Vulnerabilities

With the aim of informing, warning and helping professionals with the latest security vulnerabilities in technology systems, we have made a database available for users interested in this information, which is in Spanish and includes all of the latest documented and recognised vulnerabilities.

This repository, with over 75,000 registers, is based on the information from the NVD (National Vulnerability Database) – by virtue of a partnership agreement – through which INCIBE translates the included information into Spanish.

On occasions this list will show vulnerabilities that have still not been translated, as they are added while the INCIBE team is still carrying out the translation process. The CVE  (Common Vulnerabilities and Exposures) Standard for Information Security Vulnerability Names is used with the aim to support the exchange of information between different tools and databases.

All vulnerabilities collected are linked to different information sources, as well as available patches or solutions provided by manufacturers and developers. It is possible to carry out advanced searches, as there is the option to select different criteria to narrow down the results, some examples being vulnerability types, manufacturers and impact levels, among others.

Through RSS feeds or Newsletters we can be informed daily about the latest vulnerabilities added to the repository. Below there is a list, updated daily, where you can discover the latest vulnerabilities.

CVE-2024-35850

Publication date:
17/05/2024
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> Bluetooth: qca: fix NULL-deref on non-serdev setup<br /> <br /> Qualcomm ROME controllers can be registered from the Bluetooth line<br /> discipline and in this case the HCI UART serdev pointer is NULL.<br /> <br /> Add the missing sanity check to prevent a NULL-pointer dereference when<br /> setup() is called for a non-serdev controller.
Severity CVSS v4.0: Pending analysis
Last modification:
30/12/2024

CVE-2024-35851

Publication date:
17/05/2024
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> Bluetooth: qca: fix NULL-deref on non-serdev suspend<br /> <br /> Qualcomm ROME controllers can be registered from the Bluetooth line<br /> discipline and in this case the HCI UART serdev pointer is NULL.<br /> <br /> Add the missing sanity check to prevent a NULL-pointer dereference when<br /> wakeup() is called for a non-serdev controller during suspend.<br /> <br /> Just return true for now to restore the original behaviour and address<br /> the crash with pre-6.2 kernels, which do not have commit e9b3e5b8c657<br /> ("Bluetooth: hci_qca: only assign wakeup with serial port support") that<br /> causes the crash to happen already at setup() time.
Severity CVSS v4.0: Pending analysis
Last modification:
30/12/2024

CVE-2024-35845

Publication date:
17/05/2024
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> wifi: iwlwifi: dbg-tlv: ensure NUL termination<br /> <br /> The iwl_fw_ini_debug_info_tlv is used as a string, so we must<br /> ensure the string is terminated correctly before using it.
Severity CVSS v4.0: Pending analysis
Last modification:
07/04/2025

CVE-2024-35843

Publication date:
17/05/2024
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> iommu/vt-d: Use device rbtree in iopf reporting path<br /> <br /> The existing I/O page fault handler currently locates the PCI device by<br /> calling pci_get_domain_bus_and_slot(). This function searches the list<br /> of all PCI devices until the desired device is found. To improve lookup<br /> efficiency, replace it with device_rbtree_find() to search the device<br /> within the probed device rbtree.<br /> <br /> The I/O page fault is initiated by the device, which does not have any<br /> synchronization mechanism with the software to ensure that the device<br /> stays in the probed device tree. Theoretically, a device could be released<br /> by the IOMMU subsystem after device_rbtree_find() and before<br /> iopf_get_dev_fault_param(), which would cause a use-after-free problem.<br /> <br /> Add a mutex to synchronize the I/O page fault reporting path and the IOMMU<br /> release device path. This lock doesn&amp;#39;t introduce any performance overhead,<br /> as the conflict between I/O page fault reporting and device releasing is<br /> very rare.
Severity CVSS v4.0: Pending analysis
Last modification:
07/04/2025

CVE-2023-52690

Publication date:
17/05/2024
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> powerpc/powernv: Add a null pointer check to scom_debug_init_one()<br /> <br /> kasprintf() returns a pointer to dynamically allocated memory<br /> which can be NULL upon failure.<br /> Add a null pointer check, and release &amp;#39;ent&amp;#39; to avoid memory leaks.
Severity CVSS v4.0: Pending analysis
Last modification:
04/11/2024

CVE-2023-52693

Publication date:
17/05/2024
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> ACPI: video: check for error while searching for backlight device parent<br /> <br /> If acpi_get_parent() called in acpi_video_dev_register_backlight()<br /> fails, for example, because acpi_ut_acquire_mutex() fails inside<br /> acpi_get_parent), this can lead to incorrect (uninitialized)<br /> acpi_parent handle being passed to acpi_get_pci_dev() for detecting<br /> the parent pci device.<br /> <br /> Check acpi_get_parent() result and set parent device only in case of success.<br /> <br /> Found by Linux Verification Center (linuxtesting.org) with SVACE.
Severity CVSS v4.0: Pending analysis
Last modification:
04/11/2024

CVE-2023-52694

Publication date:
17/05/2024
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> drm/bridge: tpd12s015: Drop buggy __exit annotation for remove function<br /> <br /> With tpd12s015_remove() marked with __exit this function is discarded<br /> when the driver is compiled as a built-in. The result is that when the<br /> driver unbinds there is no cleanup done which results in resource<br /> leakage or worse.
Severity CVSS v4.0: Pending analysis
Last modification:
04/11/2024

