EUVD-2023-24807

Malicious code in bioql PyPI...

EUVD-2023-24966

Malicious code in bioql PyPI...

CVE-2023-20788

In thermal, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07648734; Issue ID: ALPS07648735...

CVE-2023-20628

In thermal, there is a possible memory corruption due to an uncaught exception. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07494460; Issue ID: ALPS07494460...

CVE-2025-20671

In thermal, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09698599; Issue ID: MSV-3228...

CVE-2025-20671

In thermal, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09698599; Issue ID: MSV-3228...

CVE-2025-23136

In the Linux kernel, the following vulnerability has been resolved: thermal: int340x: Add NULL check for adev Not all devices have an ACPI companion fwnode, so adev might be NULL. This is similar to the commit cd2fd6eab480 "platform/x86: int3472: Check for adev == NULL". Add a check for adev not...

CVE-2022-48924

In the Linux kernel, the following vulnerability has been resolved: thermal: int340x: fix memory leak in int3400notify It is easy to hit the below memory leaks in my TigerLake platform: unreferenced object 0xffff927c8b91dbc0 size 32: comm "kworker/0:2", pid 112, jiffies 4294893323 age 83.604s hex...

CVE-2022-48915

CVE-2022-48915 affects the Linux kernel thermal subsystem. The issue was a NULL pointer dereference in TZ_GET_TRIP when a thermal zone defines no trip, caused by an unsafe call path to get_trip_hyst(). The fix prevents calling get_trip_hyst() if the thermal zone lacks a trip, as described in the ...

CVE-2021-47441

CVE-2021-47441 concerns the Linux kernel mlxsw thermal driver. The issue arises when cooling state is set above the driver’s maximum state (e.g., cur_state=18 while max_state=10), which triggers out-of-bounds memory accesses in thermal statistics code. The thermal maintainer indicates it is the d...

CVE-2023-52794 thermal: intel: powerclamp: fix mismatch in get function for max_idle

In the Linux kernel, the following vulnerability has been resolved: thermal: intel: powerclamp: fix mismatch in get function for maxidle KASAN reported this 444.853098 BUG: KASAN: global-out-of-bounds in paramgetint+0x77/0x90 444.853111 Read of size 4 at addr ffffffffc16c9220 by task cat/2105...

CVE-2022-48703

In the Linux kernel, the following vulnerability has been resolved: thermal/int340xthermal: handle datavault when the value is ZEROSIZEPTR In some case, the GDDV returns a package with a buffer which has zero length. It causes that kmemdup returns ZEROSIZEPTR 0x10. Then the datavaultread got NULL...

CVE-2021-47202

In the Linux kernel, the following vulnerability has been resolved: thermal: Fix NULL pointer dereferences in ofthermal functions ofparsethermalzones parses the thermal-zones node and registers a thermalzone device for each subnode. However, if a thermal zone is consuming a thermal sensor and tha...

CVE-2021-47202

In the Linux kernel, the following vulnerability has been resolved: thermal: Fix NULL pointer dereferences in ofthermal functions ofparsethermalzones parses the thermal-zones node and registers a thermalzone device for each subnode. However, if a thermal zone is consuming a thermal sensor and tha...

CVE-2021-47202 thermal: Fix NULL pointer dereferences in of_thermal_ functions

In the Linux kernel, the following vulnerability has been resolved: thermal: Fix NULL pointer dereferences in ofthermal functions ofparsethermalzones parses the thermal-zones node and registers a thermalzone device for each subnode. However, if a thermal zone is consuming a thermal sensor and tha...

CVE-2024-26646

In the Linux kernel, the following vulnerability has been resolved: thermal: intel: hfi: Add syscore callbacks for system-wide PM The kernel allocates a memory buffer and provides its location to the hardware, which uses it to update the HFI table. This allocation occurs during boot and remains...

GSD-2021-1002157 mlxsw: thermal: Fix out-of-bounds memory accesses

mlxsw: thermal: Fix out-of-bounds memory accesses This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15 by commit...

GSD-2021-1001826 mlxsw: thermal: Fix out-of-bounds memory accesses

mlxsw: thermal: Fix out-of-bounds memory accesses This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.155 by commit...