85 matches found
SUSE CVE-2025-38190
In the Linux kernel, the following vulnerability has been resolved: atm: Revert atmaccounttx if copyfromiterfull fails. In vccsendmsg, we account skb-truesize to sk-skwmemalloc by atmaccounttx. It is expected to be reverted by atmpopraw later called by vcc-dev-ops-sendvcc, skb. However, vccsendms...
PT-2025-39242
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a memory leak within the ath12k service ready ext event function. Specifically, the svc rdy ext.mac phy caps memory is not freed in failure scenarios, leading t...
AZL-51008 CVE-2024-47675 affecting package kernel for versions less than 6.6.56.1-5
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix use-after-free in bpfuprobemultilinkattach If bpflinkprime fails, bpfuprobemultilinkattach goes to the errorfree label and frees the array of bpfuprobe's without calling bpfuprobeunregister. This leaks bpfuprobe-uprobe a...
SUSE CVE-2024-42275
In the Linux kernel, the following vulnerability has been resolved: drm/client: Fix error code in drmclientbuffervmaplocal This function accidentally returns zero/success on the failure path. It leads to locking issues and an uninitialized mapcopy in the caller...
SUSE CVE-2022-48810
In the Linux kernel, the following vulnerability has been resolved: ipmr,ip6mr: acquire RTNL before calling ip6mrfreetable on failure path ip6mrfreetable can only be called under RTNL lock. RTNL: assertion failed at net/core/dev.c 10367 WARNING: CPU: 1 PID: 5890 at net/core/dev.c:10367...
DEBIAN-CVE-2022-48810
In the Linux kernel, the following vulnerability has been resolved: ipmr,ip6mr: acquire RTNL before calling ip6mrfreetable on failure path ip6mrfreetable can only be called under RTNL lock. RTNL: assertion failed at net/core/dev.c 10367 WARNING: CPU: 1 PID: 5890 at net/core/dev.c:10367...
kernel: platform/x86/amd: pmc: Fix memory leak in amd_pmc_stb_debugfs_open_v2()
A memory leak was found in the AMD PMC driver's STB debugfs interface. When amdpmcsendcmd fails, the allocated buffer is not freed, causing memory to leak on each failed operation...
CVE-2021-47272
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Bail from dwc3gadgetexit if dwc-gadget is NULL There exists a possible scenario in which dwc3gadgetinit can fail: during during host - peripheral mode switch in dwc3setmode, and a pending gadget driver fails to...
CVE-2021-47272 usb: dwc3: gadget: Bail from dwc3_gadget_exit() if dwc->gadget is NULL
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Bail from dwc3gadgetexit if dwc-gadget is NULL There exists a possible scenario in which dwc3gadgetinit can fail: during during host - peripheral mode switch in dwc3setmode, and a pending gadget driver fails to...
SUSE CVE-2022-48656
In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: k3-udma-private: Fix refcount leak bug in ofxudmadevget We should call ofnodeput for the reference returned by ofparsephandle in fail path or when it is not used anymore. Here we only need to move the ofnodeput...
DEBIAN-CVE-2023-52643
In the Linux kernel, the following vulnerability has been resolved: iio: core: fix memleak in iiodeviceregistersysfs When iiodeviceregistersysfsgroup fails, we should free iiodevopaque-chanattrgroup.attrs to prevent potential memleak...
UBUNTU-CVE-2023-52473
In the Linux kernel, the following vulnerability has been resolved: thermal: core: Fix NULL pointer dereference in zone registration error path If deviceregister in thermalzonedeviceregisterwithtrips returns an error, the tz variable is set to NULL and subsequently dereferenced in kfreetz-tzp...
SUSE CVE-2022-35414
softmmu/physmem.c in QEMU through 7.0.0 can perform an uninitialized read on the translatefail path, leading to an ioreadx or iowritex crash. NOTE: a third party states that the Non-virtualization Use Case in the qemu.org reference applies here, i.e., "Bugs affecting the non-virtualization use ca...
GSD-2022-1000515 ipmr,ip6mr: acquire RTNL before calling ip[6]mr_free_table() on failure path
ipmr,ip6mr: acquire RTNL before calling ip6mrfreetable on failure path This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.10 by commit...
GSD-2022-1000373 ipmr,ip6mr: acquire RTNL before calling ip[6]mr_free_table() on failure path
ipmr,ip6mr: acquire RTNL before calling ip6mrfreetable on failure path This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.101 by commit...
GSD-2022-1000301 ipmr,ip6mr: acquire RTNL before calling ip[6]mr_free_table() on failure path
ipmr,ip6mr: acquire RTNL before calling ip6mrfreetable on failure path This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.267 by commit...
GSD-2022-1000288 ipmr,ip6mr: acquire RTNL before calling ip[6]mr_free_table() on failure path
ipmr,ip6mr: acquire RTNL before calling ip6mrfreetable on failure path This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.302 by commit...
kernel: sg_write function lacks an sg_remove_request call in a certain failure case
A vulnerability was found in sgwrite in drivers/scsi/sg.c in the SCSI generic sg driver subsystem. This flaw allows an attacker with local access and special user or root privileges to cause a denial of service if the allocated list is not cleaned with an invalid Sgfd sfp pointer at the time of...
go7007_snd_init in drivers/media/usb/go7007/snd-go7007.c in the Linux kernel before 5.6 does not call snd_card_free for a failure path which causes a memory leak aka CID-9453264ef586.
...
DEBIAN-CVE-2020-16135
libssh 0.9.4 has a NULL pointer dereference in tftpserver.c if sshbuffernew returns NULL...