609 matches found
WordPress TI WooCommerce Wishlist <1.40.1 - SQL Injection
WordPress TI WooCommerce Wishlist plugin before 1.40.1 contains a SQL injection vulnerability. The plugin does not sanitize and escape the itemid parameter before using it in a SQL statement via the wishlist/removeproduct REST endpoint. id: CVE-2022-0412 info: name: WordPress TI WooCommerce...
USB: serial: io_ti: fix heap overflow in get_manuf_info()
...
CVE-2026-53196 USB: serial: io_ti: fix heap overflow in get_manuf_info()
In the Linux kernel, the following vulnerability has been resolved: USB: serial: ioti: fix heap overflow in getmanufinfo getmanufinfo reads le16tocpuromdesc-Size bytes from the device I2C EEPROM into a buffer allocated with kmallocobj, which is sizeofstruct edgetimanufdescriptor = 10 bytes. The...
CVE-2026-53196
In the Linux kernel, the following vulnerability has been resolved: USB: serial: ioti: fix heap overflow in getmanufinfo getmanufinfo reads le16tocpuromdesc-Size bytes from the device I2C EEPROM into a buffer allocated with kmallocobj, which is sizeofstruct edgetimanufdescriptor = 10 bytes. The...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: Input: tiam335xtsc – fixed an off-by-one error in the wireorder validation. The current validation wireorderi ARRAYSIZEconfig pins allows wireorderi to equal ARRAYSIZEconfig pins, which causes out-of-bounds access when used as an...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: Fix refcount leak in tidra7xbarrouteallocate. The ofparsephandle function returns a node pointer with a refcount incremented. We should use ofnodeput on it when it is no longer needed. Add the missing ofnodeput cal...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: iio: adc: ina2xx: avoid NULL pointer dereference on OF device match The affected lines resulted in a NULL pointer dereference on our platform because the device tree contained the following list of compatible strings:...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Net: Ethernet: TI: am65-cpsw-nuss: Fixed null pointer dereferencing for ndev. In the TX completion packet stage of TI SoCs with a CPSW2G instance, which has a single external Ethernet port, ndev is accessed without being...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: soc: ti: pm33xx: The refcount leak in am33xxpmprobe has been fixed. wkupm3ipcget takes a reference count, which should be released by wkupm3ipcput. Add the necessary refcount release in the error-prone paths...
Astra Linux – Vulnerability in Qemu
A use-after-free vulnerability was discovered in the am53c974 SCSI host bus adapter emulation in QEMU in versions prior to 6.0.0, during the handling of the ‘Information Transfer’ command CMDTI. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial ...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: k3-udma-glue: Fix for ofk3udmaglueParsechnbyid The ofk3udmaglueParsechnbyid helper function erroneously invokes “ofnodeput” on the “udmaxnp” device node that was passed to it. Additionally, its reference count was...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: dmaengine: ti: k3-udma-glue: A memory leak was fixed when the deviceregister function failed. If deviceregister fails, it should call putdevice to release the reference. The name allocated by devsetname can be freed in the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: media: ti-vpe: cal: Fixed a NULL pointer dereference in calctxv4l2initformats. In calctxv4l2initformats, devmkzalloc is assigned to ctx-activefmt, and there is a dereference of it afterward. This could lead to a NULL pointer...
SUSE CVE-2026-31768
In the Linux kernel, the following vulnerability has been resolved: iio: adc: ti-adc161s626: use DMA-safe memory for spiread Add a DMA-safe buffer and use it for spiread instead of a stack memory. All SPI buffers must be DMA-safe. Since we only need up to 3 bytes, we just use a u8 instead of be16...
misc: ti_fpc202: fix a potential memory leak in probe function
...
SUSE CVE-2025-71290
In the Linux kernel, the following vulnerability has been resolved: misc: tifpc202: fix a potential memory leak in probe function Use foreachchildofnodescoped to simplify the code and ensure the device node reference is automatically released when the loop scope ends...
SUSE CVE-2026-43242
In the Linux kernel, the following vulnerability has been resolved: soc: ti: k3-socinfo: Fix regmap leak on probe failure The mmio regmap allocated during probe is never freed. Switch to using the device managed allocator so that the regmap is released on probe failures e.g. probe deferral and on...
CVE-2025-71290
A flaw was found in the tifpc202 driver within the Linux kernel. This vulnerability, a potential memory leak in the probe function, could allow a local attacker to cause a denial of service by exhausting system memory resources...
EUVD-2025-209681
In the Linux kernel, the following vulnerability has been resolved: misc: tifpc202: fix a potential memory leak in probe function Use foreachchildofnodescoped to simplify the code and ensure the device node reference is automatically released when the loop scope ends...
CVE-2025-71290
In the Linux kernel, the following vulnerability has been resolved: misc: tifpc202: fix a potential memory leak in probe function Use foreachchildofnodescoped to simplify the code and ensure the device node reference is automatically released when the loop scope ends...