Redhat
Monthly
In the Linux kernel, the following vulnerability has been resolved: iommufd: Prevent ALIGN() overflow When allocating IOVA the candidate range gets aligned to the target alignment. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: comedi: fix race between polling and detaching syzbot reports a use-after-free in comedi in the below link, which is due to comedi. Rated medium severity (CVSS 4.7).
In the Linux kernel, the following vulnerability has been resolved: userfaultfd: fix a crash in UFFDIO_MOVE when PMD is a migration entry When UFFDIO_MOVE encounters a migration PMD entry, it. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: fbdev: Fix vmalloc out-of-bounds write in fast_imageblit This issue triggers when a userspace program does an ioctl. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: use old 'nbands' while purging unused classes Shuang reported sch_ets test-case [1] crashing in. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
In the Linux kernel, the following vulnerability has been resolved: hv_netvsc: Fix panic during namespace deletion with VF The existing code move the VF NIC to new namespace when NETDEV_REGISTER is. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
In the Linux kernel, the following vulnerability has been resolved: i2c: core: Fix double-free of fwnode in i2c_unregister_device() Before commit df6d7277e552 ("i2c: core: Do not dereference fwnode. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd() Memory hot remove unmaps and tears down various kernel page table. Rated medium severity (CVSS 4.7).
In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format() The buffer length check before calling uvc_parse_format() only. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: media: venus: Fix OOB read due to missing payload bound check Currently, The event_seq_changed() handler processes a variable. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.
The langchain-ai/langchain project, specifically the EverNoteLoader component, is vulnerable to XML External Entity (XXE) attacks due to insecure XML parsing. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
An issue was discovered in Django 4.2 before 4.2.24, 5.1 before 5.1.12, and 5.2 before 5.2.6. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.
Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Adacore Ada Web Server (AWS) before 25.2 is vulnerable to a denial-of-service (DoS) condition due to improper handling of SSL handshakes during connection initialization. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
cJSON 1.5.0 through 1.7.18 allows out-of-bounds access via the decode_array_index_from_pointer function in cJSON_Utils.c, allowing remote attackers to bypass array bounds checking and access. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A flaw was found in libsoup’s caching mechanism, SoupCache, where the HTTP Vary header is ignored when evaluating cached responses. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: reject duplicate device on updates A chain/flowtable update with duplicated devices in the same batch is. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
SSH dissector crash in Wireshark 4.4.0 to 4.4.8 allows denial of service. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Undertow, a Java web server used across Red Hat's JBoss Enterprise Application Platform, Fuse, and other middleware products, contains a vulnerability that allows attackers to trigger server-side HTTP/2 stream resets without incrementing abuse counters. This 'MadeYouReset' attack enables remote unauthenticated attackers to cause denial of service by repeatedly forcing the server to abort streams and perform unnecessary cleanup work. With an EPSS score of 1.17% (78th percentile), exploitation probability is moderate but rising, and patches have been released across multiple Red Hat product lines as of early 2025.
A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of openSUSE Tumbleweed traefik2 allows the traefik user to escalate to root.11.29. Rated high severity (CVSS 8.5), this vulnerability is low attack complexity. No vendor patch available.
TOCTOU in linenoiseHistorySave in linenoise allows local attackers to overwrite arbitrary files and change permissions via a symlink race between fopen("w") on the history path and subsequent chmod(). Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
XML Injection vulnerability in xmltodict allows Input Data Manipulation.14.2 before 0.15.1. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid out-of-boundary access in dnode page As Jiaming Zhang reported: <TASK> __dump_stack lib/dump_stack.c:94 [inline]. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.
Eventlet is a concurrent networking library for Python. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This HTTP Request/Response Smuggling vulnerability could allow attackers to manipulate HTTP request interpretation between frontend and backend servers.
Next.js is a React framework for building full-stack web applications. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity.
Next.js is a React framework for building full-stack web applications. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
xz is a pure golang package for reading and writing xz-compressed files. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A malicious user may submit a specially-crafted complex payload that otherwise meets the default request size limit which results in excessive memory and CPU consumption of Vault. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Incorrect authorization in Kibana can lead to privilege escalation via the built-in reporting_user role which incorrectly has the ability to access all Kibana Spaces. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.
