21 matches found
CVE-2022-45440
A vulnerability exists in the FTP server of the Zyxel AX7501-B0 firmware prior to V5.17ABPC.3C0, which processes symbolic links on external storage media. A local authenticated attacker with administrator privileges could abuse this vulnerability to access the root file system by creating a...
GSD-2023-1002333 riscv: stacktrace: Fix missing the first frame
riscv: stacktrace: Fix missing the first frame This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.12 by commit...
GSD-2023-1001992 net/mlx5e: IPoIB, Block PKEY interfaces with less rx queues than parent
net/mlx5e: IPoIB, Block PKEY interfaces with less rx queues than parent This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.7 by commit...
GSD-2023-1001966 btrfs: fix race between quota rescan and disable leading to NULL pointer deref
btrfs: fix race between quota rescan and disable leading to NULL pointer deref This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.8 by commit...
GSD-2023-1001698 net/mlx5e: IPoIB, Block PKEY interfaces with less rx queues than parent
net/mlx5e: IPoIB, Block PKEY interfaces with less rx queues than parent This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.7 by commit...
GSD-2023-1000804 wifi: ath11k: fix firmware assert during bandwidth change for peer sta
wifi: ath11k: fix firmware assert during bandwidth change for peer sta This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...
GSD-2023-1000073 ASoC: ops: Fix bounds check for _sx controls
ASoC: ops: Fix bounds check for sx controls This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.12 by commit...
Design/Logic Flaw
A vulnerability exists in the FTP server of the Zyxel AX7501-B0 firmware prior to V5.17ABPC.3C0, which processes symbolic links on external storage media. A local authenticated attacker with administrator privileges could abuse this vulnerability to access the root file system by creating a...
GSD-2022-1007730 net: dsa: don't leak tagger-owned storage on switch driver unbind
net: dsa: don't leak tagger-owned storage on switch driver unbind This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.10 by commit...
GSD-2022-1006643 drm/msm/dp: add atomic_check to bridge ops
drm/msm/dp: add atomiccheck to bridge ops This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.7 by commit...
GSD-2022-1005303 drm/meson: encoder_hdmi: Fix refcount leak in meson_encoder_hdmi_init
drm/meson: encoderhdmi: Fix refcount leak in mesonencoderhdmiinit This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.2 by commit...
GSD-2022-1005126 ASoC: DPCM: Don't pick up BE without substream
ASoC: DPCM: Don't pick up BE without substream This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.4 by commit...
GSD-2022-1004232 mptcp: fix race on unaccepted mptcp sockets
mptcp: fix race on unaccepted mptcp sockets This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.10 by commit...
GSD-2022-1003006 md: Don't set mddev private to NULL in raid0 pers->free
md: Don't set mddev private to NULL in raid0 pers-free This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.14 by commit...
GSD-2022-1002681 iwlwifi: mei: fix potential NULL-ptr deref
iwlwifi: mei: fix potential NULL-ptr deref This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.3 by commit...
GSD-2022-1002643 watchdog: rzg2l_wdt: Fix 32bit overflow issue
watchdog: rzg2lwdt: Fix 32bit overflow issue This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.4 by commit...
GSD-2022-1001251 ASoC: mediatek: mt8195: Fix error handling in mt8195_mt6359_rt1019_rt5682_dev_probe
ASoC: mediatek: mt8195: Fix error handling in mt8195mt6359rt1019rt5682devprobe This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.2 by commit...
GSD-2022-1001249 ath11k: free peer for station when disconnect from AP for QCA6390/WCN6855
ath11k: free peer for station when disconnect from AP for QCA6390/WCN6855 This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.2 by commit...
GSD-2022-1001238 rtw88: fix memory overrun and memory leak during hw_scan
rtw88: fix memory overrun and memory leak during hwscan This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.2 by commit...
GSD-2022-1001112 XArray: Fix xas_create_range() when multi-order entry present
XArray: Fix xascreaterange when multi-order entry present This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.2 by commit...