18 matches found
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: Media: Tuner: xc5000: Fixed a use-after-free in xc5000release. The original code used canceldelayedwork in xc5000release, which does not guarantee that the delayed work item, timersleep, has fully completed if it was already...
Linux Distros Unpatched Vulnerability : CVE-2025-39994
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: tuner: xc5000: Fix use-after-free in xc5000release The original code uses canceldelayedwork in xc5000release, which does not guarantee that the delayed...
SUSE CVE-2025-39994
In the Linux kernel, the following vulnerability has been resolved: media: tuner: xc5000: Fix use-after-free in xc5000release The original code uses canceldelayedwork in xc5000release, which does not guarantee that the delayed work item timersleep has fully completed if it was already running. Th...
media: tuner: xc5000: Fix use-after-free in xc5000_release
...
EUVD-2025-34579
In the Linux kernel, the following vulnerability has been resolved: media: tuner: xc5000: Fix use-after-free in xc5000release The original code uses canceldelayedwork in xc5000release, which does not guarantee that the delayed work item timersleep has fully completed if it was already running. Th...
CVE-2025-39994
In the Linux kernel, the following vulnerability has been resolved: media: tuner: xc5000: Fix use-after-free in xc5000release The original code uses canceldelayedwork in xc5000release, which does not guarantee that the delayed work item timersleep has fully completed if it was already running. Th...
AZL-68510 CVE-2025-39994 affecting package kernel for versions less than 6.6.112.1-1
In the Linux kernel, the following vulnerability has been resolved: media: tuner: xc5000: Fix use-after-free in xc5000release The original code uses canceldelayedwork in xc5000release, which does not guarantee that the delayed work item timersleep has fully completed if it was already running. Th...
UBUNTU-CVE-2025-39994
In the Linux kernel, the following vulnerability has been resolved: media: tuner: xc5000: Fix use-after-free in xc5000release The original code uses canceldelayedwork in xc5000release, which does not guarantee that the delayed work item timersleep has fully completed if it was already running. Th...
CVE-2025-39994 media: tuner: xc5000: Fix use-after-free in xc5000_release
In the Linux kernel, the following vulnerability has been resolved: media: tuner: xc5000: Fix use-after-free in xc5000release The original code uses canceldelayedwork in xc5000release, which does not guarantee that the delayed work item timersleep has fully completed if it was already running. Th...
CVE-2025-39994
The CVE-2025-39994 issue is in the Linux kernel’s media tuner xc5000: the code path xc5000_release() used cancel_delayed_work(), risking use-after-free of xc5000_priv if timer_sleep is still active. The fix replaces cancel_delayed_work() with cancel_delayed_work_sync() to ensure the delayed work ...
CVE-2025-39994 media: tuner: xc5000: Fix use-after-free in xc5000_release
In the Linux kernel, the following vulnerability has been resolved: media: tuner: xc5000: Fix use-after-free in xc5000release The original code uses canceldelayedwork in xc5000release, which does not guarantee that the delayed work item timersleep has fully completed if it was already running. Th...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from improper use of canceldelayedwork in xc5000release, which could lead to reuse after release...
PT-2025-42268
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a use-after-free issue within the xc5000 driver related to timer management. The xc5000 release function originally used cancel delayed work, which does not...
Appear TV XC5000 and XC5100 Arbitrary File Read (CVE-2018-7539)
A vulnerability exists in Appeartv xc5000 firmware 3.26.217. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
AppearTV XC5000 and XC5100 File Read Vulnerability
The AppearTV XC5000 and XC5100 are both versatile, carrier-grade broadcast devices from AppearTV Norway. A security vulnerability exists in the AppearTV XC5000 and XC5100 using firmware version 3.26.217. An attacker could send a specially crafted HTTP request to a web server running Maintenance...
Design/Logic Flaw
On Appear TV XC5000 and XC5100 devices with firmware 3.26.217, it is possible to read OS files with a specially crafted HTTP request such as GET /../../../../../../../../../../../../etc/passwd to the web server fuzzd/0.1.1 running the Maintenance Center on port TCP/8088. This can lead to full...
CVE-2018-7539
On Appear TV XC5000 and XC5100 devices with firmware 3.26.217, it is possible to read OS files with a specially crafted HTTP request such as GET /../../../../../../../../../../../../etc/passwd to the web server fuzzd/0.1.1 running the Maintenance Center on port TCP/8088. This can lead to full...
CVE-2018-7539
On Appear TV XC5000 and XC5100 devices with firmware 3.26.217, it is possible to read OS files with a specially crafted HTTP request such as GET /../../../../../../../../../../../../etc/passwd to the web server fuzzd/0.1.1 running the Maintenance Center on port TCP/8088. This can lead to full...