498 matches found
CVE-2025-39840
In the Linux kernel, the following vulnerability has been resolved: audit: fix out-of-bounds read in auditcomparednamepath When a watch on dir=/ is combined with an fsnotify event for a single-character name directly under / e.g., creating /a, an out-of-bounds read can occur in...
CVE-2025-39843
In the Linux kernel, the following vulnerability has been resolved: mm: slub: avoid wake up kswapd in settrackprepare settrackprepare can incur lock recursion. The issue is that it is called from hrtimerstartrangens holding the percpuhrtimerbasesn.lock, but when enabled CONFIGDEBUGOBJECTSTIMERS,...
CVE-2025-39855
In the Linux kernel, the following vulnerability has been resolved: ice: fix NULL access of tx-inuse in iceptptsirq The E810 device has support for a "low latency" firmware interface to access and read the Tx timestamps. This interface does not use the standard Tx timestamp logic, due to the...
CVE-2025-39838
In the Linux kernel, the following vulnerability has been resolved: cifs: prevent NULL pointer dereference in UTF16 conversion There can be a NULL pointer dereference bug here. NULL is passed to cifssfumakenode without checks, which passes it unchecked to cifsstrnduptoutf16, which in turn passes ...
CVE-2022-50415
In the Linux kernel, the following vulnerability has been resolved: parisc: led: Fix potential null-ptr-deref in starttask starttask calls createsinglethreadworkqueue and not checked the ret value, which may return NULL. And a null-ptr-deref may happen: starttask createsinglethreadworkqueue faile...
CVE-2023-53437
In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Handle cameras with invalid descriptors If the source entity does not contain any pads, do not create a link...
CVE-2022-50397
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2023-53351
In the Linux kernel, the following vulnerability has been resolved: drm/sched: Check scheduler work queue before calling timeout handling During an IGT GPU reset test we see again oops despite of commit 0c8c901aaaebc9 drm/sched: Check scheduler ready before calling timeout handling. It uses ready...
CVE-2023-53336
In the Linux kernel, the following vulnerability has been resolved: media: ipu-bridge: Fix null pointer deref on SSDB/PLD parsing warnings When ipubridgeparserotation and ipubridgeparseorientation run sensor-adev is not set yet. So if either of the devwarn calls about unknown values are hit this...
CVE-2023-53350
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Fix slicing memory leak The temporary buffer storing slicing configuration data from user is only freed on error. This is a memory leak. Free the buffer unconditionally...
CVE-2023-53310
In the Linux kernel, the following vulnerability has been resolved: power: supply: axp288fuelgauge: Fix externalpowerchanged race fuelgaugeexternalpowerchanged dereferences info-bat, which gets sets in axp288fuelgaugeprobe like this: info-bat = devmpowersupplyregisterdev, &fuelgaugedesc, &psycfg;...
CVE-2022-50341
In the Linux kernel, the following vulnerability has been resolved: cifs: fix oops during encryption When running xfstests against Azure the following oops occurred on an arm64 system Unable to handle kernel write to read-only memory at virtual address ffff0001221cf000 Mem abort info: ESR =...
CVE-2025-39819
In the Linux kernel, the following vulnerability has been resolved: fs/smb: Fix inconsistent refcnt update A possible inconsistent update of refcount was identified in smb2compoundop. Such inconsistent update could lead to possible resource leaks. Why it is a possible bug: 1. In the comment secti...
CVE-2023-53285
In the Linux kernel, the following vulnerability has been resolved: ext4: add bounds checking in getmaxinlinexattrvaluesize Normally the extended attributes in the inode body would have been checked when the inode is first opened, but if someone is writing to the block device while the file syste...
CVE-2023-53267
In the Linux kernel, the following vulnerability has been resolved: driver: soc: xilinx: fix memory leak in xlnxaddcbfornotifyevent The kfree should be called when memory fails to be allocated for cbdata in xlnxaddcbfornotifyevent, otherwise there will be a memory leak, so add kfree to fix it...
CVE-2023-53270
In the Linux kernel, the following vulnerability has been resolved: ext4: fix idisksize exceeding isize problem in paritally written case It is possible for idisksize can exceed isize, triggering a warning. genericperformwrite copied = iovitercopyfromuseratomiclen // copied idisksize, newsize //...
CVE-2023-53247
In the Linux kernel, the following vulnerability has been resolved: btrfs: setpageextentmapped after readfolio in btrfscontexpand While trying to get the subpage blocksize tests running, I hit the following panic on generic/476 assertion failed: PagePrivatepage && page-private, in...
CVE-2022-50300
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix extent map use-after-free when handling missing device in readonechunk Store the error code before freeing the extentmap. Though it's reference counted structure, in that function it's the first and last allocation so...
CVE-2022-50240
In the Linux kernel, the following vulnerability has been resolved: android: binder: stop saving a pointer to the VMA Do not record a pointer to a VMA outside of the mmaplock for later use. This is unsafe and there are a number of failure paths after the recorded VMA pointer may be freed during...
CVE-2022-50243
In the Linux kernel, the following vulnerability has been resolved: sctp: handle the error returned from sctpauthasocinitactivekey When it returns an error from sctpauthasocinitactivekey, the activekey is actually not updated. The old shkey will be freeed while it's still used as active key in...