168 CVEs tracked today. 2 Critical, 42 High, 115 Medium, 0 Low.
-
CVE-2025-39946
CRITICAL
CVSS 9.8
CVE-2025-39946 is a security vulnerability (CVSS 5.5). Risk factors: public PoC available. Vendor patch is available.
Buffer Overflow
Linux
-
CVE-2025-9485
CRITICAL
CVSS 9.8
Cryptographic signature bypass in OAuth SSO WordPress plugin. EPSS 0.65%.
Authentication Bypass
WordPress
PHP
-
CVE-2025-39952
HIGH
CVSS 7.8
In the Linux kernel, the following vulnerability has been resolved:
wifi: wilc1000: avoid buffer overflow in WID string configuration
Fix the following copy overflow warning identified by Smatch checker.
drivers/net/wireless/microchip/wilc1000/wlan_cfg.c:184 wilc_wlan_parse_response_frame()
error: '__memcpy()' 'cfg->s[i]->str' copy overflow (512 vs 65537)
This patch introduces size check before accessing the memory buffer.
The checks are base on the WID type of received data from the firmware.
For WID string configuration, the size limit is determined by individual
element size in 'struct wilc_cfg_str_vals' that is maintained in 'len' field
of 'struct wilc_cfg_str'.
Buffer Overflow
Linux
Memory Corruption
Linux Kernel
Redhat
-
CVE-2025-39951
HIGH
CVSS 7.8
In the Linux kernel, the following vulnerability has been resolved:
um: virtio_uml: Fix use-after-free after put_device in probe
When register_virtio_device() fails in virtio_uml_probe(),
the code sets vu_dev->registered = 1 even though
the device was not successfully registered.
This can lead to use-after-free or other issues.
Information Disclosure
Linux
Memory Corruption
Use After Free
Linux Kernel
-
CVE-2025-39945
HIGH
CVSS 7.8
In the Linux kernel, the following vulnerability has been resolved:
cnic: Fix use-after-free bugs in cnic_delete_task
The original code uses cancel_delayed_work() in cnic_cm_stop_bnx2x_hw(),
which does not guarantee that the delayed work item 'delete_task' has
fully completed if it was already running. Additionally, the delayed work
item is cyclic, the flush_workqueue() in cnic_cm_stop_bnx2x_hw() only
blocks and waits for work items that were already queued to the
workqueue prior to its invocation. Any work items submitted after
flush_workqueue() is called are not included in the set of tasks that the
flush operation awaits. This means that after the cyclic work items have
finished executing, a delayed work item may still exist in the workqueue.
This leads to use-after-free scenarios where the cnic_dev is deallocated
by cnic_free_dev(), while delete_task remains active and attempt to
dereference cnic_dev in cnic_delete_task().
A typical race condition is illustrated below:
CPU 0 (cleanup) | CPU 1 (delayed work callback)
cnic_netdev_event() |
cnic_stop_hw() | cnic_delete_task()
cnic_cm_stop_bnx2x_hw() | ...
cancel_delayed_work() | /* the queue_delayed_work()
flush_workqueue() | executes after flush_workqueue()*/
| queue_delayed_work()
cnic_free_dev(dev)//free | cnic_delete_task() //new instance
| dev = cp->dev; //use
Replace cancel_delayed_work() with cancel_delayed_work_sync() to ensure
that the cyclic delayed work item is properly canceled and that any
ongoing execution of the work item completes before the cnic_dev is
deallocated. Furthermore, since cancel_delayed_work_sync() uses
__flush_work(work, true) to synchronously wait for any currently
executing instance of the work item to finish, the flush_workqueue()
becomes redundant and should be removed.
This bug was identified through static analysis. To reproduce the issue
and validate the fix, I simulated the cnic PCI device in QEMU and
introduced intentional delays - such as inserting calls to ssleep()
within the cnic_delete_task() function - to increase the likelihood
of triggering the bug.
Information Disclosure
Linux
Memory Corruption
Use After Free
Linux Kernel
-
CVE-2025-39944
HIGH
CVSS 7.8
In the Linux kernel, the following vulnerability has been resolved:
octeontx2-pf: Fix use-after-free bugs in otx2_sync_tstamp()
The original code relies on cancel_delayed_work() in otx2_ptp_destroy(),
which does not ensure that the delayed work item synctstamp_work has fully
completed if it was al...
Information Disclosure
Linux
Memory Corruption
Use After Free
-
CVE-2025-39943
HIGH
CVSS 7.1
In the Linux kernel, the following vulnerability has been resolved:
ksmbd: smbdirect: validate data_offset and data_length field of smb_direct_data_transfer
If data_offset and data_length of smb_direct_data_transfer struct are
invalid, out of bounds issue could happen.
This patch validate data_off...
Buffer Overflow
Information Disclosure
Linux
-
CVE-2025-39939
HIGH
CVSS 7.8
In the Linux kernel, the following vulnerability has been resolved: iommu/s390: Fix memory corruption when using identity domain zpci_get_iommu_ctrs() returns counter information to be reported as part of device statistics; these counters are...
Buffer Overflow
Linux
Memory Corruption
Linux Kernel
Redhat
-
CVE-2025-39935
HIGH
CVSS 7.8
In the Linux kernel, the following vulnerability has been resolved: ASoC: codec: sma1307: Fix memory corruption in sma1307_setting_loaded() The sma1307->set.header_size is how many integers are in the header (there are 8 of them) but instead of...
Buffer Overflow
Linux
Memory Corruption
Linux Kernel
Redhat
-
CVE-2025-10751
HIGH
CVSS 7.8
MacForge contains an insecure XPC service that allows local, unprivileged users to escalate their privileges to root.This issue affects MacForge: 1.2.0 Beta 1.
Privilege Escalation
Macforge
-
CVE-2025-9243
HIGH
CVSS 8.1
A security vulnerability in Cost Calculator Builder (CVSS 8.1). High severity vulnerability requiring prompt remediation.
Authentication Bypass
WordPress
-
CVE-2023-53616
HIGH
CVSS 7.8
In the Linux kernel, the following vulnerability has been resolved: jfs: fix invalid free of JFS_IP(ipimap)->i_imap in diUnmount syzbot found an invalid-free in diUnmount: BUG: KASAN: double-free in slab_free mm/slub.c:3661 [inline] BUG: KASAN:...
Information Disclosure
Linux
Google
Linux Kernel
Redhat
-
CVE-2023-53613
HIGH
CVSS 7.8
In the Linux kernel, the following vulnerability has been resolved: dax: Fix dax_mapping_release() use after free A CONFIG_DEBUG_KOBJECT_RELEASE test of removing a device-dax region provider (like modprobe -r dax_hmem) yields: kobject:...
Denial Of Service
Linux
Memory Corruption
Use After Free
Linux Kernel
-
CVE-2023-53608
HIGH
CVSS 7.8
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential UAF of struct nilfs_sc_info in nilfs_segctor_thread() The finalization of nilfs_segctor_thread() can race with nilfs_segctor_kill_thread() which terminates...
Information Disclosure
Linux
Memory Corruption
Use After Free
Redhat
-
CVE-2023-53604
HIGH
CVSS 7.8
CVE-2023-53604 is a security vulnerability (CVSS 7.8). High severity vulnerability requiring prompt remediation. Vendor patch is available.
Information Disclosure
Linux
Redhat
Suse
Linux Kernel
-
CVE-2023-53600
HIGH
CVSS 7.1
In the Linux kernel, the following vulnerability has been resolved: tunnels: fix kasan splat when generating ipv4 pmtu error If we try to emit an icmp error in response to a nonliner skb, we get BUG: KASAN: slab-out-of-bounds in...
Buffer Overflow
Information Disclosure
Linux
Redhat
Suse
-
CVE-2023-53596
HIGH
CVSS 7.8
In the Linux kernel, the following vulnerability has been resolved: drivers: base: Free devm resources when unregistering a device In the current code, devres_release_all() only gets called if the device has a bus and has been probed.
