ROS-20260408-73-0028

A vulnerability in the drivers/bus component of the Linux operating system kernel is related to memory re-release. Exploitation of the vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause denial of service...

Advisory ROSA-SA-2026-3227

software: qemu 7.2.22 OS: ROSA-CHROME unaffected versions = qemu-7.2.22-1 affected versions qemu-7.2.22-1 CVE-ID: CVE-2023-3019 BDU-ID: 2024-04883 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the e1000e component of the QEMU server is related to DMA re-entry. Exploitation of the vulnerability...

ROS-20260202-73-0036

A vulnerability in the pciregisterhostbridge function of the Linux operating system kernel is related to memory re-release. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260119-7305

A vulnerability in the uvcstatusinit function of the Linux operating system kernel is associated with a memory re-release error. Exploitation of the vulnerability may allow an attacker to affect confidentiality, integrity and availability of protected information...

ROS-20260119-7387

A vulnerability in the usbgcmdwork and botcmdwork functions of the USB driver drivers/usb/gadget/function/ftcm.c of the Linux kernel is related to memory re-release. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Advisory ROSA-SA-2025-3063

Software: libarchive 3.3.3 OS: ROSA Virtualization 2.1 unaffected versions = libarchive-3.3.3.3-6.0.1.rv3 affected versions libarchive-3.3.3.3-6.0.1.rv3 CVE-ID: CVE-2025-5914 BDU-ID: CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the archivereadformatrarseekdata function of the Libarchive...

ROS-20251006-01

A vulnerability in the certtool utility of the GnuTLS transport layer security library is related to an operation exceeding the buffer boundaries. operation outside of a buffer in memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20250929-05

A vulnerability in the Libarchive library is related to a data bounds checking error. Exploitation of the vulnerability could allow an attacker to execute arbitrary code Windows operating system Libarchive library vulnerability is related to integer overflow. Exploitation of the vulnerability cou...

ROS-20250924-09

The sftpdecodechanneldatatopacket function of the libssh library has a vulnerability related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service Vulnerability in libssh library's sshgetfingerprinthash function is...

ROS-20250430-02

A vulnerability in the libavformat/westwoodvqa.c component of the FFmpeg multimedia library is related to an integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service using a specially crafted VQA file FFmpeg multimedia library...

The vulnerability of the dfx regs uninit() function in the Linux operating system’s drivers/crypto/hisilicon/debugfs.c file allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the dfx regsuninit function in the Linux operating system’s drivers/crypto/hisilicon/debugfs.c file relates to the re-release of previously released memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility o...

Vulnerability of the atomisp_alloc_css_stat_bufs() function in the drivers/staging/media/atomisp/pci/atomisp_ioctl.c module – This driver for Intel Atom-core devices in the Linux operating system allows a hacker to trigger a service failure.

Vulnerability of the atomispalloccssstatbufs function in the drivers/staging/media/atomisp/pci/atomispioctl.c module – The driver for Intel Atom-based devices in the Linux operating system is vulnerable to a vulnerability where memory previously released is re-released. Exploiting this...

The vulnerability of the link_destruct() function in the amdgpu driver of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the linkdestruct function in the drivers/gpu/drm/amd/display/dc/link/linkfactory.c file of the amdgpu kernel in the Linux operating system is related to the re-release of previously released memory. Exploiting this vulnerability could allow an attacker to compromise the...

ROS-20241016-01

Vulnerability of nvmet-tcp component of Linux kernel is related to dereferencing of NULL pointer in the nvmettcpinstallqueue function in drivers/nvme/target/tcp.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in iwldeallocucode function in...

ROS-20241015-13

A vulnerability in the libceph component of the Linux kernel is related to incorrect input validation of the in the getreply and prepnextsparseread functions in net/ceph/osdclient.c, in the decrypttail and preparereadtailplain in net/ceph/messengerv2.c, in sizeoffooter, readpartialsparsemsgdata,...

ROS-20240627-03

A vulnerability in the QEMU hardware emulator is related to a memory re-release error. Exploitation of the vulnerability could allow an attacker to execute arbitrary code by performing a DMA re-entry...

The vulnerability of the rvu_npc_freemem() function in the Marvell OcteonTX2 kernel driver for the Linux operating system allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the rvunpcfreemem function in the drivers/net/ethernet/marvell/octeontx2/af/rvunpc.c file of the Marvell OcteonTX2 operating system is related to the re-release of previously released memory. Exploiting this vulnerability could allow an attacker to compromise the...

ROS-20240423-11

A vulnerability in the Libvirt virtualization management daemon is related to memory re-release. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data, compromise its integrity, and cause a denial of service. integrity, and cause a denial of service...

The vulnerability of flow processing demons in Juniper Networks’ Junos OS-based SRX series routers, which allows a attacker to cause service interruptions.

The vulnerability of flow processing demons in Juniper Networks Junos OS routers of the SRX series is related to the re-release of memory. Exploiting this vulnerability allows a malicious actor to cause service interruptions by sending specially crafted packets...

Advisory ROSA-SA-2024-2321

software: libxml2 2.9.14 OS: ROSA-CHROME packageevrstring: libxml2-2.9.14-4.src.rpm CVE-ID: CVE-2023-28484 BDU-ID: 2023-03298 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the xmlSchemaFixupComplexType xmlschemas.c function of the Libxml2 library is related to null pointer dereferencing...