CVE-2023-53275 ALSA: hda: fix a possible null-pointer dereference due to data race in snd_hdac_regmap_sync()

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: fix a possible null-pointer dereference due to data race in sndhdacregmapsync The variable codec-regmap is often protected by the lock codec-regmaplock when is accessed. However, it is accessed without holding the lock...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the lack of lock protection for codec-regmap in the sndhdacregmapsync function, which could lead to a null point...

PT-2025-37904

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel’s md/raid10 subsystem related to a leak of r10bio-remaining during recovery operations. Specifically, the raid10 sync request function adds...

Linux Distros Unpatched Vulnerability : CVE-2022-50305

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ASoC: sofes8336: fix possible use- after-free in sofes8336remove sofes8336remove calls...

DEBIAN-CVE-2023-53252

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: use RCU for hciconnparams and iterate safely in hcisync hciupdateacceptlistsync iterates over hdev-pendleconns and hdev-pendlereports, and waits for controller events in the loop body, without holding hdev lock...

CVE-2023-53219

In the Linux kernel, the following vulnerability has been resolved: media: netupunidvb: fix use-after-free at deltimer When Universal DVB card is detaching, netupunidvbdmafini uses deltimer to stop dma-timeout timer. But when timer handler netupunidvbdmatimeout is running, deltimer could not stop...

DEBIAN-CVE-2023-53219

In the Linux kernel, the following vulnerability has been resolved: media: netupunidvb: fix use-after-free at deltimer When Universal DVB card is detaching, netupunidvbdmafini uses deltimer to stop dma-timeout timer. But when timer handler netupunidvbdmatimeout is running, deltimer could not stop...

CVE-2023-53252 Bluetooth: use RCU for hci_conn_params and iterate safely in hci_sync

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: use RCU for hciconnparams and iterate safely in hcisync hciupdateacceptlistsync iterates over hdev-pendleconns and hdev-pendlereports, and waits for controller events in the loop body, without holding hdev lock...

CVE-2023-53252

The CVE-2023-53252 entry applies to the Linux kernel Bluetooth stack. The vulnerability arises in hci_update_accept_list_sync where hci_conn_params/hci_sync lists are iterated while the lists can be modified (e.g., by le_scan_cleanup) without holding the device lock, risking an invalid list curso...

CVE-2023-53252 Bluetooth: use RCU for hci_conn_params and iterate safely in hci_sync

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: use RCU for hciconnparams and iterate safely in hcisync hciupdateacceptlistsync iterates over hdev-pendleconns and hdev-pendlereports, and waits for controller events in the loop body, without holding hdev lock...

CVE-2023-53219 media: netup_unidvb: fix use-after-free at del_timer()

In the Linux kernel, the following vulnerability has been resolved: media: netupunidvb: fix use-after-free at deltimer When Universal DVB card is detaching, netupunidvbdmafini uses deltimer to stop dma-timeout timer. But when timer handler netupunidvbdmatimeout is running, deltimer could not stop...

CVE-2023-53219

CVE-2023-53219 affects the Linux kernel media: netup_unidvb code, where detaching a Universal DVB card could lead to a use-after-free because del_timer() could not stop an active timer in netup_unidvb_dma_timeout() while the timer runs. The fix replaces del_timer() with del_timer_sync() to ensure...

CVE-2023-53219 media: netup_unidvb: fix use-after-free at del_timer()

In the Linux kernel, the following vulnerability has been resolved: media: netupunidvb: fix use-after-free at deltimer When Universal DVB card is detaching, netupunidvbdmafini uses deltimer to stop dma-timeout timer. But when timer handler netupunidvbdmatimeout is running, deltimer could not stop...

fast-able is vulnerable to DoS attack through insecure method

The public accessible struct SyncVec has a public safe method getunchecked. It accept a parameter index and used in the getunchecked without sufficient checks as mentioned here...

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization via the syncMembershipBatchToRemotesn function in the membership.go file . An attacker can access sensitive user information by leveraging unsanitized user objects from malicious or compromised remote clusters. Not...

CVE-2025-9632 PhpList Subber <= 1.1 - Cross-Site Request Forgery

The PhpList Subber plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1. This is due to missing or incorrect nonce validation on the bulkactionhandler function. This makes it possible for unauthenticated attackers to trigger bulk synchronizati...

SUSE CVE-2025-39691

In the Linux kernel, the following vulnerability has been resolved: fs/buffer: fix use-after-free when call bhread helper There's issue as follows: BUG: KASAN: stack-out-of-bounds in endbufferreadsync+0xe3/0x110 Read of size 8 at addr ffffc9000168f7f8 by task swapper/3/0 CPU: 3 UID: 0 PID: 0 Comm...

kernel: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix hugepmdunshare vs GUP-fast race hugepmdunshare drops a reference on a page table that may have previously been shared across processes, potentially turning it into a normal page table used in another process in...

PT-2025-39131

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to MACsec feature synchronization on RTM NEWLINK events. Syzkaller identified a condition where the lower network device could become locked when...

UBUNTU-CVE-2025-39691

In the Linux kernel, the following vulnerability has been resolved: fs/buffer: fix use-after-free when call bhread helper There's issue as follows: BUG: KASAN: stack-out-of-bounds in endbufferreadsync+0xe3/0x110 Read of size 8 at addr ffffc9000168f7f8 by task swapper/3/0 CPU: 3 UID: 0 PID: 0 Comm...