33 matches found
CVE-2026-45971 bpf: Limit bpf program signature size
In the Linux kernel, the following vulnerability has been resolved: bpf: Limit bpf program signature size Practical BPF signatures are significantly smaller than KMALLOCMAXCACHESIZE Allowing larger sizes opens the door for abuse by passing excessive size values and forcing the kernel into expensi...
CVE-2026-43148
In the Linux kernel, the following vulnerability has been resolved: powerpc/smp: Add check for kcalloc failure in parsethreadgroups As kcalloc may fail, check its return value to avoid a NULL pointer dereference when passing it to ofpropertyreadu32array...
CVE-2026-43105
The CVE-2026-43105 issue affects the Linux kernel’s DRM VC4 driver. The root cause is a memory leak where the hang state’s BO array is allocated with kzalloc() in vc4_save_hang_state() but is not freed in vc4_free_hang_state(), leaving memory allocated when the hang state is freed. A kfree() for ...
CVE-2025-47407
Memory corruption while creating a process on the digital signal processor due to allocation failure at the kernel level...
EUVD-2025-209632
Memory corruption while creating a process on the digital signal processor due to allocation failure at the kernel level...
CVE-2025-47407 Time-of-check Time-of-use (TOCTOU) Race Condition in DSP Service
Memory corruption while creating a process on the digital signal processor due to allocation failure at the kernel level...
CVE-2025-47407 Time-of-check Time-of-use (TOCTOU) Race Condition in DSP Service
Memory corruption while creating a process on the digital signal processor due to allocation failure at the kernel level...
CVE-2025-47407
CVE-2025-47407 describes a memory corruption in the DSP service during process creation caused by an allocation failure at the kernel level, linked to a TOCTOU race condition. Connected records identify a kernel-level allocation failure as the underlying trigger and the DSP service as the affecte...
PT-2026-36843
Memory corruption while creating a process on the digital signal processor due to allocation failure at the kernel level...
UBUNTU-CVE-2026-23385
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: clone set on flush only Syzbot with fault injection triggered a failing memory allocation with GFPKERNEL which results in a WARN splat: iter.err WARNING: net/netfilter/nftablesapi.c:845 at...
CVE-2026-23206
In the Linux kernel, the following vulnerability has been resolved: dpaa2-switch: prevent ZEROSIZEPTR dereference when numifs is zero The driver allocates arrays for ports, FDBs, and filter blocks using kcalloc with ethsw-swattr.numifs as the element count. When the device reports zero interfaces...
SUSE CVE-2026-23018
In the Linux kernel, the following vulnerability has been resolved: btrfs: release path before initializing extent tree in btrfsreadlockedinode In btrfsreadlockedinode we are calling btrfsinitfileextenttree while holding a path with a read locked leaf from a subvolume tree, and...
CVE-2026-23018 btrfs: release path before initializing extent tree in btrfs_read_locked_inode()
In the Linux kernel, the following vulnerability has been resolved: btrfs: release path before initializing extent tree in btrfsreadlockedinode In btrfsreadlockedinode we are calling btrfsinitfileextenttree while holding a path with a read locked leaf from a subvolume tree, and...
CVE-2022-50867 drm/msm/a6xx: Fix kvzalloc vs state_kcalloc usage
In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: Fix kvzalloc vs statekcalloc usage adrenoshowobject is a trap! It will re-allocate the pointer it is passed on first call, when the data is ascii85 encoded, using kvmalloc/ kvfree. Which means the data passed to it...
CVE-2022-50713
In the Linux kernel, the following vulnerability has been resolved: clk: visconti: Fix memory leak in viscontiregisterpll @pll-ratetable has allocated memory by kmemdup, if clkhwregister fails, it should be freed, otherwise it will cause memory leak issue, this patch fixes it...
SUSE CVE-2025-68309
In the Linux kernel, the following vulnerability has been resolved: PCI/AER: Fix NULL pointer access by aerinfo The kzallocGFPKERNEL may return NULL, so all accesses to aerinfo-xxx will result in kernel panic. Fix it...
CVE-2025-40052
CVE-2025-40052 (Linux kernel, SMB/CIFS crypto path) fixes a bug where aead_request context could end up in vmalloc memory, causing sg_set_buf() to crash when virt_addr_valid(buf) fails under heavy parallel I/O. Root cause: creq allocation used kvzalloc(), potentially placing __ctx in vmalloc area...
Linux Distros Unpatched Vulnerability : CVE-2025-40052
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smb: client: fix crypto buffers in non-linear memory The crypto API, through the scatterlist API, expects input buffers to be in linear memory. We handle this...
CVE-2025-39935 ASoC: codec: sma1307: Fix memory corruption in sma1307_setting_loaded()
In the Linux kernel, the following vulnerability has been resolved: ASoC: codec: sma1307: Fix memory corruption in sma1307settingloaded The sma1307-set.headersize is how many integers are in the header there are 8 of them but instead of allocating space of 8 integers we allocate 8 bytes. This lea...
EUVD-2024-30781
Malicious code in bioql PyPI...