Linux Foundation Yocto
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Linux Foundation Yocto.
By the Year
In 2025 there have been 0 vulnerabilities in Linux Foundation Yocto. Last year, in 2024 Yocto had 3 security vulnerabilities published. Right now, Yocto is on track to have less security vulnerabilities in 2025 than it did last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2025 | 0 | 0.00 |
2024 | 3 | 5.43 |
2023 | 40 | 6.32 |
2022 | 0 | 0.00 |
2021 | 0 | 0.00 |
2020 | 0 | 0.00 |
2019 | 0 | 0.00 |
2018 | 0 | 0.00 |
It may take a day or so for new Yocto vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Linux Foundation Yocto Security Vulnerabilities
In power, there is a possible out of bounds read due to a missing bounds check
CVE-2024-20085
4.4 - Medium
- September 02, 2024
In power, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08944204; Issue ID: MSV-1560.
Out-of-bounds Read
In power, there is a possible out of bounds read due to a missing bounds check
CVE-2024-20084
4.4 - Medium
- September 02, 2024
In power, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08944210; Issue ID: MSV-1561.
Out-of-bounds Read
In wlan, there is a possible denial of service due to incorrect error handling
CVE-2024-20089
7.5 - High
- September 02, 2024
In wlan, there is a possible denial of service due to incorrect error handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08861558; Issue ID: MSV-1526.
Improper Check for Unusual or Exceptional Conditions
In apusys, there is a possible out of bounds write due to an integer overflow
CVE-2023-32829
6.7 - Medium
- October 02, 2023
In apusys, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07713478; Issue ID: ALPS07713478.
Integer Overflow or Wraparound
In wlan firmware, there is a possible firmware assertion due to improper input handling
CVE-2023-32820
7.5 - High
- October 02, 2023
In wlan firmware, there is a possible firmware assertion due to improper input handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07932637; Issue ID: ALPS07932637.
assertion failure
In gps, there is a possible out of bounds write due to a missing bounds check
CVE-2023-20829
6.7 - Medium
- September 04, 2023
In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08014144; Issue ID: ALPS08014148.
Memory Corruption
In imgsys, there is a possible out of bounds read and write due to a missing valid range checking
CVE-2023-20840
6.5 - Medium
- September 04, 2023
In imgsys, there is a possible out of bounds read and write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326430; Issue ID: ALPS07326430.
Out-of-bounds Read
In imgsys, there is a possible out of bounds write due to a missing valid range checking
CVE-2023-20841
6.5 - Medium
- September 04, 2023
In imgsys, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326455; Issue ID: ALPS07326441.
Memory Corruption
In imgsys_cmdq, there is a possible out of bounds write due to a missing valid range checking
CVE-2023-20842
6.5 - Medium
- September 04, 2023
In imgsys_cmdq, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07354259; Issue ID: ALPS07340477.
Memory Corruption
In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking
CVE-2023-20848
6.5 - Medium
- September 04, 2023
In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07340433; Issue ID: ALPS07340433.
Out-of-bounds Read
In wlan driver, there is a possible out of bounds write due to improper input validation
CVE-2023-32806
6.7 - Medium
- September 04, 2023
In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441589; Issue ID: ALPS07441589.
Memory Corruption
In gnss service, there is a possible out of bounds write due to improper input validation
CVE-2023-32812
6.7 - Medium
- September 04, 2023
In gnss service, there is a possible out of bounds write due to improper input validation. This could lead to local esclation of privileges with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08017365; Issue ID: ALPS08017365.
Memory Corruption
In camsys, there is a possible use after free due to a race condition
CVE-2023-20835
6.4 - Medium
- September 04, 2023
In camsys, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07341261; Issue ID: ALPS07326570.
Race Condition
In nvram, there is a possible out of bounds write due to a missing bounds check
CVE-2023-20821
6.7 - Medium
- September 04, 2023
In nvram, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07937113; Issue ID: ALPS07937113.
Memory Corruption
In gps, there is a possible out of bounds write due to a missing bounds check
CVE-2023-20828
6.7 - Medium
- September 04, 2023
In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08014144; Issue ID: ALPS08014144.
Memory Corruption
In gps, there is a possible out of bounds write due to a missing bounds check
CVE-2023-20830
6.7 - Medium
- September 04, 2023
In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08014144; Issue ID: ALPS08014156.
Memory Corruption
In gps, there is a possible out of bounds write due to a missing bounds check
CVE-2023-20831
6.7 - Medium
- September 04, 2023
In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08014144; Issue ID: ALPS08014162.
Memory Corruption
In gps, there is a possible out of bounds write due to a missing bounds check
CVE-2023-20832
6.7 - Medium
- September 04, 2023
In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08014144; Issue ID: ALPS08013530.
Memory Corruption
In imgsys_cmdq, there is a possible use after free due to a missing valid range checking
CVE-2023-20849
6.5 - Medium
- September 04, 2023
In imgsys_cmdq, there is a possible use after free due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07340433; Issue ID: ALPS07340350.
