30 matches found
CVE-2025-21814
In the Linux kernel, the following vulnerability has been resolved: ptp: Ensure info-enable callback is always set The ioctl and sysfs handlers unconditionally call the -enable callback. Not all drivers implement that callback, leading to NULL dereferences. Example of affected drivers: ptps390.c,...
CVE-2025-21751
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: HWS, change error flow on matcher disconnect Currently, when firmware failure occurs during matcher disconnect flow, the error flow of the function reconnects the matcher back and returns an error, which continues runni...
CVE-2025-21736
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix possible int overflows in nilfsfiemap Since nilfsbmaplookupcontig in nilfsfiemap calculates its result by being prepared to go through potentially maxblocks == INTMAX blocks, the value in n may experience an overflow...
CVE-2024-57990
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7925: fix off by one in mt7925loadclc This comparison should be = instead of to prevent an out of bounds read and write...
CVE-2025-21715
In the Linux kernel, the following vulnerability has been resolved: net: davicom: fix UAF in dm9000drvremove dm is netdev private data and it cannot be used after freenetdev call. Using dm after freenetdev can cause UAF bug. Fix it by moving freenetdev at the end of the function. This is similar ...
CVE-2025-21727
In the Linux kernel, the following vulnerability has been resolved: padata: fix UAF in padatareorder A bug was found when run ltp test: BUG: KASAN: slab-use-after-free in padatafindnext+0x29/0x1a0 Read of size 4 at addr ffff88bbfe003524 by task kworker/u113:2/3039206 CPU: 0 PID: 3039206 Comm:...
CVE-2022-49570
In the Linux kernel, the following vulnerability has been resolved: gpio: gpio-xilinx: Fix integer overflow Current implementation is not able to configure more than 32 pins due to incorrect data type. So type casting with unsigned long to avoid it...
CVE-2022-49712
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: lpc32xxudc: Fix refcount leak in lpc32xxudcprobe ofparsephandle returns a node pointer with refcount incremented, we should use ofnodeput on it when not need anymore. Add missing ofnodeput to avoid refcount leak...
CVE-2022-49571
In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctltcpmaxreordering. While reading sysctltcpmaxreordering, it can be changed concurrently. Thus, we need to add READONCE to its readers...
CVE-2022-49729
In the Linux kernel, the following vulnerability has been resolved: nfc: nfcmrvl: Fix memory leak in nfcmrvlplaydeferred Similar to the handling of playdeferred in commit 19cfe912c37b "Bluetooth: btusb: Fix memory leak in playdeferred", we thought a patch might be needed here as well. Currently...
CVE-2022-49731
In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: fix NULL pointer deref in atahostallocpinfo In an unlikely and probably wrong? case that the 'ppi' parameter of atahostallocpinfo points to an array starting with a NULL pointer, there's going to be a kernel oop...
CVE-2022-49260
In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/sec - fix the aead software fallback for engine Due to the subreq pointer misuse the private context memory. The aead soft crypto occasionally casues the OS panic as setting the 64K page. Here is fix it...
CVE-2022-49611
In the Linux kernel, the following vulnerability has been resolved: x86/speculation: Fill RSB on vmexit for IBRS Prevent RSB underflow/poisoning attacks with RSB. While at it, add a bunch of comments to attempt to document the current state of tribal knowledge about RSB attacks and what exactly i...
CVE-2022-49430
In the Linux kernel, the following vulnerability has been resolved: Input: gpio-keys - cancel delayed work only in case of GPIO gpiokeys module can either accept gpios or interrupts. The module initializes delayed work in case of gpios only and is only used if debounce timer is not used, so make...
CVE-2022-49358
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: memleak flow rule from commit path Abort path release flow rule object, however, commit path does not. Update code to destroy these objects before releasing the transaction...
CVE-2022-49359
In the Linux kernel, the following vulnerability has been resolved: drm/panfrost: Job should reference MMU not filepriv For a while now it's been allowed for a MMU context to outlive it's corresponding panfrostpriv, however the job structure still references panfrostpriv to get hold of the MMU...
CVE-2022-49504
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Inhibit aborts if external loopback plug is inserted After running a short external loopback test, when the external loopback is removed and a normal cable inserted that is directly connected to a target device, the...
CVE-2022-49271
In the Linux kernel, the following vulnerability has been resolved: cifs: prevent bad output lengths in smb2ioctlqueryinfo When calling smb2ioctlqueryinfo with smbqueryinfo::flags=PASSTHRUFSCTL and smbqueryinfo::outputbufferlength=0, the following would return 0x10 buffer = memdupuserarg +...
CVE-2022-49607
In the Linux kernel, the following vulnerability has been resolved: perf/core: Fix data race between perfeventsetoutput and perfmmapclose Yang Jihing reported a race between perfeventsetoutput and perfmmapclose: CPU1 CPU2 perfmmapclosee2 if atomicdecandtest&e2-rb-mmapcount // 1 - 0 detachrest =...
CVE-2022-49346
In the Linux kernel, the following vulnerability has been resolved: net: dsa: lantiqgswip: Fix refcount leak in gswipgphyfwlist Every iteration of foreachavailablechildofnode decrements the reference count of the previous node. when breaking early from a foreachavailablechildofnode loop, we need ...