Information Disclosure
Linux
Redhat
Suse
Linux Kernel
-
CVE-2023-53587
HIGH
CVSS 7.8
In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Sync IRQ works before buffer destruction If something was written to the buffer just before destruction, it may be possible
Denial Of Service
Linux
Memory Corruption
Use After Free
Redhat
-
CVE-2023-53578
HIGH
CVSS 7.8
In the Linux kernel, the following vulnerability has been resolved: net: qrtr: Fix an uninit variable access bug in qrtr_tx_resume() Syzbot reported a bug as following: ===================================================== BUG: KMSAN:...
Information Disclosure
Linux
Redhat
Suse
Linux Kernel
-
CVE-2023-53577
HIGH
CVSS 7.8
In the Linux kernel, the following vulnerability has been resolved: bpf, cpumap: Make sure kthread is running before map update returns The following warning was reported when running stress-mode enabled xdp_redirect_cpu with some RT threads: ...
Information Disclosure
Linux
Redhat
Suse
Linux Kernel
-
CVE-2023-53575
HIGH
CVSS 7.1
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: fix potential array out of bounds access Account for IWL_SEC_WEP_KEY_OFFSET when needed while verifying key_len size in iwl_mvm_sec_key_add().
Buffer Overflow
Information Disclosure
Linux
Redhat
Suse
-
CVE-2023-53572
HIGH
CVSS 7.8
In the Linux kernel, the following vulnerability has been resolved: clk: imx: scu: use _safe list iterator to avoid a use after free This loop is freeing "clk" so it needs to use list_for_each_entry_safe().
Denial Of Service
Linux
Memory Corruption
Use After Free
Redhat
-
CVE-2023-53570
HIGH
CVSS 7.8
In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: fix integer overflow in nl80211_parse_mbssid_elems() nl80211_parse_mbssid_elems() uses a u8 variable num_elems to count the number of MBSSID elements in the nested...
Buffer Overflow
Linux
Integer Overflow
Redhat
Suse
-
CVE-2023-53569
HIGH
CVSS 7.8
CVE-2023-53569 is a security vulnerability (CVSS 7.8). High severity vulnerability requiring prompt remediation. Vendor patch is available.
Buffer Overflow
Linux
Redhat
Suse
Linux Kernel
-
CVE-2023-53560
HIGH
CVSS 7.8
In the Linux kernel, the following vulnerability has been resolved: tracing/histograms: Add histograms to hist_vars if they have referenced variables Hist triggers can have referenced variables without having direct variables fields.
Information Disclosure
Linux
Memory Corruption
Use After Free
Redhat
-
CVE-2023-53559
HIGH
CVSS 7.8
In the Linux kernel, the following vulnerability has been resolved: ip_vti: fix potential slab-use-after-free in decode_session6 When ip_vti device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during enqueuing.
Information Disclosure
Linux
Memory Corruption
Use After Free
Redhat
-
CVE-2023-53556
HIGH
CVSS 7.8
In the Linux kernel, the following vulnerability has been resolved: iavf: Fix use-after-free in free_netdev We do netif_napi_add() for all allocated q_vectors[], but potentially do netif_napi_del() for part of them, then kfree q_vectors and...
Information Disclosure
Linux
Memory Corruption
Use After Free
Redhat
-
CVE-2023-53554
HIGH
CVSS 7.8
In the Linux kernel, the following vulnerability has been resolved: staging: ks7010: potential buffer overflow in ks_wlan_set_encode_ext() The "exc->key_len" is a u16 that comes from the user.
Buffer Overflow
Linux
Memory Corruption
Redhat
Suse
-
CVE-2023-53552
HIGH
CVSS 7.8
In the Linux kernel, the following vulnerability has been resolved: drm/i915: mark requests for GuC virtual engines to avoid use-after-free References to i915_requests may be trapped by userspace inside a sync_file or dmabuf (dma-resv) and held...
Information Disclosure
Linux
Memory Corruption
Use After Free
Redhat
-
CVE-2023-53544
HIGH
CVSS 7.8
In the Linux kernel, the following vulnerability has been resolved: cpufreq: davinci: Fix clk use after free The remove function first frees the clks and only then calls cpufreq_unregister_driver().
Denial Of Service
Linux
Memory Corruption
Use After Free
Redhat
-
CVE-2023-53543
HIGH
CVSS 7.8
In the Linux kernel, the following vulnerability has been resolved: vdpa: Add max vqp attr to vdpa_nl_policy for nlattr length check The vdpa_nl_policy structure is used to validate the nlattr when parsing the incoming nlmsg.
Buffer Overflow
Linux
Memory Corruption
Redhat
Suse
-
CVE-2023-53541
HIGH
CVSS 7.8
In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: brcmnand: Fix potential out-of-bounds access in oob write When the oob buffer length is not in multiple of words, the oob write function does out-of-bounds read on...
Buffer Overflow
Linux
Memory Corruption
Redhat
Suse
-
CVE-2023-53537
HIGH
CVSS 7.8
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid use-after-free for cached IPU bio xfstest generic/019 reports a bug: kernel BUG at mm/filemap.c:1619!
Information Disclosure
Linux
Memory Corruption
Use After Free
Redhat
-
CVE-2023-53536
HIGH
CVSS 7.8
In the Linux kernel, the following vulnerability has been resolved: blk-crypto: make blk_crypto_evict_key() more robust If blk_crypto_evict_key() sees that the key is still in-use (due to a bug) or that ->keyslot_evict failed, it currently just...
Information Disclosure
Linux
Memory Corruption
Use After Free
Redhat
-
CVE-2022-50508
HIGH
CVSS 7.1
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt76x0: fix oob access in mt76x0_phy_get_target_power After 'commit ba45841ca5eb ("wifi: mt76: mt76x02: simplify struct mt76x02_rate_power")', mt76x02 relies on...
Buffer Overflow
Information Disclosure
Linux
Redhat
Suse
-
CVE-2022-50507
HIGH
CVSS 7.8
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Validate data run offset This adds sanity checks for data run offset.
Information Disclosure
Linux
Memory Corruption
Use After Free
Redhat
-
CVE-2022-50499
HIGH
CVSS 7.8
In the Linux kernel, the following vulnerability has been resolved:
media: dvb-core: Fix double free in dvb_register_device()
In function dvb_register_device() -> dvb_register_media_device() ->
dvb_create_media_entity(), dvb->entity is allocated and initialized. If
the initialization fails, it frees the dvb->entity, and return an error
code. The caller takes the error code and handles the error by calling
dvb_media_device_free(), which unregisters the entity and frees the
field again if it is not NULL. As dvb->entity may not NULLed in
dvb_create_media_entity() when the allocation of dvbdev->pad fails, a
double free may occur. This may also cause an Use After free in
media_device_unregister_entity().
Fix this by storing NULL to dvb->entity when it is freed.
Denial Of Service
Linux
Linux Kernel
Redhat
Suse
-
CVE-2022-50497
HIGH
CVSS 7.1
In the Linux kernel, the following vulnerability has been resolved:
binfmt_misc: fix shift-out-of-bounds in check_special_flags
UBSAN reported a shift-out-of-bounds warning:
left shift of 1 by 31 places cannot be represented in type 'int'
Call Trace:
<TASK>
__dump_stack lib/dump_stack.c:88 [inline]
dump_stack_lvl+0x8d/0xcf lib/dump_stack.c:106
ubsan_epilogue+0xa/0x44 lib/ubsan.c:151
__ubsan_handle_shift_out_of_bounds+0x1e7/0x208 lib/ubsan.c:322
check_special_flags fs/binfmt_misc.c:241 [inline]
create_entry fs/binfmt_misc.c:456 [inline]
bm_register_write+0x9d3/0xa20 fs/binfmt_misc.c:654
vfs_write+0x11e/0x580 fs/read_write.c:582
ksys_write+0xcf/0x120 fs/read_write.c:637
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x34/0x80 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x4194e1
Since the type of Node's flags is unsigned long, we should define these
macros with same type too.
Buffer Overflow
Information Disclosure
Linux
Linux Kernel
Redhat
-
CVE-2022-50496
HIGH
CVSS 7.8
In the Linux kernel, the following vulnerability has been resolved:
dm cache: Fix UAF in destroy()
Dm_cache also has the same UAF problem when dm_resume()
and dm_destroy() are concurrent.
Therefore, cancelling timer again in destroy().