A flaw was found in the Udisks daemon, where it allows unprivileged users to create loop devices using the D-BUS system. Rated high severity (CVSS 8.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: tls: separate no-async decryption request handling from async If we're not doing async, the handling is much simpler. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
If a DHCPv4 client sends a request with some specific options, and Kea fails to find an appropriate subnet for the client, the `kea-dhcp4` process will abort with an assertion failure. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The PCRE2 library is a set of C functions that implement regular expression pattern matching. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
A vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node object by patching themselves with an OwnerReference to. Rated medium severity (CVSS 6.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
ImageMagick is free and open-source software used for editing and manipulating digital images. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. Public exploit code available.
ImageMagick is free and open-source software used for editing and manipulating digital images. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. Public exploit code available.
jsPDF is a library to generate PDFs in JavaScript. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Avoid stack buffer overflow from kernel cmdline While the kernel command line is considered trusted in most. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.
XGrammar is an open-source library for efficient, flexible, and portable structured generation. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
h2 is a pure-Python implementation of a HTTP/2 protocol stack. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A denial of service vulnerability exists in the JSONReader component of the run-llama/llama_index repository, specifically in version v0.12.37. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Privilege Defined With Unsafe Actions vulnerability in Apache Cassandra. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A vulnerability was determined in jqlang jq up to 1.6. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
A security flaw has been discovered in vim up to 9.1.1615. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available.
A vulnerability was identified in vim 9.1.0000. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
Improper Output Neutralization for Logs vulnerability in Apache Log4cxx. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: xfrm: state: initialize state_ptrs earlier in xfrm_state_find In case of preemption, xfrm_state_look_at will find a different. Rated medium severity (CVSS 4.7).
In the Linux kernel, the following vulnerability has been resolved: Revert "drm/prime: Use dma_buf from GEM object instance" This reverts commit f83a9b8c7fd0557b0c50784bfdc1bbe9140c9bf8. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
In the Linux kernel, the following vulnerability has been resolved: Revert "drm/gem-framebuffer: Use dma_buf from GEM object instance" This reverts commit cce16fcd7446dcff7480cd9d2b6417075ed81065. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
In the Linux kernel, the following vulnerability has been resolved: Revert "drm/gem-dma: Use dma_buf from GEM object instance" This reverts commit e8afa1557f4f963c9a511bd2c6074a941c308685. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
In the Linux kernel, the following vulnerability has been resolved: i2c: qup: jump out of the loop in case of timeout Original logic only sets the return value but doesn't jump out of the loop if the. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: arm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack() `cpu_switch_to()` and `call_on_irq_stack()` manipulate SP to change. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Exposure of Resource to Wrong Sphere vulnerability could allow attackers to access resources from an unintended security context.
In the Linux kernel, the following vulnerability has been resolved: Revert "drm/gem-shmem: Use dma_buf from GEM object instance" This reverts commit 1a148af06000e545e714fe3210af3d77ff903c11. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
In the Linux kernel, the following vulnerability has been resolved: regulator: core: fix NULL dereference on unbind due to stale coupling data Failing to reset coupling_desc.n_coupled after freeing. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
In the Linux kernel, the following vulnerability has been resolved: iio: fix potential out-of-bound write The buffer is set to 20 characters. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.
In the Linux kernel, the following vulnerability has been resolved: net: appletalk: Fix use-after-free in AARP proxy probe The AARP proxy‐probe routine (aarp_proxy_probe_network) sends a probe,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
In the Linux kernel, the following vulnerability has been resolved: can: netlink: can_changelink(): fix NULL pointer deref of struct can_priv::do_set_mode Andrei Lalaev reported a NULL pointer deref. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
In the Linux kernel, the following vulnerability has been resolved: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() Add check for the return value of devm_kmemdup() to prevent. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: nilfs2: reject invalid file types when reading inodes To prevent inodes with invalid file types from tripping through the vfs and. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8365-dai-i2s: pass correct size to mt8365_dai_set_priv Given mt8365_dai_set_priv allocate priv_size space to copy. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.
