954 matches found
CVE-2025-21856 s390/ism: add release function for struct device
In the Linux kernel, the following vulnerability has been resolved: s390/ism: add release function for struct device According to devicerelease in /drivers/base/core.c, a device without a release function is a broken device and must be fixed. The current code directly frees the device after calli...
CVE-2025-21856
In the Linux kernel, the following vulnerability has been resolved: s390/ism: add release function for struct device According to devicerelease in /drivers/base/core.c, a device without a release function is a broken device and must be fixed. The current code directly frees the device after calli...
CVE-2025-21856 s390/ism: add release function for struct device
In the Linux kernel, the following vulnerability has been resolved: s390/ism: add release function for struct device According to devicerelease in /drivers/base/core.c, a device without a release function is a broken device and must be fixed. The current code directly frees the device after calli...
DEBIAN-CVE-2024-58060
In the Linux kernel, the following vulnerability has been resolved: bpf: Reject structops registration that uses module ptr and the module btfid is missing There is a UAF report in the bpfstructops when CONFIGMODULES=n. In particular, the report is on tcpcongestionops that has a "struct module...
UBUNTU-CVE-2024-58060
In the Linux kernel, the following vulnerability has been resolved: bpf: Reject structops registration that uses module ptr and the module btfid is missing There is a UAF report in the bpfstructops when CONFIGMODULES=n. In particular, the report is on tcpcongestionops that has a "struct module...
CVE-2024-58081 clk: mmp2: call pm_genpd_init() only after genpd.name is set
In the Linux kernel, the following vulnerability has been resolved: clk: mmp2: call pmgenpdinit only after genpd.name is set Setting the genpd's struct device's name with devsetname is happening within pmgenpdinit. If it remains NULL, things can blow up later, such as when crafting the devfs...
Linux Distros Unpatched Vulnerability : CVE-2017-14318
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen 4.5.x through 4.9.x. The function gnttabcacheflush handles GNTTABOPcacheflush grant table operations. It checks to see if the...
PT-2025-14320 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, related to the drm/xe/hmm component. The issue involves dereferencing struct page pointers without holding the notifier lock, whi...
DEBIAN-CVE-2024-58007
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: socinfo: Avoid out of bounds read of serial number On MSM8916 devices, the serial number exposed in sysfs is constant and does not change across individual devices. It's always: db410c:/sys/devices/soc0$ cat serialnumb...
SUSE CVE-2022-49116
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: use memset avoid memory leaks Use memset to initialize structs to prevent memory leaks in l2capecredconnect...
CVE-2024-58007
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: socinfo: Avoid out of bounds read of serial number On MSM8916 devices, the serial number exposed in sysfs is constant and does not change across individual devices. It's always: db410c:/sys/devices/soc0$ cat serialnumb...
CVE-2024-58007 soc: qcom: socinfo: Avoid out of bounds read of serial number
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: socinfo: Avoid out of bounds read of serial number On MSM8916 devices, the serial number exposed in sysfs is constant and does not change across individual devices. It's always: db410c:/sys/devices/soc0$ cat serialnumb...
CVE-2024-58007 soc: qcom: socinfo: Avoid out of bounds read of serial number
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: socinfo: Avoid out of bounds read of serial number On MSM8916 devices, the serial number exposed in sysfs is constant and does not change across individual devices. It's always: db410c:/sys/devices/soc0$ cat serialnumb...
UBUNTU-CVE-2022-49651
In the Linux kernel, the following vulnerability has been resolved: srcu: Tighten cleanupsrcustruct GP checks Currently, cleanupsrcustruct checks for a grace period in progress, but it does not check for a grace period that has not yet started but which might start at any time. Such a situation...
CVE-2022-49149
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix call timer start racing with call destruction The rxrpccall struct has a timer used to handle various timed events relating to a call. This timer can get started from the packet input routines that are run in softirq...
DEBIAN-CVE-2022-49119
In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix memory leak in pm8001chipfwflashupdatereq In pm8001chipfwflashupdatebuild, if pm8001chipfwflashupdatebuild fails, the struct fwcontrolex allocated must be freed...
CVE-2022-49651
CVE-2022-49651 affects the Linux kernel. The advisory states that cleanup_srcu_struct() now checks for a grace period that is started but not yet started, addressing a potential use-after-free (UAF). It is resolved by a commit tightening GP checks in cleanup_srcu_struct(), with references to kern...
CVE-2022-49651
In the Linux kernel, the following vulnerability has been resolved: srcu: Tighten cleanupsrcustruct GP checks Currently, cleanupsrcustruct checks for a grace period in progress, but it does not check for a grace period that has not yet started but which might start at any time. Such a situation...
CVE-2022-49622 netfilter: nf_tables: avoid skb access on nf_stolen
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: avoid skb access on nfstolen When verdict is NFSTOLEN, the skb might have been freed. When tracing is enabled, this can result in a use-after-free: 1. access to skb-nftrace 2. access to skb-mark 3. computatio...
CVE-2022-49614
This CVE entry documents a Linux kernel vulnerability in the nvme subsystem (CVE-2022-49614) where the root cause involves using a struct group for generic command dwords. The consequence described is that this could let a trace event know the full size of data intended to be copied and could sil...