Information Disclosure
Linux
Memory Corruption
Use After Free
Linux Kernel
-
CVE-2022-50492
HIGH
CVSS 7.8
In the Linux kernel, the following vulnerability has been resolved:
drm/msm: fix use-after-free on probe deferral
The bridge counter was never reset when tearing down the DRM device so
that stale pointers to deallocated structures would be accessed on the
next tear down (e.g. after a second late bind deferral).
Given enough bridges and a few probe deferrals this could currently also
lead to data beyond the bridge array being corrupted.
Patchwork: https://patchwork.freedesktop.org/patch/502665/
Information Disclosure
Linux
Memory Corruption
Use After Free
Linux Kernel
-
CVE-2022-50490
HIGH
CVSS 7.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Propagate error from htab_lock_bucket() to userspace In __htab_map_lookup_and_delete_batch() if htab_lock_bucket() returns -EBUSY, it will go to next bucket.
Buffer Overflow
Information Disclosure
Linux
Redhat
Suse
-
CVE-2022-50488
HIGH
CVSS 7.8
In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix possible uaf for 'bfqq->bic' Our test report a uaf for 'bfqq->bic' in 5.10: ================================================================== BUG: KASAN:...
Information Disclosure
Linux
Memory Corruption
Use After Free
Redhat
-
CVE-2022-50478
HIGH
CVSS 7.1
In the Linux kernel, the following vulnerability has been resolved:
nilfs2: fix shift-out-of-bounds/overflow in nilfs_sb2_bad_offset()
Patch series "nilfs2: fix UBSAN shift-out-of-bounds warnings on mount
time".
The first patch fixes a bug reported by syzbot, and the second one fixes
the remaining bug of the same kind. Although they are triggered by the
same super block data anomaly, I divided it into the above two because the
details of the issues and how to fix it are different.
Both are required to eliminate the shift-out-of-bounds issues at mount
time.
This patch (of 2):
If the block size exponent information written in an on-disk superblock is
corrupted, nilfs_sb2_bad_offset helper function can trigger
shift-out-of-bounds warning followed by a kernel panic (if panic_on_warn
is set):
shift exponent 38983 is too large for 64-bit type 'unsigned long long'
Call Trace:
<TASK>
__dump_stack lib/dump_stack.c:88 [inline]
dump_stack_lvl+0x1b1/0x28e lib/dump_stack.c:106
ubsan_epilogue lib/ubsan.c:151 [inline]
__ubsan_handle_shift_out_of_bounds+0x33d/0x3b0 lib/ubsan.c:322
nilfs_sb2_bad_offset fs/nilfs2/the_nilfs.c:449 [inline]
nilfs_load_super_block+0xdf5/0xe00 fs/nilfs2/the_nilfs.c:523
init_nilfs+0xb7/0x7d0 fs/nilfs2/the_nilfs.c:577
nilfs_fill_super+0xb1/0x5d0 fs/nilfs2/super.c:1047
nilfs_mount+0x613/0x9b0 fs/nilfs2/super.c:1317
...
In addition, since nilfs_sb2_bad_offset() performs multiplication without
considering the upper bound, the computation may overflow if the disk
layout parameters are not normal.
This fixes these issues by inserting preliminary sanity checks for those
parameters and by converting the comparison from one involving
multiplication and left bit-shifting to one using division and right
bit-shifting.
Buffer Overflow
Information Disclosure
Linux
Linux Kernel
Redhat
-
CVE-2022-50470
HIGH
CVSS 7.8
In the Linux kernel, the following vulnerability has been resolved:
xhci: Remove device endpoints from bandwidth list when freeing the device
Endpoints are normally deleted from the bandwidth list when they are
dropped, before the virt device is freed.
If xHC host is dying or being removed then the endpoints aren't dropped
cleanly due to functions returning early to avoid interacting with a
non-accessible host controller.
So check and delete endpoints that are still on the bandwidth list when
freeing the virt device.
Solves a list_del corruption kernel crash when unbinding xhci-pci,
caused by xhci_mem_cleanup() when it later tried to delete already freed
endpoints from the bandwidth list.
This only affects hosts that use software bandwidth checking, which
currenty is only the xHC in intel Panther Point PCH (Ivy Bridge)
Denial Of Service
Linux
Linux Kernel
Redhat
Suse
-
CVE-2025-61962
MEDIUM
CVSS 5.9
In fetchmail before 6.5.6, the SMTP client can crash when authenticating upon receiving a 334 status code in a malformed context.
Denial Of Service
Redhat
Suse
-
CVE-2025-39953
MEDIUM
CVSS 5.5
CVE-2025-39953 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.
Information Disclosure
Linux
Linux Kernel
Redhat
Suse
-
CVE-2025-39950
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved:
net/tcp: Fix a NULL pointer dereference when using TCP-AO with TCP_REPAIR
A NULL pointer dereference can occur in tcp_ao_finish_connect() during a
connect() system call on a socket with a TCP-AO key added and TCP_REPAIR
enabled.
The function is called with skb being NULL and attempts to dereference it
on tcp_hdr(skb)->seq without a prior skb validation.
Fix this by checking if skb is NULL before dereferencing it.
The commentary is taken from bpf_skops_established(), which is also called
in the same flow. Unlike the function being patched,
bpf_skops_established() validates the skb before dereferencing it.
int main(void){
struct sockaddr_in sockaddr;
struct tcp_ao_add tcp_ao;
int sk;
int one = 1;
memset(&sockaddr,'\0',sizeof(sockaddr));
memset(&tcp_ao,'\0',sizeof(tcp_ao));
sk = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
sockaddr.sin_family = AF_INET;
memcpy(tcp_ao.alg_name,"cmac(aes128)",12);
memcpy(tcp_ao.key,"ABCDEFGHABCDEFGH",16);
tcp_ao.keylen = 16;
memcpy(&tcp_ao.addr,&sockaddr,sizeof(sockaddr));
setsockopt(sk, IPPROTO_TCP, TCP_AO_ADD_KEY, &tcp_ao,
sizeof(tcp_ao));
setsockopt(sk, IPPROTO_TCP, TCP_REPAIR, &one, sizeof(one));
sockaddr.sin_family = AF_INET;
sockaddr.sin_port = htobe16(123);
inet_aton("127.0.0.1", &sockaddr.sin_addr);
connect(sk,(struct sockaddr *)&sockaddr,sizeof(sockaddr));
return 0;
}
$ gcc tcp-ao-nullptr.c -o tcp-ao-nullptr -Wall
$ unshare -Urn
BUG: kernel NULL pointer dereference, address: 00000000000000b6
PGD 1f648d067 P4D 1f648d067 PUD 1982e8067 PMD 0
Oops: Oops: 0000 [#1] SMP NOPTI
Hardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop
Reference Platform, BIOS 6.00 11/12/2020
RIP: 0010:tcp_ao_finish_connect (net/ipv4/tcp_ao.c:1182)
Denial Of Service
Linux
Null Pointer Dereference
Linux Kernel
Redhat
-
CVE-2025-39949
MEDIUM
CVSS 5.5
CVE-2025-39949 is a security vulnerability (CVSS 5.5). Risk factors: public PoC available. Vendor patch is available.
Information Disclosure
Linux
Linux Kernel
Redhat
Suse
-
CVE-2025-39948
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved: ice: fix Rx page leak on multi-buffer frames The ice_put_rx_mbuf() function handles calling ice_put_rx_buf() for each buffer in the current frame.
Information Disclosure
Linux
Linux Kernel
Redhat
Suse
-
CVE-2025-39947
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved:
net/mlx5e: Harden uplink netdev access against device unbind
The function mlx5_uplink_netdev_get() gets the uplink netdevice
pointer from mdev->mlx5e_res.uplink_netdev. However, the netdevice can
be removed and its pointer cleared...
Denial Of Service
Null Pointer Dereference
Linux
-
CVE-2025-39942
MEDIUM
CVSS 5.5
CVE-2025-39942 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.
