68528 matches found
CVE-2025-10535
Information disclosure, mitigation bypass in the Privacy component in Firefox for Android. This vulnerability was fixed in Firefox 143...
CVE-2025-10530
Spoofing issue in the WebAuthn component in Firefox for Android. This vulnerability was fixed in Firefox 143 and Thunderbird 143...
CVE-2025-39816
In the Linux kernel, the following vulnerability has been resolved: iouring/kbuf: always use READONCE to read ring provided buffer lengths Since the buffers are mapped from userspace, it is prudent to use READONCE to read the value into a local variable, and use that for any other actions taken...
CVE-2025-39808
In the Linux kernel, the following vulnerability has been resolved: HID: hid-ntrig: fix unable to handle page fault in ntrigreportversion in ntrigreportversion, hdev parameter passed from hidprobe. sending descriptor to /dev/uhid can make hdev-dev.parent-parent to null if hdev-dev.parent-parent i...
CVE-2025-39812
In the Linux kernel, the following vulnerability has been resolved: sctp: initialize more fields in sctpv6fromsk syzbot found that sin6scopeid was not properly initialized, leading to undefined behavior. Clear sin6scopeid and sin6flowinfo. BUG: KMSAN: uninit-value in sctpv6cmpaddr+0x887/0x8c0...
CVE-2025-41249
The Spring Framework annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type with unbounded generics. This can be an issue if such annotations are used for authorization decisions. Your application may be affected by...
CVE-2025-41248
The Spring Security annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type with unbounded generics. This can be an issue when using @PreAuthorize and other method security annotations, resulting in an authorization...
CVE-2023-53278
In the Linux kernel, the following vulnerability has been resolved: ubifs: Fix memory leak in ubifssysfsinit When insmod ubifs.ko, a kmemleak reported as below: unreferenced object 0xffff88817fb1a780 size 8: comm "insmod", pid 25265, jiffies 4295239702 age 100.130s hex dump first 8 bytes: 75 62 6...
CVE-2023-53295
In the Linux kernel, the following vulnerability has been resolved: udf: Do not update file length for failed writes to inline files When write to inline file fails or happens only partly, we still updated length of inline data as if the whole write succeeded. Fix the update of length of inline...
CVE-2023-53302
In the Linux kernel, the following vulnerability has been resolved: wifi: iwl4965: Add missing check for createsinglethreadworkqueue Add the check for the return value of the createsinglethreadworkqueue in order to avoid NULL pointer dereference...
CVE-2023-53288
In the Linux kernel, the following vulnerability has been resolved: drm/client: Fix memory leak in drmclientmodesetprobe When a new mode is set to modeset-mode, the previous mode should be freed. This fixes the following kmemleak report: drmmodeduplicate+0x45/0x220 drm...
CVE-2023-53290
In the Linux kernel, the following vulnerability has been resolved: samples/bpf: Fix fout leak in hbm's runbpfprog Fix fout being fopen'ed but then not subsequently fclose'd. In the affected branch, fout is otherwise going out of scope...
CVE-2023-53289
In the Linux kernel, the following vulnerability has been resolved: media: bdisp: Add missing check for createworkqueue Add the check for the return value of the createworkqueue in order to avoid NULL pointer dereference...
CVE-2023-53279
In the Linux kernel, the following vulnerability has been resolved: misc: vmwballoon: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove...
CVE-2023-53274
In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: mt8183: Add back SSPM related clocks This reverts commit 860690a93ef23b567f781c1b631623e27190f101. On the MT8183, the SSPM related clocks were removed claiming a lack of usage. This however causes some issues when...
CVE-2023-53300
In the Linux kernel, the following vulnerability has been resolved: media: hi846: Fix memleak in hi846initcontrols hi846initcontrols doesn't clean the allocated ctrlhdlr in case there is a failure, which causes memleak. Add v4l2ctrlhandlerfree to free the resource properly...
CVE-2023-53299
In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix leak of 'r10bio-remaining' for recovery raid10syncrequest will add 'r10bio-remaining' for both rdev and replacement rdev. However, if the read io fails, recoveryrequestwrite returns without issuing the write io, in...
CVE-2023-53301
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix kernel crash due to null io-bio We should return when io-bio is null before doing anything. Otherwise, panic. BUG: kernel NULL pointer dereference, address: 0000000000000010 RIP: 0010:submitmergedwritecond+0x164/0x240...
