21761 matches found
parisc: Revise __get_user() to probe user read access
...
drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session()
...
ppp: fix race conditions in ppp_fill_forward_path
...
parisc: Revise gateway LWS calls to probe user read access
...
tls: fix handling of zero-length records on the rx_list
...
ACPI: pfr_update: Fix the driver update version check
...
net/smc: fix UAF on smcsk after smc_listen_out()
...
drm/amdkfd: Destroy KFD debugfs after destroy KFD wq
...
drm/amd/display: Avoid a NULL pointer dereference
...
iio: light: as73211: Ensure buffer holes are zeroed
...
ksmbd: fix refcount leak causing resource not released
...
ftrace: Also allocate and copy hash for reading of filter files
...
serial: 8250: fix panic due to PSLVERR
...
smb: server: split ksmbd_rdma_stop_listening() out of ksmbd_rdma_destroy()
...
comedi: Fix use of uninitialized memory in do_insn_ioctl() and do_insnlist_ioctl()
...
vsock/virtio: Validate length in packet header before skb_put()
...
media: venus: Add a check for packet size after reading from shared memory
...
ipv6: sr: Fix MAC comparison to be constant-time
...
comedi: Make insn_rw_emulate_bits() do insn->n samples
...
comedi: pcl726: Prevent invalid irq number
...
s390/ism: fix concurrency management in ism_cmd()
...
media: venus: protect against spurious interrupts during probe
...
NFS: Fix a race when updating an existing write
...
net, hsr: reject HSR frame if skb can't hold tag
...
Libsoup: improper handling of http vary header in libsoup caching
...
Podman: podman kube play command may overwrite host files
...
cJSON 1.5.0 through 1.7.18 allows out-of-bounds access via the decode_array_index_from_pointer function in cJSON_Utils.c, allowing remote attackers to bypass array bounds checking and access restricted data via malformed JSON pointer strings containing alphanumeric characters.
...
media: rainshadow-cec: fix TOCTOU race condition in rain_interrupt()
...
drm/amdgpu: check if hubbub is NULL in debugfs/amdgpu_dm_capabilities
...
net/sched: Fix backlog accounting in qdisc_dequeue_internal
...
drm/amd/display: fix a Null pointer dereference vulnerability
...
s390/sclp: Fix SCCB present check
...
crypto: qat - flush misc workqueue during device shutdown
...
media: ivsc: Fix crash at shutdown due to missing mei_cldev_disable() calls
...
gve: prevent ethtool ops after shutdown
...
scsi: libiscsi: Initialize iscsi_conn->dd_data only if memory is allocated
...
ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr
...
ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime()
...
net: usb: asix_devices: add phy_mask for ax88772 mdio bus
...
smb3: fix for slab out of bounds on mount to ksmbd
...
smb/server: avoid deadlock when linking with ReplaceIfExists
...
netfilter: ctnetlink: fix refcount leak on table dump
...
hfsplus: don't use BUG_ON() in hfsplus_create_attributes_file()
...
media: venus: Fix OOB read due to missing payload bound check
...
comedi: fix race between polling and detaching
...
fbdev: fix potential buffer overflow in do_register_framebuffer()
...
nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm()
...
scsi: bfa: Double-free fix
...
fs/ntfs3: Add sanity check for file name
...
hfs: fix general protection fault in hfs_find_init()
...