1185 matches found
CVE-2026-43063
In the Linux kernel, the following vulnerability has been resolved: xfs: don't irele after failing to iget in xfsattrirecoverwork xlogrecoveryiget never set @ip to a valid pointer if they return an error, so this irele will walk off a dangling pointer. Fix that...
CVE-2026-43063
CVE-2026-43063 pertains to the Linux kernel XFS attribute recovery path. The vulnerability arises when xlog_recovery_iget* fails to yield a valid pointer and an ensuing irele operates on a dangling pointer, potentially enabling a local attacker to crash the system and cause a DoS. The Red Hat adv...
CVE-2026-43063 xfs: don't irele after failing to iget in xfs_attri_recover_work
In the Linux kernel, the following vulnerability has been resolved: xfs: don't irele after failing to iget in xfsattrirecoverwork xlogrecoveryiget never set @ip to a valid pointer if they return an error, so this irele will walk off a dangling pointer. Fix that...
CVE-2026-43063
In the Linux kernel, the following vulnerability has been resolved: xfs: don't irele after failing to iget in xfsattrirecoverwork xlogrecoveryiget never set @ip to a valid pointer if they return an error, so this irele will walk off a dangling pointer. Fix that...
CLSA-2026-1777940008 python3: Fix of CVE-2026-6100
CVE-2026-6100: clear dangling nextin pointer on MemoryError in bz2/lzma decompressors to avoid use-after-free on instance reuse...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: net: inet: Do not leave a dangling sk pointer in inetcreate The sockinitdata function attaches the allocated sk object to the provided sock object. If inetcreate fails later, the sk object is freed, but the sock object retains a...
Astra Linux - уязвимость в curl
Due to the use of a dangling pointer, libcurl versions 7.29.0 through 7.71.1 can use the wrong connection when sending data...
Astra Linux - уязвимость в linux
A vulnerability was discovered in the Linux kernel, where the function sunkbdreinit was executed after sunkbdinterrupt had been called, even before sunkbd was freed. Although the dangling pointer is set to NULL in sunkbddisconnect, there is still an alias in sunkbdreinit that leads to a...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fixed a dangling pointer in mgmtaddadvpatternsmonitorcomplete. This fix addresses the issue where, whenever status != -ECANCELED, mgmtpendingvalid was executed; otherwise, mgmtpendingfreecmd would free the memory...
Astra Linux - уязвимость в xorg-server
A vulnerability was discovered in X.Org. This issue arises due to a dangling pointer in DeepCopyPointerClasses, which can be exploited by ProcXkbSetDeviceInfo and ProcXkbGetDeviceInfo to read from and write to freed memory. This can lead to local privilege escalation on systems where the X server...
CLSA-2026-1777569671 python3: Fix of CVE-2026-6100
CVE-2026-6100: clear dangling nextin pointer on MemoryError in bz2/lzma decompressors to avoid use-after-free on instance reuse...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-015463)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-015463 advisory. ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-9 and 6.9.13-34, there is a vulnerability in ImageMagic...
CVE-2026-5398
The implementation of TIOCNOTTY failed to clear a back-pointer from the structure representing the controlling terminal to the calling process' session. If the invoking process then exits, the terminal structure may end up containing a pointer to freed memory. A malicious process can abuse the...
SUSE CVE-2026-31471
In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: only publish modedata after clone setup iptfsclonestate stores x-modedata before allocating the reorder window. If that allocation fails, the code frees the cloned state and returns -ENOMEM, leaving x-modedata pointi...
CVE-2026-31511
A flaw was found in the Bluetooth Management MGMT component of the Linux kernel. An issue with how memory is managed during certain operations can lead to a 'dangling pointer' vulnerability. This means that the system might attempt to access memory that has already been released, potentially...
EUVD-2026-24893
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix dangling pointer on mgmtaddadvpatternsmonitorcomplete This fixes the condition checking so mgmtpendingvalid is executed whenever status != -ECANCELED otherwise calling mgmtpendingfreecmd would kfreecmd withou...
CVE-2026-31511
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix dangling pointer on mgmtaddadvpatternsmonitorcomplete This fixes the condition checking so mgmtpendingvalid is executed whenever status != -ECANCELED otherwise calling mgmtpendingfreecmd would kfreecmd withou...
CVE-2026-31511
CVE-2026-31511 affects the Linux kernel Bluetooth MGMT subsystem, specifically a dangling pointer in mgmt_add_adv_patterns_monitor_complete where mgmt_pending_free(cmd) could kfree cmd before unlinking from the list. Connected advisories indicate Debian/Root and other OSV entries report a patch w...
CVE-2026-31511
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix dangling pointer on mgmtaddadvpatternsmonitorcomplete This fixes the condition checking so mgmtpendingvalid is executed whenever status != -ECANCELED otherwise calling mgmtpendingfreecmd would kfreecmd withou...
CVE-2026-31511 Bluetooth: MGMT: Fix dangling pointer on mgmt_add_adv_patterns_monitor_complete
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix dangling pointer on mgmtaddadvpatternsmonitorcomplete This fixes the condition checking so mgmtpendingvalid is executed whenever status != -ECANCELED otherwise calling mgmtpendingfreecmd would kfreecmd withou...