212 matches found
CVE-2026-43217
A flaw was found in the Linux kernel's media: iris: gen2 component. When a session is stopped, a memory deallocation occurs. If a subsequent streaming stop operation is initiated without proper validation, it attempts to access already freed memory. This can be triggered by a local attacker or a...
CVE-2026-43104
In the Linux kernel, the following vulnerability has been resolved: drm/vc4: Fix a memory leak in hang state error path When vc4savehangstate encounters an early return condition, it returns without freeing the previously allocated kernelstate, leaking memory. Add the missing kfree calls by...
CVE-2026-43091
The CVE-2026-43091 vulnerability affects the Linux kernel xfrm policy handling during netns exit. The root cause is that xfrm_policy_fini() frees the policy_bydst hash tables after flushing work items and deleting policies, but does not wait for concurrent RCU readers to exit read-side critical s...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which arises from the failure of irdmareregmrtrans and the subsequent failure to set iwmr-region to NULL, potentially...
kernel: scsi: qla2xxx: Fix improper freeing of purex item
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix improper freeing of purex item In qla2xxxprocesspurlsiocb, an item is allocated via qla27xxcopymultiplepkt, which internally calls qla24xxallocpurexitem. The qla24xxallocpurexitem function may return a...
PT-2026-34379
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the isotp sendmsg function. The function uses cmpxchg on so-tx.state to serialize access to so-tx.buf. When isotp release waits for ISOTP IDLE via wait...
kernel: scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count()
In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix use-after-free in iscsitdecsessionusagecount In iscsitdecsessionusagecount, the function calls complete while holding the sess-sessionusagelock. Similar to the connection usage count logic, the waiter...
kernel: scsi: qla2xxx: Fix improper freeing of purex item
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix improper freeing of purex item In qla2xxxprocesspurlsiocb, an item is allocated via qla27xxcopymultiplepkt, which internally calls qla24xxallocpurexitem. The qla24xxallocpurexitem function may return a...
Deserialization of Untrusted Data
Overview Affected versions of this package are vulnerable to Deserialization of Untrusted Data in the session restoration process. An attacker can execute arbitrary memory deallocation by injecting a crafted session into the cache and triggering the application to call the relevant session restor...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of lock protection for memory allocation and deallocation operations. This vulnerability...
CVE-2025-47398 Use After Free in Graphics
Memory Corruption while deallocating graphics processing unit memory buffers due to improper handling of memory pointers...
CVE-2025-47398
Memory Corruption while deallocating graphics processing unit memory buffers due to improper handling of memory pointers...
SUSE CVE-2025-68781
In the Linux kernel, the following vulnerability has been resolved: usb: phy: fsl-usb: Fix use-after-free in delayed work during device removal The delayed work item otgevent is initialized in fslotgconf and scheduled under two conditions: 1. When a host controller binds to the OTG controller. 2...
CVE-2025-68781
In the Linux kernel, the following vulnerability has been resolved: usb: phy: fsl-usb: Fix use-after-free in delayed work during device removal The delayed work item otgevent is initialized in fslotgconf and scheduled under two conditions: 1. When a host controller binds to the OTG controller. 2...
PT-2026-6116
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.18.0 10 Description The Linux kernel contains a flaw within the virtio net subsystem. Specifically, an inconsistency exists in how memory is allocated and freed for the RSS header. The initial allocation uses...
CVE-2023-54201
In the Linux kernel, the following vulnerability has been resolved: RDMA/efa: Fix wrong resources deallocation order When trying to destroy QP or CQ, we first decrease the refcount and potentially free memory regions allocated for the object and then request the device to destroy the object. If t...
CVE-2023-54169
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fix memory leak in mlx5eptpopen When kvzallocnode or kvzalloc failed in mlx5eptpopen, the memory pointed by "c" or "cparams" is not freed, which can lead to a memory leak. Fix by freeing the array in the error path...
EUVD-2025-205221
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix improper freeing of purex item In qla2xxxprocesspurlsiocb, an item is allocated via qla27xxcopymultiplepkt, which internally calls qla24xxallocpurexitem. The qla24xxallocpurexitem function may return a...
CVE-2025-68741
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix improper freeing of purex item In qla2xxxprocesspurlsiocb, an item is allocated via qla27xxcopymultiplepkt, which internally calls qla24xxallocpurexitem. The qla24xxallocpurexitem function may return a...
UBUNTU-CVE-2025-68741
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix improper freeing of purex item In qla2xxxprocesspurlsiocb, an item is allocated via qla27xxcopymultiplepkt, which internally calls qla24xxallocpurexitem. The qla24xxallocpurexitem function may return a...