has been resolved: media: videobuf2: forbid removebufs when legacy fileio is active vb2ioctlremovebufs call manipulates queue internal buffer list, potentially overwriting some pointers used by the legacy fileio access mode. Forbid that ioctl when...
CVE-2022-50583
CVE-2022-50583 relates to the Linux kernel, specifically a bug in md/raid0 and raid10 where discard sector handling could export an incorrect max_discard_sectors for mixed rotational/SSD configurations. The issue could trigger warning logs in __blkdev_issue_discard when invoking discard IOs (e.g....
CVE-2022-50583 md/raid0, raid10: Don't set discard sectors for request queue
In the Linux kernel, the following vulnerability has been resolved: md/raid0, raid10: Don't set discard sectors for request queue It should use diskstacklimits to get a proper maxdiscardsectors rather than setting a value by stack drivers. And there is a bug. If all member disks are rotational...
CVE-2025-40302 media: videobuf2: forbid remove_bufs when legacy fileio is active
In the Linux kernel, the following vulnerability has been resolved: media: videobuf2: forbid removebufs when legacy fileio is active vb2ioctlremovebufs call manipulates queue internal buffer list, potentially overwriting some pointers used by the legacy fileio access mode. Forbid that ioctl when...
CVE-2025-40302
In the Linux kernel, the following vulnerability has been resolved: media: videobuf2: forbid removebufs when legacy fileio is active vb2ioctlremovebufs call manipulates queue internal buffer list, potentially overwriting some pointers used by the legacy fileio access mode. Forbid that ioctl when...
CVE-2025-40302
CVE-2025-40302 is a Linux kernel issue in the media: videobuf2 path where vb2_ioctl_remove_bufs could affect the queue state when legacy fileio is active. The fix forbids the remove_bufs ioctl if fileio is active to protect internal queue pointers across read/write calls, preventing potential cor...
CVE-2025-40290
In the Linux kernel, the following vulnerability has been resolved: xsk: avoid data corruption on cq descriptor number Since commit 30f241fcf52a "xsk: Fix immature cq descriptor production", the descriptor number is stored in skb control block and xskcqsubmitaddrlocked relies on it to put the ume...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from disabling removebufs when legacy fileio is active, which could lead to corruption of the internal state of the...
CVE-2025-64081
SQL injection vulnerability in /php/apipatientschedule.php in SourceCodester Patients Waiting Area Queue Management System v1 allows attackers to execute arbitrary SQL commands via the appointmentID parameter...
Linux Distros Unpatched Vulnerability : CVE-2023-53748
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: mediatek: vcodec: Fix potential array out-of-bounds in decoder queuesetup variable nplanes is provided by user via system call argument. The possible val...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the hwq-cqlock deadlock issue, which could cause the system to hang...
CVE-2025-64081
CVE-2025-64081 is a SQL injection in SourceCodester’s Patients Waiting Area Queue Management System v1, affecting the file /php/api_patient_schedule.php via the appointmentID parameter. The root cause is improper input validation/sanitization, enabling attackers to execute arbitrary SQL commands....