Vulnerabilities > Improper Validation of Array Index
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-02-26 | CVE-2022-49186 | Improper Validation of Array Index vulnerability in Linux Kernel 5.17/5.17.1/5.17.2 In the Linux kernel, the following vulnerability has been resolved: clk: visconti: prevent array overflow in visconti_clk_register_gates() This code was using -1 to represent that there was no reset function. Unfortunately, the -1 was stored in u8 so the if (clks[i].rs_id >= 0) condition was always true. | 7.8 |
| 2025-02-10 | CVE-2025-21692 | Improper Validation of Array Index vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ets qdisc OOB Indexing Haowei Yan <g1042620637@gmail.com> found that ets_class_from_arg() can index an Out-Of-Bound class in ets_class_from_arg() when passed clid of 0. | 7.8 |
| 2025-02-03 | CVE-2024-45569 | Improper Validation of Array Index vulnerability in Qualcomm products Memory corruption while parsing the ML IE due to invalid frame content. | 9.8 |
| 2025-02-03 | CVE-2024-45582 | Improper Validation of Array Index vulnerability in Qualcomm products Memory corruption while validating number of devices in Camera kernel . | 7.8 |
| 2025-02-03 | CVE-2024-49832 | Improper Validation of Array Index vulnerability in Qualcomm products Memory corruption in Camera due to unusually high number of nodes passed to AXI port. | 7.8 |
| 2025-02-03 | CVE-2024-49833 | Improper Validation of Array Index vulnerability in Qualcomm products Memory corruption can occur in the camera when an invalid CID is used. | 7.8 |
| 2025-02-03 | CVE-2024-49834 | Improper Validation of Array Index vulnerability in Qualcomm products Memory corruption while power-up or power-down sequence of the camera sensor. | 7.8 |
| 2025-02-03 | CVE-2024-49837 | Improper Validation of Array Index vulnerability in Qualcomm products Memory corruption while reading CPU state data during guest VM suspend. | 7.8 |
| 2025-02-03 | CVE-2024-49843 | Improper Validation of Array Index vulnerability in Qualcomm products Memory corruption while processing IOCTL from user space to handle GPU AHB bus error. | 7.8 |
| 2025-01-31 | CVE-2025-21680 | Improper Validation of Array Index vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: pktgen: Avoid out-of-bounds access in get_imix_entries Passing a sufficient amount of imix entries leads to invalid access to the pkt_dev->imix_entries array because of the incorrect boundary check. UBSAN: array-index-out-of-bounds in net/core/pktgen.c:874:24 index 20 is out of range for type 'imix_pkt [20]' CPU: 2 PID: 1210 Comm: bash Not tainted 6.10.0-rc1 #121 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996) Call Trace: <TASK> dump_stack_lvl lib/dump_stack.c:117 __ubsan_handle_out_of_bounds lib/ubsan.c:429 get_imix_entries net/core/pktgen.c:874 pktgen_if_write net/core/pktgen.c:1063 pde_write fs/proc/inode.c:334 proc_reg_write fs/proc/inode.c:346 vfs_write fs/read_write.c:593 ksys_write fs/read_write.c:644 do_syscall_64 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe arch/x86/entry/entry_64.S:130 Found by Linux Verification Center (linuxtesting.org) with SVACE. [ fp: allow to fill the array completely; minor changelog cleanup ] | 7.8 |