In the Linux kernel, the following vulnerability has been resolved: platform/x86: alienware-wmi-wmax: Fix `dmi_system_id` array Add missing empty member to `awcc_dmi_table`. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: [ceph] parse_longname(): strrchr() expects NUL-terminated string ... Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
Linux kernel GFS2 filesystem can be forced into denial of service through a NULL pointer dereference when a node withdraws from a cluster filesystem and is the only node with the filesystem mounted. The vulnerability affects all Linux kernel versions with GFS2 support (CPE: cpe:2.3:o:linux:linux_kernel) and requires local access with unprivileged user privileges to trigger. An authenticated local attacker can crash the kernel by inducing specific GFS2 recovery conditions, causing system unavailability. No public exploit code has been identified, with an EPSS score of 0.02% indicating very low real-world exploitation likelihood despite the moderate CVSS 5.5 rating.
In the Linux kernel, the following vulnerability has been resolved: nvmet: pci-epf: Do not complete commands twice if nvmet_req_init() fails Have nvmet_req_init() and req->execute() complete failed. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: mcc: prevent shift wrapping in rtw89_core_mlsr_switch() The "link_id" value comes from the user via debugfs. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start() Preserve the error code if iwl_setup_deferred_work() fails. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
In the Linux kernel, the following vulnerability has been resolved: pinctrl: canaan: k230: add NULL check in DT parse Add a NULL check for the return value of of_get_property() when retrieving the. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
In the Linux kernel, the following vulnerability has been resolved: pinctrl: canaan: k230: Fix order of DT parse and pinctrl register Move DT parse before pinctrl register. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al Check pde->proc_ops->proc_lseek directly may. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid out-of-boundary access in devs.path - touch /mnt/f2fs/012345678901234567890123456789012345678901234567890123 -. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.
In the Linux kernel, the following vulnerability has been resolved: landlock: Fix warning from KUnit tests get_id_range() expects a positive value as first argument but get_random_u8() can return 0. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: hfsplus: remove mutex_lock check in hfsplus_free_extents Syzbot reported an issue in hfsplus filesystem: ------------[ cut here. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: qcs615: fix a crash issue caused by infinite loop for Coresight An infinite loop has been created by the. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: spi: stm32: Check for cfg availability in stm32_spi_probe The stm32_spi_probe function now includes a check to ensure that the. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: sar: drop lockdep assertion in rtw89_set_sar_from_acpi The following assertion is triggered on the rtw89 driver. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: avoid NULL dereference when RX problematic packet on unsupported 6 GHz band With a quite rare chance, RX report might. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Check device memory pointer before usage Add a NULL check before accessing device memory to prevent a crash if dev->dm. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: reject TDLS operations when station is not associated syzbot triggered a WARN in ieee80211_tdls_oper() by sending. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.
A missing lock protection in the Linux kernel's cfg80211 wireless configuration subsystem causes a race condition when the cfg80211_propagate_cac_done_wk worker function attempts to access wireless device channel definitions without holding the required wiphy mutex. This allows a local attacker with limited privileges to trigger a kernel warning and cause a denial of service condition. The vulnerability affects Linux kernel versions from 5.5 onwards across multiple stable releases, with patches available from the vendor and deployed via Ubuntu security advisories USN-8095-2, USN-8095-3, and USN-8100-1. The EPSS score of 0.02% indicates very low actual exploitation probability despite the moderate CVSS score.
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix WARN_ON for monitor mode on some devices On devices without WANT_MONITOR_VIF (and probably without channel. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: Fix potential NULL dereference on kmalloc failure Avoid potential NULL pointer dereference by checking the return. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: bpf: Disable migration in nf_hook_run_bpf(). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: netfilter: xt_nfacct: don't assume acct name is null-terminated BUG: KASAN: slab-out-of-bounds in .. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: ipv6: add a retry logic in net6_rt_notify() inet6_rt_notify() can be called under RCU protection only. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: rv: Use strings in da monitors tracepoints Using DA monitors tracepoints with KASAN enabled triggers the following warning: BUG:. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.
In the Linux kernel, the following vulnerability has been resolved: clk: davinci: Add NULL check in davinci_lpsc_clk_register() devm_kasprintf() returns NULL when memory allocation fails. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
In the Linux kernel, the following vulnerability has been resolved: power: supply: cpcap-charger: Fix null check for power_supply_get_by_name In the cpcap_usb_detect() function, the. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
In the Linux kernel, the following vulnerability has been resolved: clk: spacemit: mark K1 pll1_d8 as critical The pll1_d8 clock is enabled by the boot loader, and is ultimately a parent for numerous. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: iommufd: Prevent ALIGN() overflow When allocating IOVA the candidate range gets aligned to the target alignment. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: comedi: fix race between polling and detaching syzbot reports a use-after-free in comedi in the below link, which is due to comedi. Rated medium severity (CVSS 4.7).
