Page 115 of 20861 results (0.016 seconds)

CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0

01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: prime: fix ttm_bo_delayed_delete oops Fix an oops in ttm_bo_delayed_delete which results from dererencing a dangling pointer: Oops: general protection fault, probably for non-canonical address 0x6b6b6b6b6b6b6b7b: 0000 [#1] PREEMPT SMP CPU: 4 UID: 0 PID: 1082 Comm: kworker/u65:2 Not tainted 6.14.0-rc4-00267-g505460b44513-dirty #216 Hardware name: LENOVO 82N6/LNVNB161216, BIOS GKCN65WW 01/16/2024 Workqueue: ttm ttm_bo_dela... • https://git.kernel.org/stable/c/22b33e8ed0e38b8ddcf082e35580f2e67a3a0262 •

CVSS: 5.6EPSS: 0%CPEs: 3EXPL: 0

01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/imagination: fix firmware memory leaks Free the memory used to hold the results of firmware image processing when the module is unloaded. ... :Jf.H. • https://git.kernel.org/stable/c/cc1aeedb98ad347c06ff59e991b2f94dfb4c565d •

CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0

01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/imagination: take paired job reference For paired jobs, have the fragment job take a reference on the geometry job, so that the geometry job cannot be freed until the fragment job has finished with it. ... Fixes a use after free bug detected by KASAN: [ 124.256386] BUG: KASAN: slab-use-after-free in pvr_queue_prepare_job+0x108/0x868 [powervr] [ 124.264893] Read of size 1 at addr ffff0000084cb960 by task kworker/u16:4/63 In the

CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0

01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/virtio: Fix missed dmabuf unpinning in error path of prepare_fb() Correct error handling in prepare_fb() to fix leaking resources when error happens. In the Linux kernel, the following vulnerability has been resolved: drm/virtio: Fix missed dmabuf unpinning in error path of prepare_fb() Correct error handling in prepare_fb() to fix leaking resources when error happens. • https://git.kernel.org/stable/c/4a696a2ee646ea6f24c28b3624175a7b35482c52 •

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0

01 May 2025 — /include/linux/log2.h:57:13 [ 39.202673] shift exponent 64 is too large for 64-bit type 'long unsigned int' [ 39.202688] CPU: 8 UID: 0 PID: 3129 Comm: xe_exec_system_ Tainted: G U 6.14.0+ #10 [ 39.202690] Tainted: [U]=USER [ 39.202690] Hardware name: ASUS System Product Name/PRIME B560M-A AC, BIOS 2001 02/01/2023 [ 39.202691] Call Trace: [ 39.202692] [ 39.202695] dump_stack_lvl+0x6e/0xa0 [ 39.202699] ubsan_epilogue+0x5/0x30 [ 39.202701] __ubsan_handle_shift_out_of_bounds.cold+0x61/0xe6 [ 39.20... • https://git.kernel.org/stable/c/332dd0116c82a75df175a459fa69dda3f23491a7 •

CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0

01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: mm/vma: add give_up_on_oom option on modify/merge, use in uffd release Currently, if a VMA merge fails due to an OOM condition arising on commit merge or a failure to duplicate anon_vma's, we report this so the caller can handle it. In the Linux kernel, the following vulnerability has been resolved: mm/vma: add give_up_on_oom option on modify/merge, use in uffd release Currently, if a VMA merge fails due to an OOM condition ar... • https://git.kernel.org/stable/c/79636d2981b066acd945117387a9533f56411f6f •

CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0

01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: ublk: fix handling recovery & reissue in ublk_abort_queue() Commit 8284066946e6 ("ublk: grab request reference when the request is handled by userspace") doesn't grab request reference in case of recovery reissue. In the Linux kernel, the following vulnerability has been resolved: ublk: fix handling recovery & reissue in ublk_abort_queue() Commit 8284066946e6 ("ublk: grab request reference when the request is handled by usersp... • https://git.kernel.org/stable/c/8284066946e6d9cc979566ce698fe24e7ca0b31e •

CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0

01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: ata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe() devm_ioremap() returns NULL on error. ... In the Linux kernel, the following vulnerability has been resolved: ata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe() devm_ioremap() returns NULL on error. ... Several security issues were discovered in the Linux kernel. • https://git.kernel.org/stable/c/2dc6c6f15da97cb3e810963c80e981f19d42cd7d •

CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0

01 May 2025 — In the Linux kernel, the following vulnerability has been resolved: tipc: fix memory leak in tipc_link_xmit In case the backlog transmit queue for system-importance messages is overloaded, tipc_link_xmit() returns -ENOBUFS but the skb list is not purged. In the Linux kernel, the following vulnerability has been resolved: tipc: fix memory leak in tipc_link_xmit In case the backlog transmit queue for system-importance messages is overloaded, tipc_link_xmit() returns -ENOBUFS but the skb list is ... • https://git.kernel.org/stable/c/365ad353c2564bba8835290061308ba825166b3a •

CVSS: 5.3EPSS: 0%CPEs: 8EXPL: 0

01 May 2025 — The immediate problem syzbot run into is the warning in the strp, but that's just the easiest bug to trigger: WARNING: CPU: 0 PID: 5834 at net/tls/tls_strp.c:486 tls_strp_msg_load+0x72e/0xa80 net/tls/tls_strp.c:486 RIP: 0010:tls_strp_msg_load+0x72e/0xa80 net/tls/tls_strp.c:486 Call Trace: tls_rx_rec_wait+0x280/0xa60 net/tls/tls_sw.c:1363 tls_sw_recvmsg+0x85c/0x1c30 net/tls/tls_sw.c:2043 inet6_recvmsg+0x2c9/0x730 net/ipv6/af_inet6.c:678 sock_recvmsg_nosec net/socket.c:1023 [inline] sock_recvmsg+0x109/... • https://git.kernel.org/stable/c/3c4d7559159bfe1e3b94df3a657b2cda3a34e218 •