Information Disclosure
Linux
Linux Kernel
Redhat
Suse
-
CVE-2025-39941
MEDIUM
CVSS 4.7
In the Linux kernel, the following vulnerability has been resolved:
zram: fix slot write race condition
Parallel concurrent writes to the same zram index result in leaked
zsmalloc handles. Schematically we can have something like this:
CPU0 CPU1
zram_slot_lock()
zs_free(handle)
zram_slot_lock()
zram_slot_lock()
zs_free(handle)
zram_slot_lock()
compress compress
handle = zs_malloc() handle = zs_malloc()
zram_slot_lock
zram_set_handle(handle)
zram_slot_lock
zram_slot_lock
zram_set_handle(handle)
zram_slot_lock
Either CPU0 or CPU1 zsmalloc handle will leak because zs_free() is done
too early. In fact, we need to reset zram entry right before we set its
new handle, all under the same slot lock scope.
Race Condition
Information Disclosure
Linux
Linux Kernel
Redhat
-
CVE-2025-39940
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved:
dm-stripe: fix a possible integer overflow
There's a possible integer overflow in stripe_io_hints if we have too
large chunk size. Test if the overflow happened, and if it did, don't set
limits->io_min and limits->io_opt;
Buffer Overflow
Linux
Integer Overflow
Linux Kernel
Redhat
-
CVE-2025-39938
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved:
ASoC: qcom: q6apm-lpass-dais: Fix NULL pointer dereference if source graph failed
If earlier opening of source graph fails (e.g. ADSP rejects due to
incorrect audioreach topology), the graph is closed and
"dai_data->graph[dai->id]" is assigned NULL. Preparing the DAI for sink
graph continues though and next call to q6apm_lpass_dai_prepare()
receives dai_data->graph[dai->id]=NULL leading to NULL pointer
exception:
qcom-apm gprsvc:service:2:1: Error (1) Processing 0x01001002 cmd
qcom-apm gprsvc:service:2:1: DSP returned error[1001002] 1
q6apm-lpass-dais 30000000.remoteproc:glink-edge:gpr:service@1:bedais: fail to start APM port 78
q6apm-lpass-dais 30000000.remoteproc:glink-edge:gpr:service@1:bedais: ASoC: error at snd_soc_pcm_dai_prepare on TX_CODEC_DMA_TX_3: -22
Unable to handle kernel NULL pointer dereference at virtual address 00000000000000a8
...
Call trace:
q6apm_graph_media_format_pcm+0x48/0x120 (P)
q6apm_lpass_dai_prepare+0x110/0x1b4
snd_soc_pcm_dai_prepare+0x74/0x108
__soc_pcm_prepare+0x44/0x160
dpcm_be_dai_prepare+0x124/0x1c0
Denial Of Service
Null Pointer Dereference
Linux
Linux Kernel
Redhat
-
CVE-2025-39937
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved: net: rfkill: gpio: Fix crash due to dereferencering uninitialized pointer Since commit 7d5e9737efda ("net: rfkill: gpio: get the name and type from device property")...
Denial Of Service
Null Pointer Dereference
Linux
Linux Kernel
Redhat
-
CVE-2025-39936
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Always pass in an error pointer to __sev_platform_shutdown_locked() When 9770b428b1a2
Denial Of Service
Null Pointer Dereference
Linux
Linux Kernel
Redhat
-
CVE-2025-39934
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved:
drm: bridge: anx7625: Fix NULL pointer dereference with early IRQ
If the interrupt occurs before resource initialization is complete, the
interrupt handler/worker may access uninitialized data such as the I2C
tcpc_client device, potentially leading to NULL pointer dereference.
Denial Of Service
Null Pointer Dereference
Linux
Linux Kernel
Redhat
-
CVE-2025-39933
MEDIUM
CVSS 5.5
CVE-2025-39933 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.
Information Disclosure
Linux
Linux Kernel
Redhat
Suse
-
CVE-2025-39932
MEDIUM
CVSS 5.5
CVE-2025-39932 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.
Information Disclosure
Linux
Linux Kernel
Redhat
Suse
-
CVE-2025-39931
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved: crypto: af_alg - Set merge to zero early in af_alg_sendmsg If an error causes af_alg_sendmsg to abort, ctx->merge may contain a garbage value from the previous loop.
Denial Of Service
Linux
Linux Kernel
Redhat
Suse
-
CVE-2025-39929
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix smbdirect_recv_io leak in smbd_negotiate() error path During tests of another unrelated patch I was able to trigger this error: Objects remaining on...
Information Disclosure
Linux
Linux Kernel
Redhat
Suse
-
CVE-2025-11273
MEDIUM
CVSS 6.3
A vulnerability was found in LaChatterie Verger up to 1.2.10. This impacts the function redirectToAuthorization of the file /src/main/services/mcp/oauth/provider.ts. The manipulation of the argument URL results in deserialization. The attack can be executed remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
Deserialization
-
CVE-2025-11272
MEDIUM
CVSS 5.4
A security vulnerability in SeriaWei ZKEACMS (CVSS 5.4). Remediation should follow standard vulnerability management procedures.
Information Disclosure
-
CVE-2025-11228
MEDIUM
CVSS 5.3
The GiveWP - Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the `registerAssociateFormsWithCampaign` function in all versions up to, and including, 4.10.0. This makes it possible for unauthenticated attackers to associate any donation forms with any campaign.
Authentication Bypass
WordPress
Givewp
PHP
-
CVE-2025-11227
MEDIUM
CVSS 6.5
The GiveWP - Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 4.10.0 via the 'registerGetForm', 'registerGetForms', 'registerGetCampaign' and 'registerGetCampaigns' functions due to a missing capability check. This makes it possible for unauthenticated attackers to extract data from private and draft donation forms, as well as archived campaigns.
Authentication Bypass
Information Disclosure
WordPress
Givewp
PHP
-
CVE-2025-10746
MEDIUM
CVSS 6.5
The Integrate Dynamics 365 CRM plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 1.0.9. This is due to missing capability checks and nonce verification on functions hooked to 'init'. This makes it possible for unauthenticated attackers to deactivate the plugin, tamper with OAuth configuration, and trigger test connections that expose sensitive data via direct request to vulnerable endpoints granted they can craft malicious requests with specific parameters.
Authentication Bypass
Information Disclosure
WordPress
PHP
-
CVE-2025-10383
MEDIUM
CVSS 6.4
The Contest Gallery - Upload, Vote & Sell with PayPal and Stripe plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple form field parameters in all versions up to, and including, 27.0.2. This is due to insufficient input sanitization and output escaping on user-supplied attributes. This makes it possible for authenticated attackers, with author-level access or higher, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
XSS
WordPress
PHP
-
CVE-2025-9952
MEDIUM
CVSS 6.1
The Trinity Audio - Text to Speech AI audio player to convert content into audio plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'range-date' parameter in all versions up to, and including, 5.20.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
XSS
WordPress
PHP
-
CVE-2025-9886
MEDIUM
CVSS 4.3
The Trinity Audio - Text to Speech AI audio player to convert content into audio plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.20.2. This is due to missing or incorrect nonce validation in the '/admin/inc/post-management.php' file. This makes it possible for unauthenticated attackers to activate/deactivate posts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
PHP
CSRF
WordPress
-
CVE-2025-9030
MEDIUM
CVSS 5.4
The Majestic Before After Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'before_label' and 'after_label' parameters in versions less than, or equal to, 2.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
XSS
WordPress
PHP
-
CVE-2025-9029
MEDIUM
CVSS 4.3
A security vulnerability in Widget Builder (CVSS 4.3). Remediation should follow standard vulnerability management procedures.
Authentication Bypass
WordPress
PHP
-
CVE-2025-8726
MEDIUM
CVSS 5.4
The WP Photo Album Plus plugin for WordPress is vulnerable to Cross-Site Scripting in all versions up to, and including, 9.0.11.006 due to insufficient input sanitization and output escaping in the wppa_user_upload function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject arbitrary web scripts in the photo album descriptions that execute in a victim's browser.
XSS
WordPress
PHP
-
CVE-2023-53615
MEDIUM
CVSS 4.7
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix deletion race condition System crash when using debug kernel due to link list corruption.
Denial Of Service
Race Condition
Linux
Linux Kernel
Redhat
-
CVE-2023-53614
MEDIUM
CVSS 4.7
In the Linux kernel, the following vulnerability has been resolved: mm/ksm: fix race with VMA iteration and mm_struct teardown exit_mmap() will tear down the VMAs and maple tree with the mmap_lock held in write mode.
