28 matches found
CVE-2025-1272
The Linux Kernel lockdown mode for kernel versions starting on 6.12 and above for Fedora Linux has the lockdown mode disabled without any warning. This may allow an attacker to gain access to sensitive information such kernel memory mappings, I/O ports, BPF and kprobes. Additionally unsigned...
CVE-2022-49710
In the Linux kernel, the following vulnerability has been resolved: dm mirror log: round up region bitmap size to BITSPERLONG The code in dm-log rounds up bitsetsize to 32 bits. It then uses findnextzerobitle on the allocated region. findnextzerobitle accesses the bitmap using unsigned long...
CVE-2022-49311
In the Linux kernel, the following vulnerability has been resolved: drivers: staging: rtl8192bs: Fix deadlock in rtwjoinbsseventprehandle There is a deadlock in rtwjoinbsseventprehandle, which is shown below: Thread 1 | Thread 2 | settimer rtwjoinbsseventprehandle| modtimer spinlockbh //1 | wait ...
CVE-2022-49632
In the Linux kernel, the following vulnerability has been resolved: icmp: Fix a data-race around sysctlicmperrorsuseinboundifaddr. While reading sysctlicmperrorsuseinboundifaddr, it can be changed concurrently. Thus, we need to add READONCE to its reader...
CVE-2022-49612
In the Linux kernel, the following vulnerability has been resolved: power: supply: core: Fix boundary conditions in interpolation The functions powersupplytemp2resistsimple and powersupplyocv2capsimple handle boundary conditions incorrectly. The change was introduced in...
CVE-2022-49368
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtkethsoc: out of bounds read in mtkhwlrogetfdirentry The "fsp-location" variable comes from user via ethtoolgetrxnfc. Check that it is valid to prevent an out of bounds read...
CVE-2022-49389
In the Linux kernel, the following vulnerability has been resolved: usb: usbip: fix a refcount leak in stubprobe usbgetdev is called in stubdevicealloc. When stubprobe fails after that, usbputdev needs to be called to release the reference. Fix this by moving usbputdev to sdevfree error path...
CVE-2022-49624
In the Linux kernel, the following vulnerability has been resolved: net: atlantic: remove aqnicdeinit when resume aqnicdeinit has been called while suspending, so we don't have to call it again on resume. Actually, call it again leads to another hang issue when resuming from S3. Jul 8 03:09:44...
CVE-2022-49494
In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: cadence: fix possible null-ptr-deref in cadencenanddtprobe It will cause null-ptr-deref when using 'res', if platformgetresource returns NULL, so move using 'res' after devmioremapresource that will check it to avoi...
CVE-2022-49672
In the Linux kernel, the following vulnerability has been resolved: net: tun: unlink NAPI from device on destruction Syzbot found a race between tun file and device destruction. NAPIs live in struct tunfile which can get destroyed before the netdev so we have to del them explicitly. The current...
CVE-2022-49302
In the Linux kernel, the following vulnerability has been resolved: USB: host: isp116x: check return value after calling platformgetresource It will cause null-ptr-deref if platformgetresource returns NULL, we need check the return value...
CVE-2022-49579
In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix data-races around sysctlfibmultipathhashpolicy. While reading sysctlfibmultipathhashpolicy, it can be changed concurrently. Thus, we need to add READONCE to its readers...
CVE-2022-49568
In the Linux kernel, the following vulnerability has been resolved: KVM: Don't null dereference ops-destroy A KVM device cleanup happens in either of two callbacks: 1 destroy which is called when the VM is being destroyed; 2 release which is called when a device fd is closed. Most KVM devices use...
CVE-2022-49409
In the Linux kernel, the following vulnerability has been resolved: ext4: fix bugon in estreesearch Hulk Robot reported a BUGON: ================================================================== kernel BUG at fs/ext4/extentsstatus.c:199! ... RIP: 0010:ext4esend fs/ext4/extentsstatus.c:199 inline...
CVE-2022-49450
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix listen setting the bar too high for the prealloc rings AFRXRPC's listen handler lets you set the backlog up to 32 if you bump up the sysctl, but whilst the preallocation circular buffers have 32 slots in them, one of...
CVE-2022-49085
In the Linux kernel, the following vulnerability has been resolved: drbd: Fix five use after free bugs in getinitialstate In getinitialstate, it calls notifyinitialstatedoneskb,.. if cb-args5==1. If genlmsgput failed in notifyinitialstatedone, the skb will be freed by nlmsgfreeskb. Then...
CVE-2022-49222
In the Linux kernel, the following vulnerability has been resolved: drm/bridge: anx7625: Fix overflow issue on reading EDID The length of EDID block can be longer than 256 bytes, so we should use int instead of u8 for the edidpos variable...
CVE-2022-49046
In the Linux kernel, the following vulnerability has been resolved: i2c: dev: check return value when calling devsetname If devsetname fails, the devname is null, check the return value of devsetname to avoid the null-ptr-deref...
CVE-2025-1075
Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions 2.3.0p27, 2.2.0p40, and 2.1.0p51 EOL causes LDAP credentials to be written to Apache error log file accessible to administrators...
CVE-2025-23840
creationtimestamp| type| source ---|---|--- 2025-02-17 11:43:17+00:00| seen| https://infosec.exchange/users/cve/statuses/114019047659122558 2025-02-17 12:15:44+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3liepxwhkxx2i 2025-02-17 14:02:22+00:00| seen|...