PT-2022-33917 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.61 Description: A memory leak issue was discovered in the security read state kernel function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions...

PT-2022-33256 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.7 Description: A potential memory leak in the gpu metrics table of the Linux Kernel's drm/amd/pm module has been identified. The actual impact and attack plausibility of this issue have not yet been proven...

CVE-2022-2590

A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write COW breakage of private read-only shared memory mappings. This flaw allows an unprivileged, local user to gain write access to read-only memory mappings, increasing their privileges on the system...

CVE-2021-29649

An issue was discovered in the Linux kernel before 5.11.11. The user mode driver UMD has a copyprocess memory leak, related to a lack of cleanup steps in kernel/usermodedriver.c and kernel/bpf/preload/bpfpreloadkern.c, aka CID-f60a85cad677...

DEBIAN-CVE-2012-0953

A race condition was discovered in the Linux drivers for Nvidia graphics which allowed an attacker to exfiltrate kernel memory to userspace. This issue was fixed in version 295.53...

CVE-2019-20095

mwifiextmcmd in drivers/net/wireless/marvell/mwifiex/cfg80211.c in the Linux kernel before 5.1.6 has some error-handling cases that did not free allocated hostcmd memory, aka CID-003b686ace82. This will cause a memory leak and denial of service...

CVE-2019-19055

A memory leak in the nl80211getftmresponderstats function in net/wireless/nl80211.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service memory consumption by triggering nl80211hdrput failures, aka CID-1399c59fa929. NOTE: third parties dispute the relevance of this...

CVE-2019-12379

An issue was discovered in coninsertunipair in drivers/tty/vt/consolemap.c in the Linux kernel through 5.1.5. There is a memory leak in a certain case of an ENOMEM outcome of kmalloc. NOTE: This id is disputed as not being an issue...

CVE-2017-12190

The biomapuseriov and biounmapuser functions in block/bio.c in the Linux kernel before 4.13.8 do unbalanced refcounting when a SCSI I/O vector has small consecutive buffers belonging to the same page. The bioaddpcpage function merges them into one, but the page reference is never dropped. This...

kernel: mm subsystem does not properly enforce the CONFIG_STRICT_DEVMEM protection mechanism

The mm subsystem in the Linux kernel through 4.10.10 does not properly enforce the CONFIGSTRICTDEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte and bypass slab-allocation access restrictions via an application that opens the...

CVE-2016-10343

In all Qualcomm products with Android releases from CAF using the Linux kernel, sSL handshake failure with ClientHello rejection results in memory leak...

CVE-2015-3288

mm/memory.c in the Linux kernel before 4.1.4 mishandles anonymous pages, which allows local users to gain privileges or cause a denial of service page tainting via a crafted application that triggers writing to page zero...

Security update for the Linux Kernel (important)

The Linux kernel for openSUSE Leap 42.1 was updated to the 4.1.15 stable release, and also includes security and bugfixes. Following security bugs were fixed: - CVE-2016-0728: A reference leak in keyring handling with joinsessionkeyring could lead to local attackers gain root privileges. bsc96207...

CVE-2013-0309

arch/x86/include/asm/pgtable.h in the Linux kernel before 3.6.2, when transparent huge pages are used, does not properly support PROTNONE memory regions, which allows local users to cause a denial of service system crash via a crafted application...

CVE-2012-4398

The requestmodule function in kernel/kmod.c in the Linux kernel before 3.4 does not set a certain killable attribute, which allows local users to cause a denial of service memory consumption via a crafted application...

Linux Kernel 2.6.20 with DCCP Support - Memory Disclosure (2)

Linux Kernel 2.6.20 with DCCP Support - Memory Disclosure 2 include include include include include include include define BUFSIZE 0x10000000 int mainint argc, char argv void mem = mmap0, BUFSIZE, PROTREAD | PROTWRITE, MAPANONYMOUS | MAPPRIVATE, 0, 0; if mem == void-1 printf"Alloc failed\n"; retu...

CVE-2006-5174

CVE-2006-5174 concerns the Linux kernel 2.6 copy_from_user() implementation on s390/s390x where a local user could read kernel memory due to improper clearing of a kernel buffer. Affected platform: Linux kernel 2.6 before 2.6.19-rc1 on s390. The issue is an information leak (partial confidentiali...

CVE-2005-3181

The audit system in Linux kernel 2.6.6, and other versions before 2.6.13.4, when CONFIGAUDITSYSCALL is enabled, uses an incorrect function to free namescache memory, which prevents the memory from being tracked by AUDITSYSCALL code and leads to a memory leak that allows attackers to cause a denia...