11 matches found
CVE-2025-38474
In the Linux kernel, the following vulnerability has been resolved: usb: net: sierra: check for no status endpoint The driver checks for having three endpoints and having bulk in and out endpoints, but not that the third endpoint is interrupt input. Rectify the omission...
CVE-2025-38160
In the Linux kernel, the following vulnerability has been resolved: clk: bcm: rpi: Add NULL check in raspberrypiclkregister devmkasprintf returns NULL when memory allocation fails. Currently, raspberrypiclkregister does not check for this case, which results in a NULL pointer dereference. Add NUL...
CVE-2025-49146
pgjdbc is an open source postgresql JDBC Driver. From 42.7.4 and until 42.7.7, when the PostgreSQL JDBC driver is configured with channel binding set to required default value is prefer, the driver would incorrectly allow connections to proceed with authentication methods that do not support...
CVE-2022-49847
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: am65-cpsw: Fix segmentation fault at module unload Move am65cpswnussphylinkcleanup call to after am65cpswnusscleanupndev so phylink is still valid to prevent the below Segmentation fault on module remove when...
CVE-2025-21934
In the Linux kernel, the following vulnerability has been resolved: rapidio: fix an API misues when rioaddnet fails rioaddnet calls deviceregister and fails when deviceregister fails. Thus, putdevice should be used rather than kfree. Add "mport-net = NULL;" to avoid a use after free issue...
CVE-2022-49379
In the Linux kernel, the following vulnerability has been resolved: driver core: Fix waitfordeviceprobe & deferredprobetimeout interaction Mounting NFS rootfs was timing out when deferredprobetimeout was non-zero 1. This was because ipautoconfig initcall times out waiting for the network interfac...
CVE-2025-22920
A heap buffer overflow vulnerability in FFmpeg before commit 4bf784c allows attackers to trigger a memory corruption via supplying a crafted media file in avformat when processing tile grid group streams. This can lead to a Denial of Service DoS...
CVE-2024-57901
In the Linux kernel, the following vulnerability has been resolved: afpacket: fix vlangetprotocoldgram vs MSGPEEK Blamed commit forgot MSGPEEK case, allowing a crash 1 as found by syzbot. Rework vlangetprotocoldgram to not touch skb at all, so that it can be used from many cpus on the same skb. A...
CVE-2024-55641
In the Linux kernel, the following vulnerability has been resolved: xfs: unlock inodes when erroring out of xfstransallocdir Debugging a filesystem patch with generic/475 caused the system to hang after observing the following sequences in dmesg: XFS dm-0: metadata I/O error in...
CVE-2022-48966
In the Linux kernel, the following vulnerability has been resolved: net: mvneta: Prevent out of bounds read in mvnetaconfigrss The pp-indir0 value comes from the user. It is passed to: if cpuonlinepp-rxqdef inside the mvnetapercpuelect function. It needs bounds checkeding to ensure that it is not...
CVE-2023-50251
php-svg-lib is an SVG file parsing / rendering library. Prior to version 0.5.1, when parsing the attributes passed to a use tag inside an svg document, an attacker can cause the system to go to an infinite recursion. Depending on the system configuration and attack pattern this could exhaust the...