CVE-2023-53282
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix use-after-free KFENCE violation during sysfs firmware write During the sysfs firmware write process, a use-after-free read warning is logged from the lpfcwrobject routine: BUG: KFENCE: use-after-free read in...
CVE-2023-53281
In the Linux kernel, the following vulnerability has been resolved: drivers: staging: rtl8723bs: Fix locking in rtwjointimeouthandler Commit 041879b12ddb "drivers: staging: rtl8192bs: Fix deadlock in rtwjoinbsseventprehandle" besides fixing the deadlock also modified rtwjointimeouthandler to use...
CVE-2023-53284
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: check for null return of devmkzalloc in dpuwritebackinit Because of the possilble failure of devmkzalloc, dpuwbconn might be NULL and will cause null pointer dereference later. Therefore, it might be better to check ...
CVE-2023-53303
In the Linux kernel, the following vulnerability has been resolved: net: microchip: vcap api: Fix possible memory leak for vcapduprule Inject fault When select CONFIGVCAPKUNITTEST, the below memory leak occurs. If kzalloc for duprule succeeds, but the following kmemdup fails, the duprule, ckf and...
CVE-2023-53291
In the Linux kernel, the following vulnerability has been resolved: rcu/rcuscale: Stop kfreescalethread threads after unloading rcuscale Running the 'kfreercutest' test case 1 results in a splat 2. The root cause is the kfreescalethread threads continue running after unloading the rcuscale module...
CVE-2023-53286
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Return the firmware result upon destroying QP/RQ Previously when destroying a QP/RQ, the result of the firmware destruction function was ignored and upper layers weren't informed about the failure. Which in turn could...
CVE-2023-53292
In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix NULL dereference on q-elevator in blkmqelvswitchnone After grabbing q-sysfslock, q-elevator may become NULL because of elevator switch. Fix the NULL dereference on q-elevator by checking it with lock...
CVE-2023-53285
In the Linux kernel, the following vulnerability has been resolved: ext4: add bounds checking in getmaxinlinexattrvaluesize Normally the extended attributes in the inode body would have been checked when the inode is first opened, but if someone is writing to the block device while the file syste...
CVE-2023-53280
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Remove unused nvmelswaitq wait queue System crash when qla2x00startspsp returns error code EGAIN and wakeup gets called for uninitialized wait queue sp-nvmelswaitq. qla2xxx 0000:37:00.1-2121:5: Returning existing...
CVE-2023-53277
In the Linux kernel, the following vulnerability has been resolved: wifi: iwl3945: Add missing check for createsinglethreadworkqueue Add the check for the return value of the createsinglethreadworkqueue in order to avoid NULL pointer dereference...
CVE-2023-53275
In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: fix a possible null-pointer dereference due to data race in sndhdacregmapsync The variable codec-regmap is often protected by the lock codec-regmaplock when is accessed. However, it is accessed without holding the lock...
CVE-2023-53273
In the Linux kernel, the following vulnerability has been resolved: Drivers: vmbus: Check for channel allocation before looking up relids relid2channel assumes vmbus channel array to be allocated when called. However, in cases such as kdump/kexec, not all relids will be reset by the host. When th...
CVE-2023-53276
In the Linux kernel, the following vulnerability has been resolved: ubifs: Free memory for tmpfile name When opening a ubifs tmpfile on an encrypted directory, function fscryptsetupfilename allocates memory for the name that is to be stored in the directory entry, but after the name has been copi...
CVE-2023-53294
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix null-ptr-deref on inode-iop in ntfslookup Syzbot reported a null-ptr-deref bug: ntfs3: loop0: Different NTFS' sector size 1024 and media sector size 512 ntfs3: loop0: Mark volume as dirty due to NTFS errors general...
CVE-2023-53297
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: fix "bad unlock balance" in l2capdisconnectrsp conn-chanlock isn't acquired before l2capgetchanbyscid, if l2capgetchanbyscid returns NULL, then 'bad unlock balance' is triggered...
CVE-2023-53298
In the Linux kernel, the following vulnerability has been resolved: nfc: fix memory leak of seio context in nfcgenlseio The callback context for sending/receiving APDUs to/from the selected secure element is allocated inside nfcgenlseio and supposed to be eventually freed in seiocb callback...
