Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: can: xilinxcan: xcanwriteframe: fixed the issue of releasing the SKB after its use. canputechoskb takes ownership of the SKB, and it might be released during or after the call. However, xilinxcan xcanwriteframe continues to us...

EUVD-2025-30865

Malicious code in bioql PyPI...

can: xilinx_can: xcan_write_frame(): fix use-after-free of transmitted SKB

...

AZL-74930 CVE-2025-39873 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: can: xilinxcan: xcanwriteframe: fix use-after-free of transmitted SKB canputechoskb takes ownership of the SKB and it may be freed during or after the call. However, xilinxcan xcanwriteframe keeps using SKB after the call. Fix th...

CVE-2025-39873

In the Linux kernel, the following vulnerability has been resolved: can: xilinxcan: xcanwriteframe: fix use-after-free of transmitted SKB canputechoskb takes ownership of the SKB and it may be freed during or after the call. However, xilinxcan xcanwriteframe keeps using SKB after the call. Fix th...

AZL-67650 CVE-2025-39873 affecting package kernel for versions less than 6.6.112.1-1

In the Linux kernel, the following vulnerability has been resolved: can: xilinxcan: xcanwriteframe: fix use-after-free of transmitted SKB canputechoskb takes ownership of the SKB and it may be freed during or after the call. However, xilinxcan xcanwriteframe keeps using SKB after the call. Fix th...

CVE-2025-39873

CVE-2025-39873 (Linux kernel) : The vulnerability concerns the xilinx_can driver where xcan_write_frame() may use a previously freed skb. The root cause is that can_put_echo_skb() can take ownership of the SKB, which may be freed during or after the call, while xcan_write_frame() continues to tou...

PT-2025-39130

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the xilinx can module, specifically in the xcan write frame function, leading to a use-after-free condition involving transmitted SKB Socket Buffe...

CVE-2017-14795

The hevcwriteframe function in libbpg.c in libbpg 0.9.7 allows remote attackers to cause a denial of service out-of-bounds read and application crash or possibly have unspecified other impact via a crafted BPG file, related to improper interaction with hlspcmsample in hevc.c in libavcodec in FFmp...

CVE-2017-14796

The hevcwriteframe function in libbpg.c in libbpg 0.9.7 allows remote attackers to cause a denial of service integer underflow and application crash or possibly have unspecified other impact via a crafted BPG file, related to improper interaction with copyCTBtohv in hevcfilter.c in libavcodec in...

libbpg Denial of Service Vulnerability (CNVD-2017-34777)

libbpg is a new type of image format library. A security vulnerability exists in the 'hevcwriteframe' function of the libbpg.c file in libbpg version 0.9.7. A remote attacker can exploit this vulnerability to cause a denial of service out-of-bounds read and application crash with the help of a...

libbpg Denial of Service Vulnerability (CNVD-2017-34778)

libbpg is a new type of image format library. A security vulnerability exists in the 'hevcwriteframe' function of the libbpg.c file in libbpg version 0.9.7. A remote attacker can exploit this vulnerability to cause a denial of service integer overflow and application crash with the help of a...