CVE-2023-53196

CVE-2023-53196 affects the Linux kernel USB subsystem (dwc3 on Qualcomm platforms). The issue was a memory leak in dwc3_qcom_probe(), where allocated memory for the resource structure pointed to by parent_res was not freed. The fix replaces that dynamic allocation with stack-allocated memory to p...

CVE-2023-53196 usb: dwc3: qcom: Fix potential memory leak

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: qcom: Fix potential memory leak Function dwc3qcomprobe allocates memory for resource structure which is pointed by parentres pointer. This memory is not freed. This leads to memory leak. Use stack memory to prevent...

md/raid1: Fix stack memory use after return in raid1_reshape

...

Linux Distros Unpatched Vulnerability : CVE-2019-9578

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In devs.c in Yubico libu2f-host before 1.1.8, the response to init is misparsed, leaking uninitialized stack memory back to the device. CVE-2019-9578 Note that...

Linux Distros Unpatched Vulnerability : CVE-2016-4485

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The llccmsgrcv function in net/llc/afllc.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows attackers to obtain...

Linux Distros Unpatched Vulnerability : CVE-2020-13899

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in janus-gateway aka Janus WebRTC Server through 0.10.0. janusprocessincomingrequest in janus.c discloses information from uninitialized...

CVE-2012-10057

Lattice Semiconductor ispVM System v18.0.2 contains a buffer overflow vulnerability in its handling of .xcf project files. When parsing the version attribute of the ispXCF XML tag, the application fails to properly validate input length, allowing a specially crafted file to overwrite memory on th...

CVE-2025-53012

MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. In version 1.39.2, nested imports of MaterialX files can lead to a crash via stack memory exhaustion, due to the lack of a limit on the "import chain" depth. When parsin...

CVE-2025-53012

MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. In version 1.39.2, nested imports of MaterialX files can lead to a crash via stack memory exhaustion, due to the lack of a limit on the "import chain" depth. When parsin...

CVE-2025-53022

TrustedFirmware-M aka Trusted Firmware for M profile Arm CPUs before 2.1.3 and 2.2.x before 2.2.1 lacks length validation during a firmware upgrade. While processing a new image, the Firmware Upgrade FWU module does not validate the length field of the Type-Length-Value TLV structure for dependen...

PT-2025-31672 · Materialx · Materialx

Name of the Vulnerable Software and Affected Versions: MaterialX version 1.39.2 Description: MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. Nested imports of MaterialX files can lead to a crash due to stack memory...

CVE-2025-53022

TrustedFirmware-M aka Trusted Firmware for M profile Arm CPUs before 2.1.3 and 2.2.x before 2.2.1 lacks length validation during a firmware upgrade. While processing a new image, the Firmware Upgrade FWU module does not validate the length field of the Type-Length-Value TLV structure for dependen...

PT-2025-31436

Name of the Vulnerable Software and Affected Versions TrustedFirmware-M versions prior to 2.1.3 TrustedFirmware-M versions 2.2.x prior to 2.2.1 Description TrustedFirmware-M lacks length validation during a firmware upgrade. The Firmware Upgrade FWU module does not validate the length field of th...

firefox: thunderbird: JavaScript engine only wrote partial return value to stack

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: On 64-bit platforms, IonMonkey-JIT only wrote 32 bits of the 64-bit return value space on the stack. Baseline-JIT, however, reads the entire 64 bits...

CVE-2025-38445

In the Linux kernel, the following vulnerability has been resolved: md/raid1: Fix stack memory use after return in raid1reshape In the raid1reshape function, newpool is allocated on the stack and assigned to conf-r1biopool. This results in conf-r1biopool.wait.head pointing to a stack address...

AZL-72929 CVE-2025-38445 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: md/raid1: Fix stack memory use after return in raid1reshape In the raid1reshape function, newpool is allocated on the stack and assigned to conf-r1biopool. This results in conf-r1biopool.wait.head pointing to a stack address...

AZL-65747 CVE-2025-38445 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: md/raid1: Fix stack memory use after return in raid1reshape In the raid1reshape function, newpool is allocated on the stack and assigned to conf-r1biopool. This results in conf-r1biopool.wait.head pointing to a stack address...

DEBIAN-CVE-2025-38445

In the Linux kernel, the following vulnerability has been resolved: md/raid1: Fix stack memory use after return in raid1reshape In the raid1reshape function, newpool is allocated on the stack and assigned to conf-r1biopool. This results in conf-r1biopool.wait.head pointing to a stack address...

CVE-2025-38445

In the Linux kernel, the following vulnerability has been resolved: md/raid1: Fix stack memory use after return in raid1reshape In the raid1reshape function, newpool is allocated on the stack and assigned to conf-r1biopool. This results in conf-r1biopool.wait.head pointing to a stack address...

CVE-2025-38445 md/raid1: Fix stack memory use after return in raid1_reshape

In the Linux kernel, the following vulnerability has been resolved: md/raid1: Fix stack memory use after return in raid1reshape In the raid1reshape function, newpool is allocated on the stack and assigned to conf-r1biopool. This results in conf-r1biopool.wait.head pointing to a stack address...