CVE-2026-6826

Concrete CMS 9.5.0 and below is vulnerable to unauthenticated file usage disclosure via missing permission check in the usage controller. Any unauthenticated visitor can request /ccm/system/dialogs/file/usage/fID with any file ID and receive a list of every page that references that file, includi...

CVE-2026-43464

Summary: CVE-2026-43464 affects the Linux kernel mlx5e driver in XDP multi-buffer scenarios. When XDP programs modify buffer layout via bpf_xdp_pull_data() or bpf_xdp_adjust_tail(), the driver previously failed to count dropped fragments, causing negative page reference counts during cleanup and ...

CVE-2025-38612 staging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc()

In the Linux kernel, the following vulnerability has been resolved: staging: fbtft: fix potential memory leak in fbtftframebufferalloc In the error paths after fbinfo structure is successfully allocated, the memory allocated in fbdeferredioinit for info-pagerefs is not freed. Fix that by adding t...

PT-2024-41486 · Gnu · Linux

Уязвимость функции udmabuf vm fault драйвера udmabuf drivers/dma-buf/udmabuf.c ядра операционных систем Linux связана с нарушением подсчёта количества ссылок на страницы, отображённые в памяти. Эксплуатация уязвимости может позволить нарушителю оказать воздействие на целостность данных или вызват...

SUSE CVE-2021-47365

In the Linux kernel, the following vulnerability has been resolved: afs: Fix page leak There's a loop in afsextendwriteback that adds extra pages to a write we want to make to improve the efficiency of the writeback by making it larger. This loop stops, however, if we hit a page we can't write ba...

SUSE CVE-2024-35951

In the Linux kernel, the following vulnerability has been resolved: drm/panfrost: Fix the error path in panfrostmmumapfaultaddr Subject: PATCH drm/panfrost: Fix the error path in panfrostmmumapfaultaddr If some the pages or sgt allocation failed, we shouldn't release the pages ref we got earlier,...

AZL-67755 CVE-2024-35951 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: drm/panfrost: Fix the error path in panfrostmmumapfaultaddr Subject: PATCH drm/panfrost: Fix the error path in panfrostmmumapfaultaddr If some the pages or sgt allocation failed, we shouldn't release the pages ref we got earlier,...

DEBIAN-CVE-2024-35951

In the Linux kernel, the following vulnerability has been resolved: drm/panfrost: Fix the error path in panfrostmmumapfaultaddr Subject: PATCH drm/panfrost: Fix the error path in panfrostmmumapfaultaddr If some the pages or sgt allocation failed, we shouldn't release the pages ref we got earlier,...

UBUNTU-CVE-2024-26582

In the Linux kernel, the following vulnerability has been resolved: net: tls: fix use-after-free with partial reads and async decrypt tlsdecryptsg doesn't take a reference on the pages from clearskb, so the putpage in tlsdecryptdone releases them, and we trigger a use-after-free in processrxlist...

Oracle Linux 7 : ELSA-2017-1842-1: / kernel (ELSA-2017-18421)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-18421 advisory. - The doumount function in fs/namespace.c in the Linux kernel through 3.17 does not require the CAPSYSADMIN capability for doremountsb calls that chan...

Important: Red Hat Security Advisory: samba security and bug fix update

An update for samba is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

kernel: memory leak when merging buffers in SCSI IO vectors

It was found that in the Linux kernel through v4.14-rc5, biomapuseriov and biounmapuser in 'block/bio.c' do unbalanced pages refcounting if IO vector has small consecutive buffers belonging to the same page. bioaddpcpage merges them into one, but the page reference is never dropped, causing a...

kernel: memory leak when merging buffers in SCSI IO vectors

It was found that in the Linux kernel through v4.14-rc5, biomapuseriov and biounmapuser in 'block/bio.c' do unbalanced pages refcounting if IO vector has small consecutive buffers belonging to the same page. bioaddpcpage merges them into one, but the page reference is never dropped, causing a...

kernel: memory leak when merging buffers in SCSI IO vectors

It was found that in the Linux kernel through v4.14-rc5, biomapuseriov and biounmapuser in 'block/bio.c' do unbalanced pages refcounting if IO vector has small consecutive buffers belonging to the same page. bioaddpcpage merges them into one, but the page reference is never dropped, causing a...

Design/Logic Flaw

The nestedvmxcheckvmptr function in arch/x86/kvm/vmx.c in the Linux kernel through 4.9.8 improperly emulates the VMXON instruction, which allows KVM L1 guest OS users to cause a denial of service host OS memory consumption by leveraging the mishandling of page references...

CVE-2017-2596

The nestedvmxcheckvmptr function in arch/x86/kvm/vmx.c in the Linux kernel through 4.9.8 improperly emulates the VMXON instruction, which allows KVM L1 guest OS users to cause a denial of service host OS memory consumption by leveraging the mishandling of page references...

CVE-2014-9030

The dommuupdate function in arch/x86/mm.c in Xen 3.2.x through 4.4.x does not properly manage page references, which allows remote domains to cause a denial of service by leveraging control over an HVM guest and a crafted MMUMACHPHYSUPDATE...

CVE-2013-1432

Xen 4.1.x and 4.2.x, when the XSA-45 patch is in place, does not properly maintain references on pages stored for deferred cleanup, which allows local PV guest kernels to cause a denial of service premature page free and hypervisor crash or possibly gain privileges via unspecified vectors...