CVE-2023-53293
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2023-53287
In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: Put the cdns set active part outside the spin lock The device may be scheduled during the resume process, so this cannot appear in atomic operations. Since pmruntimesetactive will resume suppliers, put set active...
CVE-2023-53296
In the Linux kernel, the following vulnerability has been resolved: sctp: check send stream number after waitforsndbuf This patch fixes a corner case where the asoc out stream count may change after waitforsndbuf. When the main thread in the client starts a connection, if its out stream count is...
CVE-2023-53268
In the Linux kernel, the following vulnerability has been resolved: ASoC: fslmqs: move ofnodeput to the correct location ofnodeput should have been done directly after mqspriv-regmap = sysconnodetoregmapgprnp; otherwise it creates a reference leak on the success path. To fix this, ofnodeput is...
CVE-2023-53265
In the Linux kernel, the following vulnerability has been resolved: ubi: ensure that VID header offset + VID header size dumpstack lib/dumpstack.c:88 inline dumpstacklvl+0x85/0xad lib/dumpstack.c:106 printaddressdescription mm/kasan/report.c:317 inline printreport.cold.13+0xb6/0x6bb...
CVE-2025-59437
The ip aka node-ip package through 2.0.1 in NPM might allow SSRF because the IP address value 0 is improperly categorized as globally routable via isPublic. NOTE: this issue exists because of an incomplete fix for CVE-2024-29415. NOTE: in current versions of several applications, connection...
CVE-2023-53263
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/disp: fix use-after-free in error handling of nouveauconnectorcreate We can't simply free the connector after calling drmconnectorinit on it. We need to clean up the drm side first. It might not fix all regressions fr...
CVE-2023-53267
In the Linux kernel, the following vulnerability has been resolved: driver: soc: xilinx: fix memory leak in xlnxaddcbfornotifyevent The kfree should be called when memory fails to be allocated for cbdata in xlnxaddcbfornotifyevent, otherwise there will be a memory leak, so add kfree to fix it...
CVE-2023-53264
In the Linux kernel, the following vulnerability has been resolved: clk: imx: clk-imxrt1050: fix memory leak in imxrt1050clocksprobe Use devmofiomap instead of ofiomap to automatically handle the unused ioremap region. If any error occurs, regions allocated by kzalloc will leak, but using...
CVE-2023-53266
In the Linux kernel, the following vulnerability has been resolved: arm64: acpi: Fix possible memory leak of ffhctxt Allocated 'ffhctxt' memory leak is possible if the SMCCC version and conduit checks fail and -EOPNOTSUPP is returned without freeing the allocated memory. Fix the same by moving th...
CVE-2023-53271
In the Linux kernel, the following vulnerability has been resolved: ubi: Fix unreferenced object reported by kmemleak in ubiresizevolume There is a memory leaks problem reported by kmemleak: unreferenced object 0xffff888102007a00 size 128: comm "ubirsvol", pid 32090, jiffies 4298464136 age...
CVE-2023-53270
In the Linux kernel, the following vulnerability has been resolved: ext4: fix idisksize exceeding isize problem in paritally written case It is possible for idisksize can exceed isize, triggering a warning. genericperformwrite copied = iovitercopyfromuseratomiclen // copied idisksize, newsize //...
CVE-2025-59436
The ip aka node-ip package through 2.0.1 in NPM might allow SSRF because the IP address value 017700000001 is improperly categorized as globally routable via isPublic. NOTE: this issue exists because of an incomplete fix for CVE-2024-29415...
CVE-2023-53269
In the Linux kernel, the following vulnerability has been resolved: block: ublk: make sure that block size is set correctly block size is one very key setting for block layer, and bad block size could panic kernel easily. Make sure that block size is set correctly. Meantime if ublkvalidateparams...
CVE-2023-53272
In the Linux kernel, the following vulnerability has been resolved: net: ena: fix shift-out-of-bounds in exponential backoff The ENA adapters on our instances occasionally reset. Once recently logged a UBSAN failure to console in the process: UBSAN: shift-out-of-bounds in...
CVE-2025-10256
A NULL pointer dereference vulnerability exists in FFmpeg’s Firequalizer filter libavfilter/affirequalizer.c due to a missing check on the return value of avmallocarray in the configinput function. An attacker could exploit this by tricking a victim into processing a crafted media file with the...