In the Linux kernel, the following vulnerability has been resolved: userfaultfd: fix a crash in UFFDIO_MOVE when PMD is a migration entry When UFFDIO_MOVE encounters a migration PMD entry, it. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: fbdev: Fix vmalloc out-of-bounds write in fast_imageblit This issue triggers when a userspace program does an ioctl. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: use old 'nbands' while purging unused classes Shuang reported sch_ets test-case [1] crashing in. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
In the Linux kernel, the following vulnerability has been resolved: hv_netvsc: Fix panic during namespace deletion with VF The existing code move the VF NIC to new namespace when NETDEV_REGISTER is. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
In the Linux kernel, the following vulnerability has been resolved: i2c: core: Fix double-free of fwnode in i2c_unregister_device() Before commit df6d7277e552 ("i2c: core: Do not dereference fwnode. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd() Memory hot remove unmaps and tears down various kernel page table. Rated medium severity (CVSS 4.7).
In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format() The buffer length check before calling uvc_parse_format() only. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: media: venus: Fix OOB read due to missing payload bound check Currently, The event_seq_changed() handler processes a variable. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.
The langchain-ai/langchain project, specifically the EverNoteLoader component, is vulnerable to XML External Entity (XXE) attacks due to insecure XML parsing. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
An issue was discovered in Django 4.2 before 4.2.24, 5.1 before 5.1.12, and 5.2 before 5.2.6. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.
Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Adacore Ada Web Server (AWS) before 25.2 is vulnerable to a denial-of-service (DoS) condition due to improper handling of SSL handshakes during connection initialization. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
cJSON 1.5.0 through 1.7.18 allows out-of-bounds access via the decode_array_index_from_pointer function in cJSON_Utils.c, allowing remote attackers to bypass array bounds checking and access. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A flaw was found in libsoup’s caching mechanism, SoupCache, where the HTTP Vary header is ignored when evaluating cached responses. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: reject duplicate device on updates A chain/flowtable update with duplicated devices in the same batch is. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
SSH dissector crash in Wireshark 4.4.0 to 4.4.8 allows denial of service. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Undertow, a Java web server used across Red Hat's JBoss Enterprise Application Platform, Fuse, and other middleware products, contains a vulnerability that allows attackers to trigger server-side HTTP/2 stream resets without incrementing abuse counters. This 'MadeYouReset' attack enables remote unauthenticated attackers to cause denial of service by repeatedly forcing the server to abort streams and perform unnecessary cleanup work. With an EPSS score of 1.17% (78th percentile), exploitation probability is moderate but rising, and patches have been released across multiple Red Hat product lines as of early 2025.
A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of openSUSE Tumbleweed traefik2 allows the traefik user to escalate to root.11.29. Rated high severity (CVSS 8.5), this vulnerability is low attack complexity. No vendor patch available.
TOCTOU in linenoiseHistorySave in linenoise allows local attackers to overwrite arbitrary files and change permissions via a symlink race between fopen("w") on the history path and subsequent chmod(). Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
XML Injection vulnerability in xmltodict allows Input Data Manipulation.14.2 before 0.15.1. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid out-of-boundary access in dnode page As Jiaming Zhang reported: <TASK> __dump_stack lib/dump_stack.c:94 [inline]. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.
Eventlet is a concurrent networking library for Python. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This HTTP Request/Response Smuggling vulnerability could allow attackers to manipulate HTTP request interpretation between frontend and backend servers.
Next.js is a React framework for building full-stack web applications. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity.
Next.js is a React framework for building full-stack web applications. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
xz is a pure golang package for reading and writing xz-compressed files. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A malicious user may submit a specially-crafted complex payload that otherwise meets the default request size limit which results in excessive memory and CPU consumption of Vault. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Incorrect authorization in Kibana can lead to privilege escalation via the built-in reporting_user role which incorrectly has the ability to access all Kibana Spaces. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.