Race Condition
Information Disclosure
Linux
Linux Kernel
Redhat
-
CVE-2023-53612
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved: hwmon: (coretemp) Simplify platform device handling Coretemp's platform driver is unconventional.
Denial Of Service
Null Pointer Dereference
Linux
Linux Kernel
Redhat
-
CVE-2023-53611
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved: ipmi_si: fix a memleak in try_smi_init() Kmemleak reported the following leak info in try_smi_init(): unreferenced object 0xffff00018ecf9400 (size 1024): comm "modprobe", pid...
Information Disclosure
Linux
Linux Kernel
Redhat
Suse
-
CVE-2023-53610
MEDIUM
CVSS 5.5
CVE-2023-53610 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.
Information Disclosure
Linux
Linux Kernel
Redhat
Suse
-
CVE-2023-53609
MEDIUM
CVSS 5.5
CVE-2023-53609 is a security vulnerability (CVSS 5.5). Risk factors: public PoC available. Vendor patch is available.
Information Disclosure
Linux
Linux Kernel
Redhat
Suse
-
CVE-2023-53607
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved: ALSA: ymfpci: Fix BUG_ON in probe function The snd_dma_buffer.bytes field now contains the aligned size, which this snd_BUG_ON() did not account for, resulting in the...
Authentication Bypass
Linux
Redhat
Suse
Linux Kernel
-
CVE-2023-53606
MEDIUM
CVSS 5.5
CVE-2023-53606 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.
Information Disclosure
Linux
Redhat
Suse
Linux Kernel
-
CVE-2023-53605
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved: drm: amd: display: Fix memory leakage This commit fixes memory leakage in dc_construct_ctx() function.
Information Disclosure
Linux
Amd
Redhat
Suse
-
CVE-2023-53603
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Avoid fcport pointer dereference Klocwork reported warning of NULL pointer may be dereferenced.
Denial Of Service
Null Pointer Dereference
Linux
Redhat
Suse
-
CVE-2023-53602
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix memory leak in WMI firmware stats Memory allocated for firmware pdev, vdev and beacon statistics are not released during rmmod.
Information Disclosure
Linux
Redhat
Suse
Linux Kernel
-
CVE-2023-53601
MEDIUM
CVSS 5.5
CVE-2023-53601 is a security vulnerability (CVSS 5.5). Risk factors: public PoC available. Vendor patch is available.
Information Disclosure
Linux
Google
Redhat
Suse
-
CVE-2023-53599
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved: crypto: af_alg - Fix missing initialisation affecting gcm-aes-s390 Fix af_alg_alloc_areq() to initialise areq->first_rsgl.sgl.sgt.sgl to point to the scatterlist array in...
Denial Of Service
Null Pointer Dereference
Linux
Redhat
Suse
-
CVE-2023-53598
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Range check CHDBOFF and ERDBOFF If the value read from the CHDBOFF and ERDBOFF registers is outside the range of the MHI register space then an invalid address...
Denial Of Service
Linux
Redhat
Suse
Linux Kernel
-
CVE-2023-53597
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved: cifs: fix mid leak during reconnection after timeout threshold When the number of responses with status of STATUS_IO_TIMEOUT exceeds a specified threshold (NUM_STATUS_IO_TIMEOUT),...
Information Disclosure
Linux
Redhat
Suse
Linux Kernel
-
CVE-2023-53595
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: mcs: Fix NULL pointer dereferences When system is rebooted after creating macsec interface below NULL pointer dereference crashes occurred.
Denial Of Service
Null Pointer Dereference
Linux
Redhat
Suse
-
CVE-2023-53594
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved: driver core: fix resource leak in device_add() When calling kobject_add() failed in device_add(), it will call cleanup_glue_dir() to free resource.
Information Disclosure
Linux
Redhat
Suse
Linux Kernel
-
CVE-2023-53593
MEDIUM
CVSS 5.5
CVE-2023-53593 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.
Information Disclosure
Linux
Redhat
Suse
Linux Kernel
-
CVE-2023-53592
MEDIUM
CVSS 5.5
CVE-2023-53592 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.
Information Disclosure
Linux
Redhat
Suse
Linux Kernel
-
CVE-2023-53591
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix deadlock in tc route query code Cited commit causes ABBA deadlock[0] when peer flows are created while holding the devcom rw semaphore.
Information Disclosure
Linux
Redhat
Suse
Linux Kernel
-
CVE-2023-53590
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved: sctp: add a refcnt in sctp_stream_priorities to avoid a nested loop With this refcnt added in sctp_stream_priorities, we don't need to traverse all streams to check if the prio is...
Buffer Overflow
Linux
Redhat
Suse
Linux Kernel
-
CVE-2023-53589
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't trust firmware n_channels If the firmware sends us a corrupted MCC response with n_channels much larger than the command response can be, we might copy...
Denial Of Service
Linux
Redhat
Suse
Linux Kernel
-
CVE-2023-53588
MEDIUM
CVSS 5.5
CVE-2023-53588 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.
Information Disclosure
Linux
Redhat
Suse
Linux Kernel
-
CVE-2023-53586
MEDIUM
CVSS 4.7
In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix multiple LUN_RESET handling This fixes a bug where an initiator thinks a LUN_RESET has cleaned up running commands when it hasn't.
Information Disclosure
Linux
Redhat
Suse
Linux Kernel
-
CVE-2023-53585
MEDIUM
CVSS 5.5
CVE-2023-53585 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.
Information Disclosure
Linux
Redhat
Suse
Linux Kernel
-
CVE-2023-53584
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved: ubifs: ubifs_releasepage: Remove ubifs_assert(0) to valid this process There are two states for ubifs writing pages: 1.
Denial Of Service
Linux
Redhat
Suse
Linux Kernel
-
CVE-2023-53583
MEDIUM
CVSS 5.5
CVE-2023-53583 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.
Buffer Overflow
Linux
Redhat
Suse
Linux Kernel
-
CVE-2023-53582
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: ensure CLM version is null-terminated to prevent stack-out-of-bounds Fix a stack-out-of-bounds read in brcmfmac that occurs when 'buf' that is not null-terminated...
Buffer Overflow
Denial Of Service
Null Pointer Dereference
Linux
Redhat
-
CVE-2023-53581
MEDIUM
CVSS 4.7
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Check for NOT_READY flag state after locking Currently the check for NOT_READY flag is performed before obtaining the necessary lock.
Denial Of Service
Race Condition
Linux
Canonical
Redhat
-
CVE-2023-53580
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved: USB: Gadget: core: Help prevent panic during UVC unconfigure Avichal Rakesh reported a kernel panic that occurred when the UVC gadget driver was removed from a gadget's...
Information Disclosure
Linux
Redhat
Suse
Linux Kernel
-
CVE-2023-53579
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved: gpio: mvebu: fix irq domain leak Uwe Kleine-König pointed out we still have one resource leak in the mvebu driver triggered on driver detach.
Information Disclosure
Linux
Redhat
Suse
Linux Kernel
-
CVE-2023-53576
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved: null_blk: Always check queue mode setting from configfs Make sure to check device queue mode in the null_validate_conf() and return error for NULL_Q_RQ as we don't allow legacy...
Denial Of Service
Null Pointer Dereference
Linux
Redhat
Suse
-
CVE-2023-53574
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: delete timer and free skb queue when unloading Fix possible crash and memory leak on driver unload by deleting TX purge timer and freeing C2H queue in...
Denial Of Service
Linux
Redhat
Suse
Linux Kernel
-
CVE-2023-53573
MEDIUM
CVSS 5.5
CVE-2023-53573 is a security vulnerability (CVSS 5.5) that allows flat cache again. Remediation should follow standard vulnerability management procedures. Vendor patch is available.
Information Disclosure
Linux
Redhat
Suse
Linux Kernel
-
CVE-2023-53571
MEDIUM
CVSS 5.5
CVE-2023-53571 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.
Information Disclosure
Linux
Redhat
Suse
Linux Kernel
-
CVE-2023-53568
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved: s390/zcrypt: don't leak memory if dev_set_name() fails When dev_set_name() fails, zcdn_create() doesn't free the newly allocated resources.
Information Disclosure
Linux
Redhat
Suse
Linux Kernel
-
CVE-2023-53567
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved: spi: qup: Don't skip cleanup in remove's error path Returning early in a platform driver's remove callback is wrong.
