22107 matches found
Bluetooth: SCO: Fix UAF on sco_sock_timeout
...
vt: prevent kernel-infoleak in con_font_get()
...
LoongArch: Enable IRQ if do_ale() triggered in irq-enabled context
...
ublk: don't allow user copy for unprivileged device
...
tty: n_gsm: Fix use-after-free in gsm_cleanup_mux
...
Bluetooth: Call iso_exit() on module unload
...
Azure AI Face Service Elevation of Privilege Vulnerability
Authentication bypass by spoofing in Azure AI Face Service allows an authorized attacker to elevate privileges over a network...
LoongArch: Don't crash in stack_top() for tasks without vDSO
...
x86/bugs: Use code segment selector for VERW operand
...
pinctrl: stm32: check devm_kasprintf() returned value
...
xhci: tegra: fix checked USB2 port number
...
Bluetooth: ISO: Fix multiple init when debugfs is disabled
...
pinctrl: apple: check devm_kasprintf() returned value
...
Microsoft Account Elevation of Privilege Vulnerability
Missing authorization in Microsoft Account allows an unauthorized attacker to elevate privileges over a network...
USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command
...
mm/mremap: fix move_normal_pmd/retract_page_tables race
...
Apache Xerces C++: Use-after-free on external DTD scan
...
drm/amd/display: Fix null check for pipe_ctx->plane_state in hwss_setup_dpp
...
Bluetooth: MGMT: Fix possible deadlocks
...
NFSv4.0: Fix a use-after-free problem in the asynchronous open()
...
ksmbd: Fix the missing xa_store error check
...
mlxsw: spectrum_ipip: Fix memory leak when changing remote IPv6 address
...
udf: refactor inode_bmap() to handle error
...
bpf: Fix overloading of MEM_UNINIT's meaning
...
smb: client: fix possible double free in smb2_set_ea()
...
Bluetooth: hci: fix null-ptr-deref in hci_read_supported_codecs
...
ntfs3: Add bounds checking to mi_enum_attr()
...
ksmbd: check outstanding simultaneous SMB operations
...
signal: restore the override_rlimit logic
...
fsl/fman: Fix refcount handling of fman-related devices
...
net/mlx5: Fix command bitmask initialization
...
macsec: Fix use-after-free while sending the offloading packet
...
arm64/sve: Discard stale CPU state when handling SVE traps
...
ACPI: CPPC: Make rmw_lock a raw_spin_lock
...
phy: qcom: qmp-usb: fix NULL-deref on runtime suspend
...
iio: gts-helper: Fix memory leaks in iio_gts_build_avail_scale_table()
...
iov_iter: fix copy_page_from_iter_atomic() if KMAP_LOCAL_FORCE_MAP
...
RDMA/bnxt_re: Fix a possible memory leak
...
net: bcmasp: fix potential memory leak in bcmasp_xmit()
...
octeon_ep: Add SKB allocation failures handling in __octep_oq_process_rx()
...
firmware: arm_scmi: Fix the double free in scmi_debugfs_common_setup()
...
netdevsim: use cond_resched() in nsim_dev_trap_report_work()
...
spi: spi-fsl-dspi: Fix crash when not using GPIO chip select
...
nvmet-auth: assign dh_key to NULL after kfree_sensitive
...
nvme-pci: fix race condition between reset and nvme_dev_disable()
...
net: microchip: vcap api: Fix memory leaks in vcap_api_encode_rule_test()
...
btrfs: fix uninitialized pointer free in add_inode_ref()
...
btrfs: fix uninitialized pointer free on read_alloc_one_name() error
...
phy: qcom: qmp-usb-legacy: fix NULL-deref on runtime suspend
...
hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer
...