CVE-2025-68741

CVE-2025-68741 (Linux kernel, QLA2XXX SCSI path) : The issue arises in qla2xxx_process_purls_iocb() where items allocated by qla27xx_copy_multiple_pkt() via qla24xx_alloc_purex_item() could be freed with kfree(), which is incorrect for pre‑allocated items and risks memory corruption. The fix is t...

CVE-2025-68741 scsi: qla2xxx: Fix improper freeing of purex item

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix improper freeing of purex item In qla2xxxprocesspurlsiocb, an item is allocated via qla27xxcopymultiplepkt, which internally calls qla24xxallocpurexitem. The qla24xxallocpurexitem function may return a...

CVE-2025-68741 scsi: qla2xxx: Fix improper freeing of purex item

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix improper freeing of purex item In qla2xxxprocesspurlsiocb, an item is allocated via qla27xxcopymultiplepkt, which internally calls qla24xxallocpurexitem. The qla24xxallocpurexitem function may return a...

CVE-2025-68235

In the Linux kernel, the following vulnerability has been resolved: nouveau/firmware: Add missing kfree of nvkmfalconfw::boot nvkmfalconfw::boot is allocated, but no one frees it. This causes a kmemleak warning. Make sure this data is deallocated...

UBUNTU-CVE-2025-68235

In the Linux kernel, the following vulnerability has been resolved: nouveau/firmware: Add missing kfree of nvkmfalconfw::boot nvkmfalconfw::boot is allocated, but no one frees it. This causes a kmemleak warning. Make sure this data is deallocated...

CVE-2025-68235

CVE-2025-68235 involves the Linux kernel where the nouveau/firmware component allocated nvkm_falcon_fw::boot but did not free it, causing a kmemleak warning. The published fix deallocates the boot data (adding the missing kfree()), removing the leak. The Connected documents confirm this CVE is re...

CVE-2025-40227

In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: dealloc commit test ctx always The damonctx for testing online DAMON parameters commit inputs is deallocated only when the test fails. This means memory is leaked for every successful online DAMON parameters commi...

kernel: ima: Fix potential memory leak in ima_init_crypto()

In the Linux kernel, the following vulnerability has been resolved: ima: Fix potential memory leak in imainitcrypto On failure to allocate the SHA1 tfm, IMA fails to initialize and exits without freeing the imaalgoarray. Add the missing kfree for imaalgoarray to avoid the potential memory leak...

usb: gadget: f_rndis: Refactor bind path to use __free()

...

CVE-2025-40094

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: facm: Refactor bind path to use free After an bind/unbind cycle, the acm-notifyreq is left stale. If a subsequent bind fails, the unified error label attempts to free this stale request, leading to a NULL pointer...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not properly freeing memory, which could lead to a memory leak...

Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Improper Cleanup on Thrown Exception (CVE-2024-53059)

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: Fix response handling in iwlmvmsendrecoverycmd 1. The size of the response packet is not validated. 2. The response buffer is not freed. Resolve these issues by switching to iwlmvmsendcmdstatus, which handles...

CVE-2025-39994

The CVE-2025-39994 issue is in the Linux kernel’s media tuner xc5000: the code path xc5000_release() used cancel_delayed_work(), risking use-after-free of xc5000_priv if timer_sleep is still active. The fix replaces cancel_delayed_work() with cancel_delayed_work_sync() to ensure the delayed work ...

GHSA-2PGJ-5CV2-6XXW FuelVM is vulnerable to heap memory allocation re-use bug

Impact A memory safety vulnerability was present in the Fuel Virtual Machine FuelVM, where memory reads could bypass expected access controls. Specifically, when a smart contract performed a mload or other opcodes which access memory on memory that had been deallocated using ret, it was still abl...

Linux Distros Unpatched Vulnerability : CVE-2025-39953

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cgroup: split cgroupdestroywq into 3 workqueues A hung task can occur during 1 LTP cgroup testing when repeatedly mounting/unmounting perfevent and netprio...

EUVD-2019-10563

Malware in sbrugna...

EUVD-2021-1839

Malware in sbrugna...

EUVD-2019-2416

Malware in sbrugna...

EUVD-2014-0732

Malware in sbrugna...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987077)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987077 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: avoid a use-after-free when BO init fails nouveauboinit is backed by ttmboinit and...