68528 matches found
CVE-2023-53368
In the Linux kernel, the following vulnerability has been resolved: tracing: Fix race issue between cpu buffer write and swap Warning happened in rbendcommit at code: if RBWARNONcpubuffer, !localread&cpubuffer-committing WARNING: CPU: 0 PID: 139 at kernel/trace/ringbuffer.c:3142...
CVE-2023-53361
In the Linux kernel, the following vulnerability has been resolved: LoongArch: mm: Add p?dleaf definitions When I do LTP test, LTP test case ksm06 caused panic at breakksmpmdentry - pmdleaf Huge page table but False - ptepresent panic The reason is pmdleaf is not defined, So like commit...
CVE-2022-50371
In the Linux kernel, the following vulnerability has been resolved: led: qcom-lpg: Fix sleeping in atomic lpgbrighnessset function can sleep, while led's brightnessset callback must be non-blocking. Change LPG driver to use brightnesssetblocking instead. BUG: sleeping function called from invalid...
CVE-2022-50360
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: fix aux-bus EP lifetime Device-managed resources allocated post component bind must be tied to the lifetime of the aggregate DRM device or they will not necessarily be released when binding of the aggregate device is...
CVE-2023-53347
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Handle pairing of E-switch via uplink un/load APIs In case user switch a device from switchdev mode to legacy mode, mlx5 first unpair the E-switch and afterwards unload the uplink vport. From the other hand, in case use...
CVE-2023-53348
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock when aborting transaction during relocation with scrub Before relocating a block group we pause scrub, then do the relocation and then unpause scrub. The relocation process requires starting and committing a...
CVE-2023-53338
In the Linux kernel, the following vulnerability has been resolved: lwt: Fix return values of BPF xmit ops BPF encap ops can return different types of positive values, such like NETRXDROP, NETXMITCN, NETDEVTXBUSY, and so on, from function skbdoredirect and bpflwtxmitreroute. At the xmit hook, suc...
CVE-2022-50368
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dsi: fix memory corruption with too many bridges Add the missing sanity check on the bridge counter to avoid corrupting data beyond the fixed-sized bridge array in case there are ever more than eight bridges. Patchwork:...
CVE-2022-50353
In the Linux kernel, the following vulnerability has been resolved: mmc: wmt-sdmmc: fix return value check of mmcaddhost mmcaddhost may return error, if we ignore its return value, the memory that allocated in mmcallochost will be leaked and it will lead a kernel crash because of deleting not add...
CVE-2023-53365
In the Linux kernel, the following vulnerability has been resolved: ip6mr: Fix skbunderpanic in ip6mrcachereport skbuff: skbunderpanic: text:ffffffff88771f69 len:56 put:-4 head:ffff88805f86a800 data:ffff887f5f86a850 tail:0x88 end:0x2c0 dev:pim6reg ------------ cut here ------------ kernel BUG at...
CVE-2023-53359
In the Linux kernel, the following vulnerability has been resolved: USB: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove instead which...
CVE-2023-53336
In the Linux kernel, the following vulnerability has been resolved: media: ipu-bridge: Fix null pointer deref on SSDB/PLD parsing warnings When ipubridgeparserotation and ipubridgeparseorientation run sensor-adev is not set yet. So if either of the devwarn calls about unknown values are hit this...
CVE-2025-59518
In LemonLDAP::NG before 2.16.7 and 2.17 through 2.21 before 2.21.3, OS command injection can occur in the Safe jail. It does not Localize during rule evaluation. Thus, an administrator who can edit a rule evaluated by the Safe jail can execute commands on the server...
CVE-2022-50343
In the Linux kernel, the following vulnerability has been resolved: rapidio: fix possible name leaks when rioadddevice fails Patch series "rapidio: fix three possible memory leaks". This patchset fixes three name leaks in error handling. - patch 1 fixes two name leaks while rioadddevice fails. -...
CVE-2023-53304
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetrbtree: fix overlap expiration walk The lazy gc on insert that should remove timed-out entries fails to release the other half of the interval, if any. Can be reproduced with...
CVE-2022-50341
In the Linux kernel, the following vulnerability has been resolved: cifs: fix oops during encryption When running xfstests against Azure the following oops occurred on an arm64 system Unable to handle kernel write to read-only memory at virtual address ffff0001221cf000 Mem abort info: ESR =...
