16 matches found
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: media: venus: Added a check for the packet size after reading from shared memory. A check was added to ensure that the packet size does not exceed the number of available words after reading the packet header from shared memory...
media: venus: Add a check for packet size after reading from shared memory
...
media: venus: protect against spurious interrupts during probe
...
Linux Distros Unpatched Vulnerability : CVE-2025-39709
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: venus: protect against spurious interrupts during probe Make sure the interrupt handler is initialized before the interrupt is registered. If the IRQ is...
CVE-2025-39709
In the Linux kernel, the following vulnerability has been resolved: media: venus: protect against spurious interrupts during probe Make sure the interrupt handler is initialized before the interrupt is registered. If the IRQ is registered before hficreate, it's possible that an interrupt fires...
DEBIAN-CVE-2025-39709
In the Linux kernel, the following vulnerability has been resolved: media: venus: protect against spurious interrupts during probe Make sure the interrupt handler is initialized before the interrupt is registered. If the IRQ is registered before hficreate, it's possible that an interrupt fires...
CVE-2025-39710 media: venus: Add a check for packet size after reading from shared memory
In the Linux kernel, the following vulnerability has been resolved: media: venus: Add a check for packet size after reading from shared memory Add a check to ensure that the packet size does not exceed the number of available words after reading the packet header from shared memory. This ensures...
UBUNTU-CVE-2025-38679
In the Linux kernel, the following vulnerability has been resolved: media: venus: Fix OOB read due to missing payload bound check Currently, The eventseqchanged handler processes a variable number of properties sent by the firmware. The number of properties is indicated by the firmware and used t...
CLSA-2024-1727817758 Fix of 74 CVEs
CVE-url: https://ubuntu.com/security/CVE-2024-26752 - l2tp: pass correct message length to ip6appenddata CVE-url: https://ubuntu.com/security/CVE-2021-47188 - scsi: ufs: core: Improve SCSI abort handling CVE-url: https://ubuntu.com/security/CVE-2024-26677 - rxrpc: Fix delayed ACKs to not set the...
CLSA-2024-1727817133 Fix of 74 CVEs
CVE-url: https://ubuntu.com/security/CVE-2024-26752 - l2tp: pass correct message length to ip6appenddata CVE-url: https://ubuntu.com/security/CVE-2021-47188 - scsi: ufs: core: Improve SCSI abort handling CVE-url: https://ubuntu.com/security/CVE-2024-26677 - rxrpc: Fix delayed ACKs to not set the...
CVE-2024-42313
In the Linux kernel, the following vulnerability has been resolved: media: venus: fix use after free in vdecclose There appears to be a possible use after free with vdecclose. The firmware will add buffer release work to the work queue through HFI callbacks as a normal part of decoding. Randomly...
CVE-2024-42313 media: venus: fix use after free in vdec_close
In the Linux kernel, the following vulnerability has been resolved: media: venus: fix use after free in vdecclose There appears to be a possible use after free with vdecclose. The firmware will add buffer release work to the work queue through HFI callbacks as a normal part of decoding. Randomly...
CVE-2021-47043
In the Linux kernel, the following vulnerability has been resolved: media: venus: core: Fix some resource leaks in the error path of 'venusprobe' If an error occurs after a successful 'oficcget' call, it must be undone. Use 'devmoficcget' instead of 'oficcget' to avoid the leak. Update the remove...
DEBIAN-CVE-2021-47043
In the Linux kernel, the following vulnerability has been resolved: media: venus: core: Fix some resource leaks in the error path of 'venusprobe' If an error occurs after a successful 'oficcget' call, it must be undone. Use 'devmoficcget' instead of 'oficcget' to avoid the leak. Update the remove...
Spoofing
In the Linux kernel, the following vulnerability has been resolved: media: venus: core: Fix some resource leaks in the error path of 'venusprobe' If an error occurs after a successful 'oficcget' call, it must be undone. Use 'devmoficcget' instead of 'oficcget' to avoid the leak. Update the remove...
GSD-2022-1002828 media: venus: hfi: avoid null dereference in deinit
media: venus: hfi: avoid null dereference in deinit This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.3 by commit...