Information Disclosure
Linux
Redhat
Suse
Linux Kernel
-
CVE-2023-53566
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: fix null deref on element insertion There is no guarantee that rb_prev() will not return NULL in nft_rbtree_gc_elem(): general protection fault,...
Denial Of Service
Null Pointer Dereference
Linux
Canonical
Redhat
-
CVE-2023-53565
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Check for probe() id argument being NULL The probe() id argument may be NULL in 2 scenarios: 1. brcmf_pcie_pm_leave_D3() calling brcmf_pcie_probe() to reprobe ...
Denial Of Service
Null Pointer Dereference
Linux
Dell
Redhat
-
CVE-2023-53564
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix defrag path triggering jbd2 ASSERT code path: ocfs2_ioctl_move_extents ocfs2_move_extents ocfs2_defrag_extent __ocfs2_move_extent + ocfs2_journal_access_di ...
Denial Of Service
Linux
Oracle
Redhat
Suse
-
CVE-2023-53563
MEDIUM
CVSS 5.5
CVE-2023-53563 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.
Information Disclosure
Linux
Amd
Redhat
Suse
-
CVE-2023-53562
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved: drm/msm: fix vram leak on bind errors Make sure to release the VRAM buffer also in a case a subcomponent fails to bind.
Information Disclosure
Linux
Redhat
Suse
Linux Kernel
-
CVE-2023-53561
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved: net: wwan: iosm: fix NULL pointer dereference when removing device In suspend and resume cycle, the removal and rescan of device ends up in NULL pointer dereference.
Denial Of Service
Null Pointer Dereference
Linux
Redhat
Suse
-
CVE-2023-53558
MEDIUM
CVSS 5.5
CVE-2023-53558 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.
Information Disclosure
Linux
Redhat
Suse
Linux Kernel
-
CVE-2023-53557
MEDIUM
CVSS 5.5
CVE-2023-53557 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.
Information Disclosure
Linux
Canonical
Redhat
Suse
-
CVE-2023-53555
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: initialize damo_filter->list from damos_new_filter() damos_new_filter() is not initializing the list field of newly allocated filter object.
Denial Of Service
Linux
Redhat
Suse
Linux Kernel
-
CVE-2023-53553
MEDIUM
CVSS 5.5
CVE-2023-53553 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.
Buffer Overflow
Linux
Redhat
Suse
Linux Kernel
-
CVE-2023-53551
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: u_serial: Add null pointer check in gserial_resume Consider a case where gserial_disconnect has already cleared gser->ioport.
Denial Of Service
Null Pointer Dereference
Linux
Redhat
Suse
-
CVE-2023-53550
MEDIUM
CVSS 5.5
CVE-2023-53550 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.
Information Disclosure
Linux
Amd
-
CVE-2023-53549
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Rework long task execution when adding/deleting entries When adding/deleting large number of elements in one step in ipset, it can take a reasonable amount of...
Information Disclosure
Linux
Redhat
Suse
Linux Kernel
-
CVE-2023-53548
MEDIUM
CVSS 5.5
CVE-2023-53548 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.
Information Disclosure
Linux
Google
Redhat
Suse
-
CVE-2023-53547
MEDIUM
CVSS 5.5
CVE-2023-53547 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.
Information Disclosure
Linux
Canonical
Redhat
Suse
-
CVE-2023-53546
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: DR, fix memory leak in mlx5dr_cmd_create_reformat_ctx when mlx5_cmd_exec failed in mlx5dr_cmd_create_reformat_ctx, the memory pointed by 'in' is not released, which will...
Information Disclosure
Linux
Redhat
Suse
Linux Kernel
-
CVE-2023-53545
MEDIUM
CVSS 5.5
CVE-2023-53545 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.
Information Disclosure
Linux
Amd
Redhat
Suse
-
CVE-2023-53542
MEDIUM
CVSS 5.5
CVE-2023-53542 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.
Samsung
Information Disclosure
Linux
Redhat
Suse
-
CVE-2023-53540
MEDIUM
CVSS 5.5
CVE-2023-53540 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.
Information Disclosure
Linux
-
CVE-2023-53539
MEDIUM
CVSS 5.5
CVE-2023-53539 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.
Information Disclosure
Linux
Redhat
Suse
Linux Kernel
-
CVE-2023-53538
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved: btrfs: insert tree mod log move in push_node_left There is a fairly unlikely race condition in tree mod log rewind that can result in a kernel panic which has the following...
Denial Of Service
Null Pointer Dereference
Linux
Redhat
Suse
-
CVE-2023-53535
MEDIUM
CVSS 5.5
CVE-2023-53535 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.
Information Disclosure
Linux
Redhat
Suse
Linux Kernel
-
CVE-2023-53534
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: mtk_drm_crtc: Add checks for devm_kcalloc As the devm_kcalloc may return NULL, the return value needs to be checked to avoid NULL poineter dereference.
Denial Of Service
Null Pointer Dereference
Linux
Mediatek
Redhat
-
CVE-2023-53533
MEDIUM
CVSS 5.5
A remote code execution vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.
Information Disclosure
Linux
Redhat
Suse
Linux Kernel
-
CVE-2022-50506
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved: drbd: only clone bio if we have a backing device Commit c347a787e34cb (drbd: set ->bi_bdev in drbd_req_new) moved a bio_set_dev call (which has since been removed) to "earlier",...
Denial Of Service
Null Pointer Dereference
Linux
Redhat
Suse
-
CVE-2022-50505
MEDIUM
CVSS 5.5
CVE-2022-50505 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.
Information Disclosure
Linux
Amd
Redhat
Suse
-
CVE-2022-50504
MEDIUM
CVSS 5.5
CVE-2022-50504 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.
Information Disclosure
Linux
Linux Kernel
Redhat
Suse
-
CVE-2022-50503
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved:
mtd: lpddr2_nvm: Fix possible null-ptr-deref
It will cause null-ptr-deref when resource_size(add_range) invoked,
if platform_get_resource() returns NULL.
Denial Of Service
Null Pointer Dereference
Linux
Linux Kernel
Redhat
-
CVE-2022-50501
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved:
media: coda: Add check for dcoda_iram_alloc
As the coda_iram_alloc may return NULL pointer,
it should be better to check the return value
in order to avoid NULL poineter dereference,
same as the others.
Denial Of Service
Null Pointer Dereference
Linux
Linux Kernel
Redhat
-
CVE-2022-50500
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved:
netdevsim: fix memory leak in nsim_drv_probe() when nsim_dev_resources_register() failed
If some items in nsim_dev_resources_register() fail, memory leak will
occur. The following is the memory leak information.
unreferenced object 0xffff888074c02600 (size 128):
comm "echo", pid 8159, jiffies 4294945184 (age 493.530s)
hex dump (first 32 bytes):
40 47 ea 89 ff ff ff ff 01 00 00 00 00 00 00 00 @G..............
ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................
backtrace:
[<0000000011a31c98>] kmalloc_trace+0x22/0x60
[<0000000027384c69>] devl_resource_register+0x144/0x4e0
[<00000000a16db248>] nsim_drv_probe+0x37a/0x1260
[<000000007d1f448c>] really_probe+0x20b/0xb10
[<00000000c416848a>] __driver_probe_device+0x1b3/0x4a0
[<00000000077e0351>] driver_probe_device+0x49/0x140
[<0000000054f2465a>] __device_attach_driver+0x18c/0x2a0
[<000000008538f359>] bus_for_each_drv+0x151/0x1d0
[<0000000038e09747>] __device_attach+0x1c9/0x4e0
[<00000000dd86e533>] bus_probe_device+0x1d5/0x280
[<00000000839bea35>] device_add+0xae0/0x1cb0
[<000000009c2abf46>] new_device_store+0x3b6/0x5f0
[<00000000fb823d7f>] bus_attr_store+0x72/0xa0
[<000000007acc4295>] sysfs_kf_write+0x106/0x160
[<000000005f50cb4d>] kernfs_fop_write_iter+0x3a8/0x5a0
[<0000000075eb41bf>] vfs_write+0x8f0/0xc80
Information Disclosure
Linux
Linux Kernel
Redhat
Suse
-
CVE-2022-50498
MEDIUM
CVSS 5.5
CVE-2022-50498 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.
