21 matches found
GSD-2022-1007545 nilfs2: fix leak of nilfs_root in case of writer thread creation failure
nilfs2: fix leak of nilfsroot in case of writer thread creation failure This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.262 by commit...
GSD-2022-1007543 nilfs2: fix use-after-free bug of struct nilfs_root
nilfs2: fix use-after-free bug of struct nilfsroot This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.262 by commit...
GSD-2022-1007533 sh: machvec: Use char[] for section boundaries
sh: machvec: Use char for section boundaries This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.262 by commit...
GSD-2022-1007529 vhost/vsock: Use kvmalloc/kvfree for larger packets.
vhost/vsock: Use kvmalloc/kvfree for larger packets. This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.262 by commit...
GSD-2022-1007528 mISDN: fix use-after-free bugs in l1oip timer handlers
mISDN: fix use-after-free bugs in l1oip timer handlers This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.262 by commit...
GSD-2022-1007527 sctp: handle the error returned from sctp_auth_asoc_init_active_key
sctp: handle the error returned from sctpauthasocinitactivekey This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.262 by commit...
GSD-2022-1007510 usb: gadget: function: fix dangling pnp_string in f_printer.c
usb: gadget: function: fix dangling pnpstring in fprinter.c This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.262 by commit...
GSD-2022-1007504 powercap: intel_rapl: fix UBSAN shift-out-of-bounds issue
powercap: intelrapl: fix UBSAN shift-out-of-bounds issue This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.262 by commit...
GSD-2022-1007503 thermal: intel_powerclamp: Use get_cpu() instead of smp_processor_id() to avoid crash
thermal: intelpowerclamp: Use getcpu instead of smpprocessorid to avoid crash This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.262 by commi...
GSD-2022-1007502 tcp: annotate data-race around tcp_md5sig_pool_populated
tcp: annotate data-race around tcpmd5sigpoolpopulated This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.262 by commit...
GSD-2022-1007499 wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit()
wifi: brcmfmac: fix use-after-free bug in brcmfnetdevstartxmit This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.262 by commit...
GSD-2022-1007498 xfrm: Update ipcomp_scratches with NULL when freed
xfrm: Update ipcompscratches with NULL when freed This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.262 by commit...
GSD-2022-1007497 Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times
Bluetooth: hcisysfs: Fix attempting to call deviceadd multiple times This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.262 by commit...
GSD-2022-1007496 Bluetooth: L2CAP: initialize delayed works at l2cap_chan_create()
Bluetooth: L2CAP: initialize delayed works at l2capchancreate This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.262 by commit...
GSD-2022-1007494 net: If sock is dead don't access sock's sk_wq in sk_stream_wait_memory
net: If sock is dead don't access sock's skwq in skstreamwaitmemory This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.262 by commit...
GSD-2022-1007490 media: cx88: Fix a null-ptr-deref bug in buffer_prepare()
media: cx88: Fix a null-ptr-deref bug in bufferprepare This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.262 by commit...
GSD-2022-1007489 nbd: Fix hung when signal interrupts nbd_start_device_ioctl()
nbd: Fix hung when signal interrupts nbdstartdeviceioctl This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.262 by commit...
GSD-2022-1007486 ata: libahci_platform: Sanity check the DT child nodes number
ata: libahciplatform: Sanity check the DT child nodes number This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.262 by commit...
GSD-2022-1007485 usb: host: xhci: Fix potential memory leak in xhci_alloc_stream_info()
usb: host: xhci: Fix potential memory leak in xhciallocstreaminfo This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.262 by commit...
PT-2022-35760 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.19.262 Description: The issue concerns an integer overflow when loading firmware, specifically related to Cavium crypto. It was introduced in version v4.11 and fixed in version v4.19.262. The actual impact an...