CVE-2023-52692

Publication date:
17/05/2024
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> ALSA: scarlett2: Add missing error check to scarlett2_usb_set_config()<br /> <br /> scarlett2_usb_set_config() calls scarlett2_usb_get() but was not<br /> checking the result. Return the error if it fails rather than<br /> continuing with an invalid value.
Severity CVSS v4.0: Pending analysis
Last modification:
17/05/2024

CVE-2023-52695

Publication date:
17/05/2024
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> drm/amd/display: Check writeback connectors in create_validate_stream_for_sink<br /> <br /> [WHY &amp; HOW]<br /> This is to check connector type to avoid<br /> unhandled null pointer for writeback connectors.
Severity CVSS v4.0: Pending analysis
Last modification:
17/05/2024

CVE-2023-52697

Publication date:
17/05/2024
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> ASoC: Intel: sof_sdw_rt_sdca_jack_common: ctx-&gt;headset_codec_dev = NULL<br /> <br /> sof_sdw_rt_sdca_jack_exit() are used by different codecs, and some of<br /> them use the same dai name.<br /> For example, rt712 and rt713 both use "rt712-sdca-aif1" and<br /> sof_sdw_rt_sdca_jack_exit().<br /> As a result, sof_sdw_rt_sdca_jack_exit() will be called twice by<br /> mc_dailink_exit_loop(). Set ctx-&gt;headset_codec_dev = NULL; after<br /> put_device(ctx-&gt;headset_codec_dev); to avoid ctx-&gt;headset_codec_dev<br /> being put twice.
Severity CVSS v4.0: Pending analysis
Last modification:
17/05/2024

CVE-2023-52698

Publication date:
17/05/2024
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> calipso: fix memory leak in netlbl_calipso_add_pass()<br /> <br /> If IPv6 support is disabled at boot (ipv6.disable=1),<br /> the calipso_init() -&gt; netlbl_calipso_ops_register() function isn&amp;#39;t called,<br /> and the netlbl_calipso_ops_get() function always returns NULL.<br /> In this case, the netlbl_calipso_add_pass() function allocates memory<br /> for the doi_def variable but doesn&amp;#39;t free it with the calipso_doi_free().<br /> <br /> BUG: memory leak<br /> unreferenced object 0xffff888011d68180 (size 64):<br /> comm "syz-executor.1", pid 10746, jiffies 4295410986 (age 17.928s)<br /> hex dump (first 32 bytes):<br /> 00 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 ................<br /> 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................<br /> backtrace:<br /> [] kmalloc include/linux/slab.h:552 [inline]<br /> [] netlbl_calipso_add_pass net/netlabel/netlabel_calipso.c:76 [inline]<br /> [] netlbl_calipso_add+0x22e/0x4f0 net/netlabel/netlabel_calipso.c:111<br /> [] genl_family_rcv_msg_doit+0x22f/0x330 net/netlink/genetlink.c:739<br /> [] genl_family_rcv_msg net/netlink/genetlink.c:783 [inline]<br /> [] genl_rcv_msg+0x341/0x5a0 net/netlink/genetlink.c:800<br /> [] netlink_rcv_skb+0x14d/0x440 net/netlink/af_netlink.c:2515<br /> [] genl_rcv+0x29/0x40 net/netlink/genetlink.c:811<br /> [] netlink_unicast_kernel net/netlink/af_netlink.c:1313 [inline]<br /> [] netlink_unicast+0x54b/0x800 net/netlink/af_netlink.c:1339<br /> [] netlink_sendmsg+0x90a/0xdf0 net/netlink/af_netlink.c:1934<br /> [] sock_sendmsg_nosec net/socket.c:651 [inline]<br /> [] sock_sendmsg+0x157/0x190 net/socket.c:671<br /> [] ____sys_sendmsg+0x712/0x870 net/socket.c:2342<br /> [] ___sys_sendmsg+0xf8/0x170 net/socket.c:2396<br /> [] __sys_sendmsg+0xea/0x1b0 net/socket.c:2429<br /> [] do_syscall_64+0x30/0x40 arch/x86/entry/common.c:46<br /> [] entry_SYSCALL_64_after_hwframe+0x61/0xc6<br /> <br /> Found by InfoTeCS on behalf of Linux Verification Center<br /> (linuxtesting.org) with Syzkaller<br /> <br /> [PM: merged via the LSM tree at Jakub Kicinski request]
Severity CVSS v4.0: Pending analysis
Last modification:
07/01/2025

CVE-2023-52691

Publication date:
17/05/2024
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> drm/amd/pm: fix a double-free in si_dpm_init<br /> <br /> When the allocation of<br /> adev-&gt;pm.dpm.dyn_state.vddc_dependency_on_dispclk.entries fails,<br /> amdgpu_free_extended_power_table is called to free some fields of adev.<br /> However, when the control flow returns to si_dpm_sw_init, it goes to<br /> label dpm_failed and calls si_dpm_fini, which calls<br /> amdgpu_free_extended_power_table again and free those fields again. Thus<br /> a double-free is triggered.
Severity CVSS v4.0: Pending analysis
Last modification:
10/01/2025