7894 matches found
UBUNTU-CVE-2024-57987
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btrtl: check for NULL in btrtlsetuprealtek If insert an USB dongle which chip is not maintained in icidtable, it will hit the NULL point accessed. Add a null point check to avoid the Kernel Oops...
CVE-2025-21723 scsi: mpi3mr: Fix possible crash when setting up bsg fails
In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix possible crash when setting up bsg fails If bsgsetupqueue fails, the bsgqueue is assigned a non-NULL value. Consequently, in mpi3mrbsgexit, the condition "if!mrioc-bsgqueue" will not be satisfied, preventing...
CVE-2025-21723
Summary (CVE-2025-21723) In the Linux kernel, mpi3mr/scsi code was fixed to prevent a crash when BSG setup fails. If bsg_setup_queue() fails, bsg_queue may be non-NULL, causing mpi3mr_bsg_exit() to skip bsg_remove_queue() and trigger a NULL pointer dereference (kernel crash) as shown in the entry...
CVE-2025-21723
In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix possible crash when setting up bsg fails If bsgsetupqueue fails, the bsgqueue is assigned a non-NULL value. Consequently, in mpi3mrbsgexit, the condition "if!mrioc-bsgqueue" will not be satisfied, preventing...
CVE-2024-57987 Bluetooth: btrtl: check for NULL in btrtl_setup_realtek()
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btrtl: check for NULL in btrtlsetuprealtek If insert an USB dongle which chip is not maintained in icidtable, it will hit the NULL point accessed. Add a null point check to avoid the Kernel Oops...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the Bluetooth: btrtl module not checking for null pointers in the btrtlsetuprealtek function...
Mastodon 安全漏洞
Mastodon is an open source social networking server based on ActivityPub by Mastodon Open Source. A security vulnerability exists in Mastodon that stems from a lack of rate limiting in /auth/setup, which could result in sending emails to arbitrary addresses...
Linux Kernel ksmbd Session Setup Race Condition Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Kernel. Authentication is not required to exploit this vulnerability. However, only systems with ksmbd enabled are vulnerable. The specific flaw exists within the implementation of session setu...
DEBIAN-CVE-2022-49681
In the Linux kernel, the following vulnerability has been resolved: xtensa: xtfpga: Fix refcount leak bug in setup In machinesetup, offindcompatiblenode will return a node pointer with refcount incremented. We should use ofnodeput when it is not used anymore...
DEBIAN-CVE-2022-49439
In the Linux kernel, the following vulnerability has been resolved: powerpc/fslrio: Fix refcount leak in fslriosetup ofparsephandle returns a node pointer with refcount incremented, we should use ofnodeput on it when not need anymore. Add missing ofnodeput to avoid refcount leak...
DEBIAN-CVE-2022-49421
In the Linux kernel, the following vulnerability has been resolved: video: fbdev: clcdfb: Fix refcount leak in clcdfbofvramsetup ofparsephandle returns a node pointer with refcount incremented, we should use ofnodeput on it when not need anymore. Add missing ofnodeput to avoid refcount leak...
DEBIAN-CVE-2022-49395
In the Linux kernel, the following vulnerability has been resolved: um: Fix out-of-bounds read in LDT setup syscallstubdata expects the datacount parameter to be the number of longs, not bytes. ================================================================== BUG: KASAN: stack-out-of-bounds in...
UBUNTU-CVE-2022-49681
In the Linux kernel, the following vulnerability has been resolved: xtensa: xtfpga: Fix refcount leak bug in setup In machinesetup, offindcompatiblenode will return a node pointer with refcount incremented. We should use ofnodeput when it is not used anymore...
UBUNTU-CVE-2022-49412
In the Linux kernel, the following vulnerability has been resolved: bfq: Avoid merging queues with different parents It can happen that the parent of a bfqq changes between the moment we decide two queues are worth to merge and set bic-stablemergebfqq and the moment bfqsetupmerge is called. This...
UBUNTU-CVE-2022-49725
In the Linux kernel, the following vulnerability has been resolved: i40e: Fix call trace in setuptxdescriptors After PF reset and ethtool -t there was call trace in dmesg sometimes leading to panic. When there was some time, around 5 seconds, between reset and test there were no errors. Problem w...
UBUNTU-CVE-2022-49395
In the Linux kernel, the following vulnerability has been resolved: um: Fix out-of-bounds read in LDT setup syscallstubdata expects the datacount parameter to be the number of longs, not bytes. ================================================================== BUG: KASAN: stack-out-of-bounds in...
CVE-2022-49213
In the Linux kernel, the following vulnerability has been resolved: ath10k: Fix error handling in ath10ksetupmsaresources The devicenode pointer is returned by ofparsephandle with refcount incremented. We should use ofnodeput on it when done. This function only calls ofnodeput in the regular path...
DEBIAN-CVE-2022-49195
In the Linux kernel, the following vulnerability has been resolved: net: dsa: fix panic on shutdown if multi-chip tree failed to probe DSA probing is atypical because a tree of devices must probe all at once, so out of N switches which call dsatreesetuproutingtable during probe, for N - 1 of them...
CVE-2022-49725
Mode C: The CVE-2022-49725 issue affects the Linux kernel i40e driver (VF/PF path) where a race between PF reset and ethtool -t diag_test could let i40e_vsi_close sequence overlap and crash. The fix adds a guard to diag_test to skip offline tests while PF is resetting and logs a failure path (net...
CVE-2022-49681 xtensa: xtfpga: Fix refcount leak bug in setup
In the Linux kernel, the following vulnerability has been resolved: xtensa: xtfpga: Fix refcount leak bug in setup In machinesetup, offindcompatiblenode will return a node pointer with refcount incremented. We should use ofnodeput when it is not used anymore...