8
CVE-2025-62775 -
Mercku M6a devices through 2.1.0 allow root TELNET logins via the web admin password.
5.5
CVE-2023-53725 - clocksource/drivers/cadence-ttc: Fix memory leak in ttc_timer_probe
In the Linux kernel, the following vulnerability has been resolved: clocksource/drivers/cadence-ttc: Fix memory leak in ttc_timer_probe Smatch reports: drivers/clocksource/timer-cadence-ttc.c:529 ttc_timer_probe() warn: 'timer_baseaddr' from of_iomap() not released on lines: 498,508,516. timer_bβ¦
5.5
CVE-2023-53723 - drm/amdgpu: disable sdma ecc irq only when sdma RAS is enabled in suspend
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: disable sdma ecc irq only when sdma RAS is enabled in suspend sdma_v4_0_ip is shared on a few asics, but in sdma_v4_0_hw_fini, driver unconditionally disables ecc_irq which is only enabled on those asics enabling sdmaβ¦
5.5
CVE-2023-53719 - serial: arc_uart: fix of_iomap leak in `arc_serial_probe`
In the Linux kernel, the following vulnerability has been resolved: serial: arc_uart: fix of_iomap leak in `arc_serial_probe` Smatch reports: drivers/tty/serial/arc_uart.c:631 arc_serial_probe() warn: 'port->membase' from of_iomap() not released on lines: 631. In arc_serial_probe(), if uart_addβ¦
7.0
CVE-2023-53729 - soc: qcom: qmi_encdec: Restrict string length in decode
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: qmi_encdec: Restrict string length in decode The QMI TLV value for strings in a lot of qmi element info structures account for null terminated strings with MAX_LEN + 1. If a string is actually MAX_LEN + 1 length, this β¦
7.0
CVE-2023-53703 - HID: amd_sfh: Fix for shift-out-of-bounds
In the Linux kernel, the following vulnerability has been resolved: HID: amd_sfh: Fix for shift-out-of-bounds Shift operation of 'exp' and 'shift' variables exceeds the maximum number of shift values in the u32 range leading to UBSAN shift-out-of-bounds. ... [ 6.120512] UBSAN: shift-out-of-boβ¦
5.5
CVE-2023-53700 - media: max9286: Fix memleak in max9286_v4l2_register()
In the Linux kernel, the following vulnerability has been resolved: media: max9286: Fix memleak in max9286_v4l2_register() There is a kmemleak when testing the media/i2c/max9286.c with bpf mock device: kmemleak: 5 new suspected memory leaks (see /sys/kernel/debug/kmemleak) unreferenced object 0β¦
3.1
CVE-2025-62772 -
On Mercku M6a devices through 2.1.0, session tokens remain valid for at least months in some cases.
7.5
CVE-2025-60336 -
A NULL pointer dereference in the sub_41773C function of TOTOLINK N600R v4.3.0cu.7866_B20220506 allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.
5.5
CVE-2022-50571 - btrfs: call __btrfs_remove_free_space_cache_locked on cache load failure
In the Linux kernel, the following vulnerability has been resolved: btrfs: call __btrfs_remove_free_space_cache_locked on cache load failure Now that lockdep is staying enabled through our entire CI runs I started seeing the following stack in generic/475 ------------[ cut here ]------------ WARβ¦