Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-394064)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-394064 advisory. In the Linux kernel, the following vulnerability has been resolved: media: v4l2-tpg: prevent the risk of a division by zero As reported by Coverity, the logic at...

EUVD-2025-30986

Malicious code in bioql PyPI...

EUVD-2024-54636

Malicious code in bioql PyPI...

EUVD-2024-41758

Malicious code in bioql PyPI...

CVE-2025-47318

Transient DOS while parsing the EPTM test control message to get the test pattern...

Intelligent Graybox Fuzzing Via ATPG-Guided Seed Generation and Submodule Analysis

Hardware Fuzzing emerged as one of the crucial techniques for finding security flaws in modern hardware designs by testing a wide range of input scenarios. One of the main challenges is creating high-quality input seeds that maximize coverage and speed up verification. Coverage-Guided Fuzzing CGF...

CVE-2025-47318

Transient DOS while parsing the EPTM test control message to get the test pattern...

PT-2025-39281

Name of the Vulnerable Software and Affected Versions versions prior to 2025 affected versions not specified Description A temporary denial-of-service condition can occur during the parsing of the EPTM test control message when retrieving the test pattern. Recommendations At the moment, there is ...

Qualcomm Chipsets 资源管理错误漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A resource management error vulnerability exists in Qualcomm Chipsets, which arises from a memory corruption that occurs when processing the TESTPATTERNCONFIG escape path...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm, Inc. A security vulnerability exists in Qualcomm Chipsets that stems from a memory corruption when processing camera TPG write requests...

SUSE CVE-2025-38226

In the Linux kernel, the following vulnerability has been resolved: media: vivid: Change the siize of the composing syzkaller found a bug: BUG: KASAN: vmalloc-out-of-bounds in tpgfillplanepattern drivers/media/common/v4l2-tpg/v4l2-tpg-core.c:2608 inline BUG: KASAN: vmalloc-out-of-bounds in...

UBUNTU-CVE-2025-38226

In the Linux kernel, the following vulnerability has been resolved: media: vivid: Change the siize of the composing syzkaller found a bug: BUG: KASAN: vmalloc-out-of-bounds in tpgfillplanepattern drivers/media/common/v4l2-tpg/v4l2-tpg-core.c:2608 inline BUG: KASAN: vmalloc-out-of-bounds in...

CVE-2024-53017

Memory corruption while handling test pattern generator IOCTL command...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that stems from a possible memory corruption when processing the Test Pattern Generator IOCTL command...

CVE-2024-45573

Memory corruption may occour while generating test pattern due to negative indexing of display ID...

CVE-2024-45573

CVE-2024-45573 : Memory corruption can occur when generating test patterns due to negative indexing of the display ID in Qualcomm chipsets. CVSS v3.1 base score 7.8 (HIGH) with LOCAL attacker, low privileges, no user interaction; impacts to confidentiality, integrity, and availability are noted a...

CVE-2024-45573 Use of Out-of-range Pointer Offset in Display

Memory corruption may occour while generating test pattern due to negative indexing of display ID...

media: v4l2-tpg: prevent the risk of a division by zero

...

PT-2022-35275 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to 5.15.75 Description: The issue is related to the drm/dp component, specifically with rewriting link config when setting phy test pattern. The actual impact and attack plausibility have not yet been proven...

PT-2022-34996 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to 6.0.3 Description: The issue is related to the drm/dp component, where link config is rewritten when setting the phy test pattern. The actual impact and attack plausibility have not yet been proven...