CVE-2022-50348
In the Linux kernel, the following vulnerability has been resolved: nfsd: Fix a memory leak in an error handling path If this memdupuser call fails, the memory allocated in a previous call a few lines above should be freed. Otherwise it leaks...
CVE-2022-50346
In the Linux kernel, the following vulnerability has been resolved: ext4: init quota for 'old.inode' in 'ext4rename' Syzbot found the following issue: ext4parseparam: swantextraisize=128 ext4inodeinfoinit: swantextraisize=32 ext4rename: old.inode=ffff88823869a2c8 old.dir=ffff888238699828...
CVE-2022-50347
In the Linux kernel, the following vulnerability has been resolved: mmc: rtsxusbsdmmc: fix return value check of mmcaddhost mmcaddhost may return error, if we ignore its return value, the memory that allocated in mmcallochost will be leaked and it will lead a kernel crash because of deleting not...
CVE-2022-50349
In the Linux kernel, the following vulnerability has been resolved: misc: tifm: fix possible memory leak in tifm7xx1switchmedia If deviceregister returns error in tifm7xx1switchmedia, name of kobject which is allocated in devsetname called in deviceadd is leaked. Never directly free @dev after...
CVE-2023-53305
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix use-after-free Fix potential use-after-free in l2caplecommandrej...
CVE-2023-53330
In the Linux kernel, the following vulnerability has been resolved: caif: fix memory leak in cfctrllinkuprequest When linktype is unknown or kzalloc failed in cfctrllinkuprequest, pkt is not released. Add release process to error path...
CVE-2023-53309
In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Fix integer overflow in radeoncsparserinit The type of size is unsigned, if size is 0x40000000, there will be an integer overflow, size will be zero after size = sizeofuint32t, will cause uninitialized memory to be...
CVE-2023-53329
In the Linux kernel, the following vulnerability has been resolved: workqueue: fix data race with the pwq-stats increment KCSAN has discovered a data race in kernel/workqueue.c:2598: 1863.554079 ================================================================== 1863.554118 BUG: KCSAN: data-race i...
CVE-2022-50351
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix xid leak in cifscreate If the cifs already shutdown, we should free the xid before return, otherwise, the xid will be leaked...
CVE-2022-50352
In the Linux kernel, the following vulnerability has been resolved: net: hns: fix possible memory leak in hnaeaeregister Inject fault while probing module, if deviceregister fails, but the refcount of kobject is not decreased to 0, the name allocated in devsetname is leaked. Fix this by calling...
CVE-2023-53314
In the Linux kernel, the following vulnerability has been resolved: fbdev/ep93xx-fb: Do not assign to struct fbinfo.dev Do not assing the Linux device to struct fbinfo.dev. The call to registerframebuffer initializes the field to the fbdev device. Drivers should not override its value. Fixes a bu...
CVE-2023-53334
In the Linux kernel, the following vulnerability has been resolved: USB: chipidea: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove instead...
CVE-2023-53313
In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix wrong setting of maxcorrreaderrors There is no input check when echo md/maxreaderrors and overflow might occur. Add check of input number...
CVE-2023-53316
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: Free resources after unregistering them The DP component's unbind operation walks through the submodules to unregister and clean things up. But if the unbind happens because the DP controller itself is being removed,...
CVE-2023-53319
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Handle kvmarminit failure correctly in finalizepkvm Currently there is no synchronisation between finalizepkvm and kvmarminit initcalls. The finalizepkvm proceeds happily even if kvmarminit fails resulting in the...
CVE-2022-50339
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: avoid hcidevtestandsetflag in mgmtinithdev syzbot is again reporting attempt to cancel uninitialized work at mgmtindexremoved 1, for setting of HCIMGMT flag from mgmtinithdev from hcimgmtcmd from hcisocksendmsg can rac...
CVE-2023-53320
In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix issues in mpi3mrgetalltgtinfo The function mpi3mrgetalltgtinfo has four issues: 1 It calculates valid entry length in alltgtinfo assuming the header part of the struct mpi3mrdevicemapinfo would equal to sizeofu3...
CVE-2023-53317
In the Linux kernel, the following vulnerability has been resolved: ext4: fix WARNING in mbfindextent Syzbot found the following issue: EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioreadnolock, ODIRECT and fastcommit support! EXT4-fs loop0: orphan cleanup on readonl...