A flaw was found in the Udisks daemon, where it allows unprivileged users to create loop devices using the D-BUS system. Rated high severity (CVSS 8.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: tls: separate no-async decryption request handling from async If we're not doing async, the handling is much simpler. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
If a DHCPv4 client sends a request with some specific options, and Kea fails to find an appropriate subnet for the client, the `kea-dhcp4` process will abort with an assertion failure. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The PCRE2 library is a set of C functions that implement regular expression pattern matching. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
A vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node object by patching themselves with an OwnerReference to. Rated medium severity (CVSS 6.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
ImageMagick is free and open-source software used for editing and manipulating digital images. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. Public exploit code available.
ImageMagick is free and open-source software used for editing and manipulating digital images. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. Public exploit code available.
jsPDF is a library to generate PDFs in JavaScript. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Avoid stack buffer overflow from kernel cmdline While the kernel command line is considered trusted in most. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.
XGrammar is an open-source library for efficient, flexible, and portable structured generation. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
h2 is a pure-Python implementation of a HTTP/2 protocol stack. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A denial of service vulnerability exists in the JSONReader component of the run-llama/llama_index repository, specifically in version v0.12.37. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Privilege Defined With Unsafe Actions vulnerability in Apache Cassandra. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A vulnerability was determined in jqlang jq up to 1.6. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
A security flaw has been discovered in vim up to 9.1.1615. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available.
A vulnerability was identified in vim 9.1.0000. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
Improper Output Neutralization for Logs vulnerability in Apache Log4cxx. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: xfrm: state: initialize state_ptrs earlier in xfrm_state_find In case of preemption, xfrm_state_look_at will find a different. Rated medium severity (CVSS 4.7).
In the Linux kernel, the following vulnerability has been resolved: Revert "drm/prime: Use dma_buf from GEM object instance" This reverts commit f83a9b8c7fd0557b0c50784bfdc1bbe9140c9bf8. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
In the Linux kernel, the following vulnerability has been resolved: Revert "drm/gem-framebuffer: Use dma_buf from GEM object instance" This reverts commit cce16fcd7446dcff7480cd9d2b6417075ed81065. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
In the Linux kernel, the following vulnerability has been resolved: Revert "drm/gem-dma: Use dma_buf from GEM object instance" This reverts commit e8afa1557f4f963c9a511bd2c6074a941c308685. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
In the Linux kernel, the following vulnerability has been resolved: i2c: qup: jump out of the loop in case of timeout Original logic only sets the return value but doesn't jump out of the loop if the. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: arm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack() `cpu_switch_to()` and `call_on_irq_stack()` manipulate SP to change. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Exposure of Resource to Wrong Sphere vulnerability could allow attackers to access resources from an unintended security context.
In the Linux kernel, the following vulnerability has been resolved: Revert "drm/gem-shmem: Use dma_buf from GEM object instance" This reverts commit 1a148af06000e545e714fe3210af3d77ff903c11. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
In the Linux kernel, the following vulnerability has been resolved: regulator: core: fix NULL dereference on unbind due to stale coupling data Failing to reset coupling_desc.n_coupled after freeing. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
In the Linux kernel, the following vulnerability has been resolved: iio: fix potential out-of-bound write The buffer is set to 20 characters. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.
In the Linux kernel, the following vulnerability has been resolved: net: appletalk: Fix use-after-free in AARP proxy probe The AARP proxy‐probe routine (aarp_proxy_probe_network) sends a probe,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
In the Linux kernel, the following vulnerability has been resolved: can: netlink: can_changelink(): fix NULL pointer deref of struct can_priv::do_set_mode Andrei Lalaev reported a NULL pointer deref. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
In the Linux kernel, the following vulnerability has been resolved: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() Add check for the return value of devm_kmemdup() to prevent. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: nilfs2: reject invalid file types when reading inodes To prevent inodes with invalid file types from tripping through the vfs and. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8365-dai-i2s: pass correct size to mt8365_dai_set_priv Given mt8365_dai_set_priv allocate priv_size space to copy. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.
