21 matches found
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: video: fbdev: i740fb: Check the argument of i740calcvclk Since the user can control the arguments of the ioctl function from the user space, special arguments may lead to a divide-by-zero bug. If the user provides an improper...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993185)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993185 advisory. In the Linux kernel, the following vulnerability has been resolved: video: fbdev: s3fb: Check the size of screen before memsetio In the function s3fbsetpar, the valu...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992816)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992816 advisory. In the Linux kernel, the following vulnerability has been resolved: video: fbdev: arkfb: Fix a divide-by-zero bug in arksetpixclock Since the user can control the...
CVE-2023-54277 fbdev: udlfb: Fix endpoint check
In the Linux kernel, the following vulnerability has been resolved: fbdev: udlfb: Fix endpoint check The syzbot fuzzer detected a problem in the udlfb driver, caused by an endpoint not having the expected type: usb 1-1: Read EDID byte 0 failed: -71 usb 1-1: Unable to get valid EDID from...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992485)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992485 advisory. In the Linux kernel, the following vulnerability has been resolved: video: fbdev: amba-clcd: Fix refcount leak bugs In clcdfbofinitdisplay, we should call ofnodeput...
EUVD-2022-55365
Malicious code in bioql PyPI...
OESA-2025-1666 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: video: fbdev: amba-clcd: Fix refcount leak bugs In clcdfbofinitdisplay, we should call ofnodeput for the references returned by ofgraphgetnextendpoint and...
UBUNTU-CVE-2022-50010
In the Linux kernel, the following vulnerability has been resolved: video: fbdev: i740fb: Check the argument of i740calcvclk Since the user can control the arguments of the ioctl from the user space, under special arguments that may result in a divide-by-zero bug. If the user provides an improper...
CVE-2022-50109
The CVE-2022-50109 issue is a Linux kernel vulnerability in the video: fbdev: amba-clcd driver. The root cause is refcount leaks from references returned by of_graph_get_next_endpoint() and of_graph_get_remote_port_parent() in clcdfb_of_init_display(). Mitigation described in the referenced discl...
SUSE CVE-2022-49162
In the Linux kernel, the following vulnerability has been resolved: video: fbdev: sm712fb: Fix crash in smtcfbwrite When the sm712fb driver writes three bytes to the framebuffer, the driver will crash: BUG: unable to handle page fault for address: ffffc90001ffffff RIP: 0010:smtcfbwrite+0x454/0x5b...
SUSE CVE-2022-49421
In the Linux kernel, the following vulnerability has been resolved: video: fbdev: clcdfb: Fix refcount leak in clcdfbofvramsetup ofparsephandle returns a node pointer with refcount incremented, we should use ofnodeput on it when not need anymore. Add missing ofnodeput to avoid refcount leak...
UBUNTU-CVE-2021-47642
In the Linux kernel, the following vulnerability has been resolved: video: fbdev: nvidiafb: Use strscpy to prevent buffer overflow Coverity complains of a possible buffer overflow. However, given the 'static' scope of nvidiasetupi2cbus it looks like that can't happen after examiniing the call...
CVE-2021-47652
In the Linux kernel, the following vulnerability has been resolved: video: fbdev: smscufx: Fix null-ptr-deref in ufxusbprobe I got a null-ptr-deref report: BUG: kernel NULL pointer dereference, address: 0000000000000000 ... RIP: 0010:fbdestroymodelist+0x38/0x100 ... Call Trace:...
CentOS 7 : kernel (RHSA-2024:1249)
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1249 advisory. - There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2capcore.c's l2capconnect and l2capleconnectreq functions which may all...
Linux kernel fbcon.c file out-of-bounds read vulnerability
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. An out-of-bounds read vulnerability exists in versions of Linux kernel prior to 6.2.12, which stems from assigning only the first vc in setcon2fbmap in...
CVE-2023-38409
An issue was discovered in setcon2fbmap in drivers/video/fbdev/core/fbcon.c in the Linux kernel before 6.2.12. Because an assignment occurs only for the first vc, the fbconregisteredfb and fbcondisplay arrays can be desynchronized in fbconmodedeleted the con2fbmap points at the old fbinfo...
Ubuntu 20.04 LTS : Linux kernel (GKE) vulnerabilities (USN-5875-1)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5875-1 advisory. It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote...
Ubuntu 18.04 LTS : Linux kernel (Qualcomm Snapdragon) vulnerabilities (USN-5862-1)
The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5862-1 advisory. It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 V4L2 implementation in the Linux kernel. A local attacker...
CVE-2022-41849
A use-after-free flaw was found in the Linux kernel’s video fbdev driver. This flaw allows a local user with physical access to crash the system...
GSD-2022-1005559 video: fbdev: arkfb: Check the size of screen before memset_io()
video: fbdev: arkfb: Check the size of screen before memsetio This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.61 by commit...