6 matches found
CVE-2026-53247
CVE-2026-53247: Linux kernel MTK ethernet driver (mtk_eth_soc) fix for use-after-free in metadata_dst teardown. mtk_free_dev() previously called metadata_dst_free() (kfree’d immediately, bypassing RCU). In RX, skb_dst_set_noref() kept non-refcounted pointers to metadata_dst; freed memory could ra...
CVE-2026-53157
Summary of CVE-2026-53157 (Linux kernel, phonet): The vulnerability occurs in the phonet device teardown where phonet_device_destroy() removes the device from the per-net list with list_del_rcu(), but frees it immediately instead of after the RCU grace period. This allows RCU readers traversing t...
CVE-2026-45959
crypto: ccp - Fix a crash due to incorrect cleanup usage of kfree...
CVE-2026-43104
In the Linux kernel, the following vulnerability has been resolved: drm/vc4: Fix a memory leak in hang state error path When vc4savehangstate encounters an early return condition, it returns without freeing the previously allocated kernelstate, leaking memory. Add the missing kfree calls by...
Vulnerabilities of the kfree(), ucsi_resume_work(), and ucsi_unregister() functions in the Linux operating system, allowing a hacker to cause a service failure
The vulnerability of the kfree, ucsiresumework, and ucsiunregister functions in the Linux operating system is related to the assignment of pointers. Exploiting this vulnerability could allow an attacker to cause a service failure...
kernel: block: floppy: privilege escalation via FDRAWCMD floppy ioctl command
A flaw was found in the way the Linux kernel's floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX could use this flaw to free using the kfree function arbitrary kernel memory. CVE-2014-173...