12607 matches found
EUVD-2023-60375
In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: m920x: Fix a potential memory leak in m920xi2cxfer 'read' is freed when it is known to be NULL, but not when a read error occurs. Revert the logic to avoid a small leak, should a m920xread call fail...
EUVD-2023-60466
In the Linux kernel, the following vulnerability has been resolved: i2c: xiic: xiicxfer: Fix runtime PM leak on error path The xiicxfer function gets a runtime PM reference when the function is entered. This reference is released when the function is exited. There is currently one error path wher...
CVE-2023-54314
In the Linux kernel, the following vulnerability has been resolved: media: af9005: Fix null-ptr-deref in af9005i2cxfer In af9005i2cxfer, msg is controlled by user. When msgi.buf is null and msgi.len is zero, former checks on msgi.buf would be passed. Malicious data finally reach af9005i2cxfer. If...
CVE-2023-54277
In the Linux kernel, the following vulnerability has been resolved: fbdev: udlfb: Fix endpoint check The syzbot fuzzer detected a problem in the udlfb driver, caused by an endpoint not having the expected type: usb 1-1: Read EDID byte 0 failed: -71 usb 1-1: Unable to get valid EDID from...
CVE-2023-54266
In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: m920x: Fix a potential memory leak in m920xi2cxfer 'read' is freed when it is known to be NULL, but not when a read error occurs. Revert the logic to avoid a small leak, should a m920xread call fail...
CVE-2023-54314
In the Linux kernel, the following vulnerability has been resolved: media: af9005: Fix null-ptr-deref in af9005i2cxfer In af9005i2cxfer, msg is controlled by user. When msgi.buf is null and msgi.len is zero, former checks on msgi.buf would be passed. Malicious data finally reach af9005i2cxfer. If...
CVE-2023-54213
In the Linux kernel, the following vulnerability has been resolved: USB: sisusbvga: Add endpoint checks The syzbot fuzzer was able to provoke a WARNING from the sisusbvga driver: ------------ cut here ------------ usb 1-1: BOGUS urb xfer, pipe 3 != type 1 WARNING: CPU: 1 PID: 26 at...
UBUNTU-CVE-2023-54314
In the Linux kernel, the following vulnerability has been resolved: media: af9005: Fix null-ptr-deref in af9005i2cxfer In af9005i2cxfer, msg is controlled by user. When msgi.buf is null and msgi.len is zero, former checks on msgi.buf would be passed. Malicious data finally reach af9005i2cxfer. If...
CVE-2023-54314
The CVE affects the Linux kernel subsystem media/af9005. In af9005_i2c_xfer, user-controlled msg[i].buf could be accessed when msg[i].buf is NULL and msg[i].len is 0, allowing a NULL pointer dereference. The fix adds a len check to prevent dereferencing an invalid buffer, mitigating a crash. The ...
CVE-2023-54314 media: af9005: Fix null-ptr-deref in af9005_i2c_xfer
In the Linux kernel, the following vulnerability has been resolved: media: af9005: Fix null-ptr-deref in af9005i2cxfer In af9005i2cxfer, msg is controlled by user. When msgi.buf is null and msgi.len is zero, former checks on msgi.buf would be passed. Malicious data finally reach af9005i2cxfer. If...
CVE-2023-54314 media: af9005: Fix null-ptr-deref in af9005_i2c_xfer
In the Linux kernel, the following vulnerability has been resolved: media: af9005: Fix null-ptr-deref in af9005i2cxfer In af9005i2cxfer, msg is controlled by user. When msgi.buf is null and msgi.len is zero, former checks on msgi.buf would be passed. Malicious data finally reach af9005i2cxfer. If...
CVE-2023-54266 media: dvb-usb: m920x: Fix a potential memory leak in m920x_i2c_xfer()
In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: m920x: Fix a potential memory leak in m920xi2cxfer 'read' is freed when it is known to be NULL, but not when a read error occurs. Revert the logic to avoid a small leak, should a m920xread call fail...
CVE-2023-54266 media: dvb-usb: m920x: Fix a potential memory leak in m920x_i2c_xfer()
In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: m920x: Fix a potential memory leak in m920xi2cxfer 'read' is freed when it is known to be NULL, but not when a read error occurs. Revert the logic to avoid a small leak, should a m920xread call fail...
CVE-2023-54266
In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: m920x: Fix a potential memory leak in m920xi2cxfer 'read' is freed when it is known to be NULL, but not when a read error occurs. Revert the logic to avoid a small leak, should a m920xread call fail...
CVE-2023-54175
The CVE-2023-54175 issue affects the Linux kernel i2c xiic driver, where xiic_xfer() acquired a runtime PM reference on entry but had an error path that could leak that reference. The provided documents confirm a resolution: ensure the error path releases the runtime PM reference, preventing leak...
CVE-2023-54175 i2c: xiic: xiic_xfer(): Fix runtime PM leak on error path
In the Linux kernel, the following vulnerability has been resolved: i2c: xiic: xiicxfer: Fix runtime PM leak on error path The xiicxfer function gets a runtime PM reference when the function is entered. This reference is released when the function is exited. There is currently one error path wher...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which stems from mishandling of the m920xi2cxfer error in media: dvb-usb: m920x, which could lead to a memory leak...
NLB mKlik Macedonia SQL注入漏洞
NLB mKlik Macedonia is an official mobile banking application of NLB in the Republic of North Macedonia. A SQL injection vulnerability exists in NLB mKlik Macedonia version 3.3.12, which stems from improper cleanup of the international transfer parameter and could lead to an SQL injection attack...
PT-2025-54095
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to a potential memory leak within the m920x i2c xfer function. Specifically, memory associated with read may be freed incorrectly when it is NUL...
Fetch 安全漏洞
Fetch is an FTP file transfer client from Fetch USA. A security vulnerability exists in Fetch version 5.8.2, which stems from consuming 100% CPU while processing an extremely long server response, which may result in a denial of service...