In the Linux kernel, the following vulnerability has been resolved: platform/x86: alienware-wmi-wmax: Fix `dmi_system_id` array Add missing empty member to `awcc_dmi_table`. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: [ceph] parse_longname(): strrchr() expects NUL-terminated string ... Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
Linux kernel GFS2 filesystem can be forced into denial of service through a NULL pointer dereference when a node withdraws from a cluster filesystem and is the only node with the filesystem mounted. The vulnerability affects all Linux kernel versions with GFS2 support (CPE: cpe:2.3:o:linux:linux_kernel) and requires local access with unprivileged user privileges to trigger. An authenticated local attacker can crash the kernel by inducing specific GFS2 recovery conditions, causing system unavailability. No public exploit code has been identified, with an EPSS score of 0.02% indicating very low real-world exploitation likelihood despite the moderate CVSS 5.5 rating.
In the Linux kernel, the following vulnerability has been resolved: nvmet: pci-epf: Do not complete commands twice if nvmet_req_init() fails Have nvmet_req_init() and req->execute() complete failed. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: mcc: prevent shift wrapping in rtw89_core_mlsr_switch() The "link_id" value comes from the user via debugfs. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start() Preserve the error code if iwl_setup_deferred_work() fails. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
In the Linux kernel, the following vulnerability has been resolved: pinctrl: canaan: k230: add NULL check in DT parse Add a NULL check for the return value of of_get_property() when retrieving the. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
In the Linux kernel, the following vulnerability has been resolved: pinctrl: canaan: k230: Fix order of DT parse and pinctrl register Move DT parse before pinctrl register. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al Check pde->proc_ops->proc_lseek directly may. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid out-of-boundary access in devs.path - touch /mnt/f2fs/012345678901234567890123456789012345678901234567890123 -. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.
In the Linux kernel, the following vulnerability has been resolved: landlock: Fix warning from KUnit tests get_id_range() expects a positive value as first argument but get_random_u8() can return 0. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: hfsplus: remove mutex_lock check in hfsplus_free_extents Syzbot reported an issue in hfsplus filesystem: ------------[ cut here. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: qcs615: fix a crash issue caused by infinite loop for Coresight An infinite loop has been created by the. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: spi: stm32: Check for cfg availability in stm32_spi_probe The stm32_spi_probe function now includes a check to ensure that the. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: sar: drop lockdep assertion in rtw89_set_sar_from_acpi The following assertion is triggered on the rtw89 driver. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: avoid NULL dereference when RX problematic packet on unsupported 6 GHz band With a quite rare chance, RX report might. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Check device memory pointer before usage Add a NULL check before accessing device memory to prevent a crash if dev->dm. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: reject TDLS operations when station is not associated syzbot triggered a WARN in ieee80211_tdls_oper() by sending. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.
A missing lock protection in the Linux kernel's cfg80211 wireless configuration subsystem causes a race condition when the cfg80211_propagate_cac_done_wk worker function attempts to access wireless device channel definitions without holding the required wiphy mutex. This allows a local attacker with limited privileges to trigger a kernel warning and cause a denial of service condition. The vulnerability affects Linux kernel versions from 5.5 onwards across multiple stable releases, with patches available from the vendor and deployed via Ubuntu security advisories USN-8095-2, USN-8095-3, and USN-8100-1. The EPSS score of 0.02% indicates very low actual exploitation probability despite the moderate CVSS score.
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix WARN_ON for monitor mode on some devices On devices without WANT_MONITOR_VIF (and probably without channel. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: Fix potential NULL dereference on kmalloc failure Avoid potential NULL pointer dereference by checking the return. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: bpf: Disable migration in nf_hook_run_bpf(). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: netfilter: xt_nfacct: don't assume acct name is null-terminated BUG: KASAN: slab-out-of-bounds in .. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: ipv6: add a retry logic in net6_rt_notify() inet6_rt_notify() can be called under RCU protection only. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: rv: Use strings in da monitors tracepoints Using DA monitors tracepoints with KASAN enabled triggers the following warning: BUG:. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.
In the Linux kernel, the following vulnerability has been resolved: clk: davinci: Add NULL check in davinci_lpsc_clk_register() devm_kasprintf() returns NULL when memory allocation fails. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
In the Linux kernel, the following vulnerability has been resolved: power: supply: cpcap-charger: Fix null check for power_supply_get_by_name In the cpcap_usb_detect() function, the. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
In the Linux kernel, the following vulnerability has been resolved: clk: spacemit: mark K1 pll1_d8 as critical The pll1_d8 clock is enabled by the boot loader, and is ultimately a parent for numerous. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.