Denial Of Service
Linux
Linux Kernel
Redhat
Suse
-
CVE-2022-50494
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved:
thermal: intel_powerclamp: Use get_cpu() instead of smp_processor_id() to avoid crash
When CPU 0 is offline and intel_powerclamp is used to inject
idle, it generates kernel BUG:
BUG: using smp_processor_id() in preemptible [00000000] code: bash/15687
caller is debug_smp_processor_id+0x17/0x20
CPU: 4 PID: 15687 Comm: bash Not tainted 5.19.0-rc7+ #57
Call Trace:
<TASK>
dump_stack_lvl+0x49/0x63
dump_stack+0x10/0x16
check_preemption_disabled+0xdd/0xe0
debug_smp_processor_id+0x17/0x20
powerclamp_set_cur_state+0x7f/0xf9 [intel_powerclamp]
...
...
Here CPU 0 is the control CPU by default and changed to the current CPU,
if CPU 0 offlined. This check has to be performed under cpus_read_lock(),
hence the above warning.
Use get_cpu() instead of smp_processor_id() to avoid this BUG.
[ rjw: Subject edits ]
Denial Of Service
Linux
Linux Kernel
Redhat
Suse
-
CVE-2022-50493
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved:
scsi: qla2xxx: Fix crash when I/O abort times out
While performing CPU hotplug, a crash with the following stack was seen:
Call Trace:
qla24xx_process_response_queue+0x42a/0x970 [qla2xxx]
qla2x00_start_nvme_mq+0x3a2/0x4b0 [qla2xxx]
qla_nvme_post_cmd+0x166/0x240 [qla2xxx]
nvme_fc_start_fcp_op.part.0+0x119/0x2e0 [nvme_fc]
blk_mq_dispatch_rq_list+0x17b/0x610
__blk_mq_sched_dispatch_requests+0xb0/0x140
blk_mq_sched_dispatch_requests+0x30/0x60
__blk_mq_run_hw_queue+0x35/0x90
__blk_mq_delay_run_hw_queue+0x161/0x180
blk_execute_rq+0xbe/0x160
__nvme_submit_sync_cmd+0x16f/0x220 [nvme_core]
nvmf_connect_admin_queue+0x11a/0x170 [nvme_fabrics]
nvme_fc_create_association.cold+0x50/0x3dc [nvme_fc]
nvme_fc_connect_ctrl_work+0x19/0x30 [nvme_fc]
process_one_work+0x1e8/0x3c0
On abort timeout, completion was called without checking if the I/O was
already completed.
Verify that I/O and abort request are indeed outstanding before attempting
completion.
Denial Of Service
Linux
Linux Kernel
Redhat
Suse
-
CVE-2022-50491
MEDIUM
CVSS 5.5
CVE-2022-50491 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.
Information Disclosure
Linux
Redhat
Suse
Linux Kernel
-
CVE-2022-50489
MEDIUM
CVSS 5.5
A remote code execution vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.
Information Disclosure
Linux
Redhat
Suse
Linux Kernel
-
CVE-2022-50486
MEDIUM
CVSS 5.5
CVE-2022-50486 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.
Information Disclosure
Linux
Redhat
Suse
Linux Kernel
-
CVE-2022-50485
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved: ext4: add EXT4_IGET_BAD flag to prevent unexpected bad inode There are many places that will get unhappy (and crash) when ext4_iget() returns a bad inode.
Denial Of Service
Linux
Redhat
Suse
Linux Kernel
-
CVE-2022-50484
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved:
ALSA: usb-audio: Fix potential memory leaks
When the driver hits -ENOMEM at allocating a URB or a buffer, it
aborts and goes to the error path that releases the all previously
allocated resources. However, when -ENOMEM hits at the middle of the
sync EP URB allocation loop, the partially allocated URBs might be
left without released, because ep->nurbs is still zero at that point.
Fix it by setting ep->nurbs at first, so that the error handler loops
over the full URB list.
Information Disclosure
Linux
Linux Kernel
Redhat
Suse
-
CVE-2022-50483
MEDIUM
CVSS 5.5
CVE-2022-50483 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.
Information Disclosure
Linux
Linux Kernel
Redhat
Suse
-
CVE-2022-50482
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved:
iommu/vt-d: Clean up si_domain in the init_dmars() error path
A splat from kmem_cache_destroy() was seen with a kernel prior to
commit ee2653bbe89d ("iommu/vt-d: Remove domain and devinfo mempool")
when there was a failure in init_dmars(), because the iommu_domain
cache still had objects. While the mempool code is now gone, there
still is a leak of the si_domain memory if init_dmars() fails. So
clean up si_domain in the init_dmars() error path.
Information Disclosure
Linux
Linux Kernel
Redhat
Suse
-
CVE-2022-50481
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved:
cxl: fix possible null-ptr-deref in cxl_guest_init_afu|adapter()
If device_register() fails in cxl_register_afu|adapter(), the device
is not added, device_unregister() can not be called in the error path,
otherwise it will cause a null-ptr-deref because of removing not added
device.
As comment of device_register() says, it should use put_device() to give
up the reference in the error path. So split device_unregister() into
device_del() and put_device(), then goes to put dev when register fails.
Denial Of Service
Null Pointer Dereference
Linux
Linux Kernel
Redhat
-
CVE-2022-50480
MEDIUM
CVSS 5.5
CVE-2022-50480 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.
Information Disclosure
Linux
Linux Kernel
Redhat
Suse
-
CVE-2022-50479
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved:
drm/amd: fix potential memory leak
This patch fix potential memory leak (clk_src) when function run
into last return NULL.
s/free/kfree/ - Alex
Information Disclosure
Linux
Linux Kernel
Redhat
Suse
-
CVE-2022-50477
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved:
rtc: class: Fix potential memleak in devm_rtc_allocate_device()
devm_rtc_allocate_device() will alloc a rtc_device first, and then run
dev_set_name(). If dev_set_name() failed, the rtc_device will memleak.
Move devm_add_action_or_reset() in front of dev_set_name() to prevent
memleak.
unreferenced object 0xffff888110a53000 (size 2048):
comm "python3", pid 470, jiffies 4296078308 (age 58.882s)
hex dump (first 32 bytes):
00 00 00 00 00 00 00 00 08 30 a5 10 81 88 ff ff .........0......
08 30 a5 10 81 88 ff ff 00 00 00 00 00 00 00 00 .0..............
backtrace:
[<000000004aac0364>] kmalloc_trace+0x21/0x110
[<000000000ff02202>] devm_rtc_allocate_device+0xd4/0x400
[<000000001bdf5639>] devm_rtc_device_register+0x1a/0x80
[<00000000351bf81c>] rx4581_probe+0xdd/0x110 [rtc_rx4581]
[<00000000f0eba0ae>] spi_probe+0xde/0x130
[<00000000bff89ee8>] really_probe+0x175/0x3f0
[<00000000128e8d84>] __driver_probe_device+0xe6/0x170
[<00000000ee5bf913>] device_driver_attach+0x32/0x80
[<00000000f3f28f92>] bind_store+0x10b/0x1a0
[<000000009ff812d8>] drv_attr_store+0x49/0x70
[<000000008139c323>] sysfs_kf_write+0x8d/0xb0
[<00000000b6146e01>] kernfs_fop_write_iter+0x214/0x2d0
[<00000000ecbe3895>] vfs_write+0x61a/0x7d0
[<00000000aa2196ea>] ksys_write+0xc8/0x190
[<0000000046a600f5>] do_syscall_64+0x37/0x90
[<00000000541a336f>] entry_SYSCALL_64_after_hwframe+0x63/0xcd
Information Disclosure
Linux
Linux Kernel
Redhat
Suse
-
CVE-2022-50476
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved:
ntb_netdev: Use dev_kfree_skb_any() in interrupt context
TX/RX callback handlers (ntb_netdev_tx_handler(),
ntb_netdev_rx_handler()) can be called in interrupt
context via the DMA framework when the respective
DMA operations have completed. As such, any calls
by these routines to free skb's, should use the
interrupt context safe dev_kfree_skb_any() function.
