CVE-2026-10718 Open Seachest/Seachest NVMe Trim (Deallocate) Vulnerability

Out of bounds write in openSeaChest’s Trim/Unmap operation in Seagate’s openSeaChest v26.03.0 on all supported platforms allows for writing extra memory describing a range of LBAs to deallocate 16 bytes outside of the allocated space when running this operation...

CVE-2026-10718

CVE-2026-10718 affects Seagate’s openSeaChest (v26.03.0) and is triggered by the Trim/Unmap operation. The root cause is an out-of-bounds write that allows writing extra memory describing a range of LBAs to deallocate, extending 16 bytes outside the allocated space across all supported platforms....

CVE-2026-10718 Open Seachest/Seachest NVMe Trim (Deallocate) Vulnerability

Out of bounds write in openSeaChest’s Trim/Unmap operation in Seagate’s openSeaChest v26.03.0 on all supported platforms allows for writing extra memory describing a range of LBAs to deallocate 16 bytes outside of the allocated space when running this operation...

CVE-2025-68235 nouveau/firmware: Add missing kfree() of nvkm_falcon_fw::boot

In the Linux kernel, the following vulnerability has been resolved: nouveau/firmware: Add missing kfree of nvkmfalconfw::boot nvkmfalconfw::boot is allocated, but no one frees it. This causes a kmemleak warning. Make sure this data is deallocated...

📄 macOS 18.3.2 Kernel Privilege Escalation

macOS version 18.3.2 proof of concept exploit for an old kernel related privilege escalation vulnerability. A critical memory management vulnerability exists within the macOS XNU kernel's handling of the VMBEHAVIORZEROWIREDPAGES behavior flag. The issue arises from improper sequence validation wh...

📄 macOS 18.3.2 VM_BEHAVIOR_ZERO_WIRED_PAGES Handling

A vulnerability exists in the way macOS handles VMBEHAVIORZEROWIREDPAGES combined with mmap + mlock + vmdeallocate on a read-only mapped file. A local attacker may trigger abnormal kernel behavior depending on system conditions. This proof of concept is purely academic and demonstrates a controll...

PT-2025-51648

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the nouveau firmware component of the Linux kernel. Specifically, memory allocated for nvkm falcon fw::boot is not deallocated, leading to a kernel memory leak...

kernel security update

5.14.0-570.58.1.0.1 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list...

Oracle Linux 10 : kernel (ELSA-2025-7956)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-7956 advisory. 6.12.0-55.19.1.0.10.OL10 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Add new Oracle Linux Driver Signing key 1 certificate...

kernel security update

5.14.0-570.17.1.0.16.OL9 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys lis...

SUSE CVE-2024-57872

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: pltfrm: Dellocate HBA during ufshcdpltfrmremove This will ensure that the scsi host is cleaned up properly using scsihostdevrelease. Otherwise, it may lead to memory leaks...

DEBIAN-CVE-2024-57872

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: pltfrm: Dellocate HBA during ufshcdpltfrmremove This will ensure that the scsi host is cleaned up properly using scsihostdevrelease. Otherwise, it may lead to memory leaks...

CVE-2024-49972

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Deallocate DML memory if allocation fails Why When DC state create DML memory allocation fails, memory is not deallocated subsequently, resulting in uninitialized structure that is not NULL. How Deallocate memory...

kernel: vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF

In the Linux kernel, the following vulnerability has been resolved: vcscreen: move load of struct vcdata pointer in vcsread to avoid UAF After a call to consoleunlock in vcsread the vcdata struct can be freed by vcdeallocate. Because of that, the struct vcdata pointer load must be done at the top...

PYSEC-2024-308

wasm3 v0.5.0 was discovered to contain a heap buffer overflow which leads to segmentation fault via the function "DeallocateSlot" in wasm3/source/m3compile.c...

PT-2024-25767 · Wasm3 · Wasm3

Name of the Vulnerable Software and Affected Versions: wasm3 version 0.5.0 Description: A heap buffer overflow was discovered in wasm3, leading to a segmentation fault via the DeallocateSlot function in m3 compile.c. This issue requires local network access to exploit. Recommendations: Update to ...

wasm3 安全漏洞

wasm3 is the fastest WebAssembly interpreter, as well as the most versatile runtime. A security vulnerability exists in version v0.5.0 of wasm3, which originates from a segmentation error via the function DeallocateSlot in wasm3/source/m3compile.c. The vulnerability is caused by the function...

CVE-2024-26839 IB/hfi1: Fix a memleak in init_credit_return

In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix a memleak in initcreditreturn When dmaalloccoherent fails to allocate dd-crbasei.va, initcreditreturn should deallocate dd-crbase and dd-crbasei that allocated before. Or those resources would be never freed and a...

CVE-2023-52629

In the Linux kernel, the following vulnerability has been resolved: sh: push-switch: Reorder cleanup operations to avoid use-after-free bug The original code puts flushwork before timershutdownsync in switchdrvremove. Although we use flushwork to stop the worker, it could be rescheduled in...

CVE-2023-52629

In the Linux kernel, the following vulnerability has been resolved: sh: push-switch: Reorder cleanup operations to avoid use-after-free bug The original code puts flushwork before timershutdownsync in switchdrvremove. Although we use flushwork to stop the worker, it could be rescheduled in...