Dangling pointer
In imgsys_cmdq, there is a possible out of bounds write due to a missing valid range checking
CVE-2023-20850
6.5 - Medium
- September 04, 2023
In imgsys_cmdq, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07340433; Issue ID: ALPS07340381.
Memory Corruption
In connectivity system driver, there is a possible out of bounds write due to improper input validation
CVE-2023-32811
6.7 - Medium
- September 04, 2023
In connectivity system driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07929848; Issue ID: ALPS07929848.
Memory Corruption
In imgsys, there is a possible out of bounds write due to a missing bounds check
CVE-2023-20805
6.7 - Medium
- August 07, 2023
In imgsys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07199773; Issue ID: ALPS07326411.
Memory Corruption
In imgsys, there is a possible system crash due to a mssing ptr check
CVE-2023-20800
6.5 - Medium
- August 07, 2023
In imgsys, there is a possible system crash due to a mssing ptr check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07420968; Issue ID: ALPS07420955.
In imgsys, there is a possible out of bounds write due to a missing bounds check
CVE-2023-20804
6.7 - Medium
- August 07, 2023
In imgsys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07199773; Issue ID: ALPS07326384.
Memory Corruption
In imgsys, there is a possible memory corruption due to improper input validation
CVE-2023-20803
6.5 - Medium
- August 07, 2023
In imgsys, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326455; Issue ID: ALPS07326374.
Memory Corruption
In vcu, there is a possible out of bounds write due to a race condition
CVE-2023-20736
6.4 - Medium
- June 06, 2023
In vcu, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645189.
Race Condition
In wlan, there is a possible out of bounds read due to a missing bounds check
CVE-2023-20728
4.4 - Medium
- June 06, 2023
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573603; Issue ID: ALPS07573603.
Out-of-bounds Read
In wlan, there is a possible out of bounds read due to a missing bounds check
CVE-2023-20729
4.4 - Medium
- June 06, 2023
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573552; Issue ID: ALPS07573575.
Out-of-bounds Read
In wlan, there is a possible out of bounds read due to a missing bounds check
CVE-2023-20730
4.4 - Medium
- June 06, 2023
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573552; Issue ID: ALPS07573552.
Out-of-bounds Read
In wlan, there is a possible out of bounds read due to a missing bounds check
CVE-2023-20731
4.4 - Medium
- June 06, 2023
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573495; Issue ID: ALPS07573495.
Out-of-bounds Read
In wlan, there is a possible out of bounds read due to a missing bounds check
CVE-2023-20732
6.7 - Medium
- June 06, 2023
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573480; Issue ID: ALPS07573480.
Memory Corruption
In vcu, there is a possible use after free due to improper locking
CVE-2023-20733
6.7 - Medium
- June 06, 2023
In vcu, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645149.
Improper Locking
In vcu, there is a possible out of bounds write due to a missing bounds check
CVE-2023-20734
6.7 - Medium
- June 06, 2023
In vcu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645184.
Memory Corruption
In vcu, there is a possible out of bounds write due to a missing bounds check
CVE-2023-20735
6.7 - Medium
- June 06, 2023
In vcu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645178.
Memory Corruption
In vcu, there is a possible use after free due to improper locking
CVE-2023-20737
6.7 - Medium
- June 06, 2023
In vcu, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645167.
Improper Locking
In vcu, there is a possible out of bounds write due to a missing bounds check
CVE-2023-20738
6.7 - Medium
- June 06, 2023
In vcu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645173.
Memory Corruption
In vcu, there is a possible memory corruption due to a logic error
CVE-2023-20740
6.7 - Medium
- June 06, 2023
In vcu, there is a possible memory corruption due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07559819; Issue ID: ALPS07559840.
Memory Corruption
In vcu, there is a possible out of bounds write due to improper locking
CVE-2023-20743
6.7 - Medium
- June 06, 2023
In vcu, there is a possible out of bounds write due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519142; Issue ID: ALPS07519142.
Improper Locking
In vcu, there is a possible use after free due to a logic error
CVE-2023-20744
6.7 - Medium
- June 06, 2023
In vcu, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519142; Issue ID: ALPS07519200.
Dangling pointer
In vcu, there is a possible out of bounds write due to improper locking
CVE-2023-20745
6.7 - Medium
- June 06, 2023
In vcu, there is a possible out of bounds write due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519142; Issue ID: ALPS07560694.
Improper Locking
In vcu, there is a possible out of bounds write due to improper locking
CVE-2023-20746
6.7 - Medium
- June 06, 2023
In vcu, there is a possible out of bounds write due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519142; Issue ID: ALPS07519217.
Improper Locking
In vcu, there is a possible memory corruption due to type confusion
CVE-2023-20747
4.4 - Medium
- June 06, 2023
In vcu, there is a possible memory corruption due to type confusion. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519103; Issue ID: ALPS07519121.
Object Type Confusion
In wlan, there is a possible out of bounds read due to a missing bounds check
CVE-2023-20727
4.4 - Medium
- June 06, 2023
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588531; Issue ID: ALPS07588531.
Out-of-bounds Read
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Google Android or by Linux Foundation? Click the Watch button to subscribe.
![subscribe](/images/undraw_subscriber_vabu.png)