7.1
CVE-2024-57908 - iio: imu: kmx61: fix information leak in triggered buffer
In the Linux kernel, the following vulnerability has been resolved: iio: imu: kmx61: fix information leak in triggered buffer The 'buffer' local array is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it only uses iio_for_each_active_β¦
7.1
CVE-2024-57907 - iio: adc: rockchip_saradc: fix information leak in triggered buffer
In the Linux kernel, the following vulnerability has been resolved: iio: adc: rockchip_saradc: fix information leak in triggered buffer The 'data' local struct is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it only uses iio_for_eacβ¦
7.1
CVE-2024-57906 - iio: adc: ti-ads8688: fix information leak in triggered buffer
In the Linux kernel, the following vulnerability has been resolved: iio: adc: ti-ads8688: fix information leak in triggered buffer The 'buffer' local array is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it only uses iio_for_each_acβ¦
7.1
CVE-2024-57905 - iio: adc: ti-ads1119: fix information leak in triggered buffer
In the Linux kernel, the following vulnerability has been resolved: iio: adc: ti-ads1119: fix information leak in triggered buffer The 'scan' local struct is used to push data to user space from a triggered buffer, but it has a hole between the sample (unsigned int) and the timestamp. This hole iβ¦
7.1
CVE-2024-57928 - netfs: Fix enomem handling in buffered reads
In the Linux kernel, the following vulnerability has been resolved: netfs: Fix enomem handling in buffered reads If netfs_read_to_pagecache() gets an error from either ->prepare_read() or from netfs_prepare_read_iterator(), it needs to decrement ->nr_outstanding, cancel the subrequest and break oβ¦
7.8
CVE-2024-57926 - drm/mediatek: Set private->all_drm_private[i]->drm to NULL if mtk_drm_bind returns err
In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Set private->all_drm_private[i]->drm to NULL if mtk_drm_bind returns err The pointer need to be set to NULL, otherwise KASAN complains about use-after-free. Because in mtk_drm_bind, all private's drm are set as follβ¦
5.5
CVE-2025-21653 - net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute
In the Linux kernel, the following vulnerability has been resolved: net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute syzbot found that TCA_FLOW_RSHIFT attribute was not validated. Right shitfing a 32bit integer is undefined for large shift values. UBSAN: shift-out-of-bounds in net/sched/cβ¦
5.3
CVE-2025-0561 - itsourcecode Farm Management System add-pig.php sql injection
A vulnerability has been found in itsourcecode Farm Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /add-pig.php. The manipulation of the argument pigno leads to sql injection. The attack can be initiated remotely. The exploit has been disclosedβ¦
7.5
CVE-2024-45662 - IBM Safer Payments denial of service
IBM Safer PaymentsΒ 6.4.0.00 through 6.4.2.07, 6.5.0.00 through 6.5.0.05, and 6.6.0.00 through 6.6.0.03 could allow a remote attacker to cause a denial of service due to improper allocation of resources.
5.3
CVE-2024-47106 - IBM Jazz for Service Management information disclosure
IBM Jazz for Service Management 1.1.3 through 1.1.3.22 could allow a remote attacker to obtain sensitive information from improper access restrictions that could aid in further attacks against the system.