Previously, these callback handlers would call the
interrupt unsafe version of dev_kfree_skb(). This has
not presented an issue on Intel IOAT DMA engines as
that driver utilizes tasklets rather than a hard
interrupt handler, like the AMD PTDMA DMA driver.
On AMD systems, a kernel WARNING message is
encountered, which is being issued from
skb_release_head_state() due to in_hardirq()
being true.
Besides the user visible WARNING from the kernel,
the other symptom of this bug was that TCP/IP performance
across the ntb_netdev interface was very poor, i.e.
approximately an order of magnitude below what was
expected. With the repair to use dev_kfree_skb_any(),
kernel WARNINGs from skb_release_head_state() ceased
and TCP/IP performance, as measured by iperf, was on
par with expected results, approximately 20 Gb/s on
AMD Milan based server. Note that this performance
is comparable with Intel based servers.
Information Disclosure
Linux
Linux Kernel
Redhat
Suse
-
CVE-2022-50475
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved:
RDMA/core: Make sure "ib_port" is valid when access sysfs node
The "ib_port" structure must be set before adding the sysfs kobject,
and reset after removing it, otherwise it may crash when accessing
the sysfs node:
Unable to handle kernel NULL pointer dereference at virtual address 0000000000000050
Mem abort info:
ESR = 0x96000006
Exception class = DABT (current EL), IL = 32 bits
SET = 0, FnV = 0
EA = 0, S1PTW = 0
Data abort info:
ISV = 0, ISS = 0x00000006
CM = 0, WnR = 0
user pgtable: 4k pages, 48-bit VAs, pgdp = 00000000e85f5ba5
[0000000000000050] pgd=0000000848fd9003, pud=000000085b387003, pmd=0000000000000000
Internal error: Oops: 96000006 [#2] PREEMPT SMP
Modules linked in: ib_umad(O) mlx5_ib(O) nfnetlink_cttimeout(E) nfnetlink(E) act_gact(E) cls_flower(E) sch_ingress(E) openvswitch(E) nsh(E) nf_nat_ipv6(E) nf_nat_ipv4(E) nf_conncount(E) nf_nat(E) nf_conntrack(E) nf_defrag_ipv6(E) nf_defrag_ipv4(E) mst_pciconf(O) ipmi_devintf(E) ipmi_msghandler(E) ipmb_dev_int(OE) mlx5_core(O) mlxfw(O) mlxdevm(O) auxiliary(O) ib_uverbs(O) ib_core(O) mlx_compat(O) psample(E) sbsa_gwdt(E) uio_pdrv_genirq(E) uio(E) mlxbf_pmc(OE) mlxbf_gige(OE) mlxbf_tmfifo(OE) gpio_mlxbf2(OE) pwr_mlxbf(OE) mlx_trio(OE) i2c_mlxbf(OE) mlx_bootctl(OE) bluefield_edac(OE) knem(O) ip_tables(E) ipv6(E) crc_ccitt(E) [last unloaded: mst_pci]
Process grep (pid: 3372, stack limit = 0x0000000022055c92)
CPU: 5 PID: 3372 Comm: grep Tainted: G D OE 4.19.161-mlnx.47.gadcd9e3 #1
Hardware name: https://www.mellanox.com BlueField SoC/BlueField SoC, BIOS BlueField:3.9.2-15-ga2403ab Sep 8 2022
pstate: 40000005 (nZcv daif -PAN -UAO)
pc : hw_stat_port_show+0x4c/0x80 [ib_core]
lr : port_attr_show+0x40/0x58 [ib_core]
sp : ffff000029f43b50
x29: ffff000029f43b50 x28: 0000000019375000
x27: ffff8007b821a540 x26: ffff000029f43e30
x25: 0000000000008000 x24: ffff000000eaa958
x23: 0000000000001000 x22: ffff8007a4ce3000
x21: ffff8007baff8000 x20: ffff8007b9066ac0
x19: ffff8007bae97578 x18: 0000000000000000
x17: 0000000000000000 x16: 0000000000000000
x15: 0000000000000000 x14: 0000000000000000
x13: 0000000000000000 x12: 0000000000000000
x11: 0000000000000000 x10: 0000000000000000
x9 : 0000000000000000 x8 : ffff8007a4ce4000
x7 : 0000000000000000 x6 : 000000000000003f
x5 : ffff000000e6a280 x4 : ffff8007a4ce3000
x3 : 0000000000000000 x2 : aaaaaaaaaaaaaaab
x1 : ffff8007b9066a10 x0 : ffff8007baff8000
Call trace:
hw_stat_port_show+0x4c/0x80 [ib_core]
port_attr_show+0x40/0x58 [ib_core]
sysfs_kf_seq_show+0x8c/0x150
kernfs_seq_show+0x44/0x50
seq_read+0x1b4/0x45c
kernfs_fop_read+0x148/0x1d8
__vfs_read+0x58/0x180
vfs_read+0x94/0x154
ksys_read+0x68/0xd8
__arm64_sys_read+0x28/0x34
el0_svc_common+0x88/0x18c
el0_svc_handler+0x78/0x94
el0_svc+0x8/0xe8
Code: f2955562 aa1603e4 aa1503e0 f9405683 (f9402861)
Denial Of Service
Null Pointer Dereference
Linux
Linux Kernel
Redhat
-
CVE-2022-50474
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved:
macintosh: fix possible memory leak in macio_add_one_device()
Afer commit 1fa5ae857bb1 ("driver core: get rid of struct device's
bus_id string array"), the name of device is allocated dynamically. It
needs to be freed when of_device_register() fails. Call put_device() to
give up the reference that's taken in device_initialize(), so that it
can be freed in kobject_cleanup() when the refcount hits 0.
macio device is freed in macio_release_dev(), so the kfree() can be
removed.
Information Disclosure
Linux
Linux Kernel
Redhat
Suse
-
CVE-2022-50473
MEDIUM
CVSS 5.5
In the Linux kernel, the following vulnerability has been resolved:
cpufreq: Init completion before kobject_init_and_add()
In cpufreq_policy_alloc(), it will call uninitialed completion in
cpufreq_sysfs_release() when kobject_init_and_add() fails. And
that will cause a crash such as the following page fault in complete:
BUG: unable to handle page fault for address: fffffffffffffff8
[..]
RIP: 0010:complete+0x98/0x1f0
[..]
Call Trace:
kobject_put+0x1be/0x4c0
cpufreq_online.cold+0xee/0x1fd
cpufreq_add_dev+0x183/0x1e0
subsys_interface_register+0x3f5/0x4e0
cpufreq_register_driver+0x3b7/0x670
acpi_cpufreq_init+0x56c/0x1000 [acpi_cpufreq]
do_one_initcall+0x13d/0x780
do_init_module+0x1c3/0x630
load_module+0x6e67/0x73b0
__do_sys_finit_module+0x181/0x240
do_syscall_64+0x35/0x80
entry_SYSCALL_64_after_hwframe+0x63/0xcd
Denial Of Service
Linux
Linux Kernel
Redhat
Suse
-
CVE-2022-50472
MEDIUM
CVSS 5.5
CVE-2022-50472 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.
Information Disclosure
Redhat
Linux
Linux Kernel
Suse
-
CVE-2022-50471
MEDIUM
CVSS 5.5
CVE-2022-50471 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.
Information Disclosure
Linux
Linux Kernel
Redhat
Suse
-
CVE-2025-61895
None
Rejected reason: Not used. No vendor patch available.
Information Disclosure
-
CVE-2025-61894
None
Rejected reason: Not used. No vendor patch available.
Information Disclosure
-
CVE-2025-61893
None
Rejected reason: Not used. No vendor patch available.
Information Disclosure
-
CVE-2025-61892
None
Rejected reason: Not used. No vendor patch available.
Information Disclosure
-
CVE-2025-61891
None
Rejected reason: Not used. No vendor patch available.
Information Disclosure
-
CVE-2025-61890
None
Rejected reason: Not used. No vendor patch available.
Information Disclosure
-
CVE-2025-61889
None
Rejected reason: Not used. No vendor patch available.
Information Disclosure
-
CVE-2025-61888
None
Rejected reason: Not used. No vendor patch available.
Information Disclosure
-
CVE-2025-61887
None
Rejected reason: Not used. No vendor patch available.
Information Disclosure