CVE-2023-53315
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: Fix SKB corruption in REO destination ring While running traffics for a long time, randomly an RX descriptor filled with value "0" from REO destination ring is received. This descriptor which is invalid causes the...
CVE-2022-50340
In the Linux kernel, the following vulnerability has been resolved: media: vimc: Fix wrong function called when vimcinit fails In vimcinit, when platformdriverregister&vimcpdrv fails, platformdriverunregister&vimcpdrv is wrongly called rather than platformdeviceunregister&vimcpdev, which causes...
CVE-2022-50350
In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix a race condition between loginwork and the login thread In case a malicious initiator sends some random data immediately after a login PDU; the iscsitargetskdataready callback will schedule the loginwork...
CVE-2022-50345
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2025-10492
A Java deserialisation vulnerability has been discovered in Jaspersoft Library. Improper handling of externally supplied data may allow attackers to execute arbitrary code remotely on systems that use the affected library...
CVE-2023-53312
In the Linux kernel, the following vulnerability has been resolved: net: fix netdevstartxmit trace event vs skbtransportoffset After blamed commit, we must be more careful about using skbtransportoffset, as reminded us by syzbot: WARNING: CPU: 0 PID: 10 at include/linux/skbuff.h:2868...
CVE-2023-53327
In the Linux kernel, the following vulnerability has been resolved: iommufd/selftest: Catch overflow of uptr and length syzkaller hits a WARNON when trying to have a uptr close to UINTPTRMAX: WARNING: CPU: 1 PID: 393 at drivers/iommu/iommufd/selftest.c:403 iommufdtest+0xb19/0x16f0 Modules linked...
CVE-2023-53311
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix use-after-free of nilfsroot in dirtying inodes via iput During unmount process of nilfs2, nothing holds nilfsroot structure after nilfs2 detaches its writer in nilfsdetachlogwriter. Previously, nilfsevictinode could...
CVE-2022-50342
In the Linux kernel, the following vulnerability has been resolved: floppy: Fix memory leak in dofloppyinit A memory leak was reported when floppyallocdisk failed in dofloppyinit. unreferenced object 0xffff888115ed25a0 size 8: comm "modprobe", pid 727, jiffies 4295051278 age 25.529s hex dump firs...
CVE-2025-59160
Matrix JavaScript SDK is a Matrix Client-Server SDK for JavaScript and TypeScript. matrix-js-sdk before 38.2.0 has insufficient validation of room predecessor links in MatrixClient::getJoinedRooms, allowing a remote attacker to attempt to replace a tombstoned room with an unrelated...
CVE-2023-53310
In the Linux kernel, the following vulnerability has been resolved: power: supply: axp288fuelgauge: Fix externalpowerchanged race fuelgaugeexternalpowerchanged dereferences info-bat, which gets sets in axp288fuelgaugeprobe like this: info-bat = devmpowersupplyregisterdev, &fuelgaugedesc, &psycfg;...
CVE-2023-53307
In the Linux kernel, the following vulnerability has been resolved: rbd: avoid use-after-free in dorbdadd when rbddevcreate fails If getting an ID or setting up a work queue in rbddevcreate fails, use-after-free on rbddev-rbdclient, rbddev-spec and rbddev-opts is triggered in dorbdadd. The root...
CVE-2023-53324
In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp5: Don't leak some plane state Apparently no one noticed that mdp5 plane states leak like a sieve ever since we introduced planestate-commit refcount a few years ago in 21a01abbe32a "drm/atomic: Fix freeing...
CVE-2023-53323
In the Linux kernel, the following vulnerability has been resolved: ext2/dax: Fix ext2setsize when len is page aligned PAGEALIGNx macro gives the next highest value which is multiple of pagesize. But if x is already page aligned then it simply returns x. So, if x passed is 0 in daxzerorange...
CVE-2023-53328
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Enhance sanity check while generating attrlist nicreateattrlist uses WARNON to catch error cases while generating attribute list, which only prints out stack trace and may not be enough. This repalces them with more...
CVE-2023-53331
In the Linux kernel, the following vulnerability has been resolved: pstore/ram: Check start of empty przs during init After commit 30696378f68a "pstore/ram: Do not treat empty buffers as valid", initialization would assume a prz was valid after seeing that the buffersize is zero regardless of the...