CVE-2022-50578

In the Linux kernel, the following vulnerability has been resolved: class: fix possible memory leak in classregister If classaddgroups returns error, the 'cp-subsys' need be unregister, and the 'cp' need be freed. We can not call ksetunregister here, because the 'cls' will be freed in callback...

CVE-2023-53662 ext4: fix memory leaks in ext4_fname_{setup_filename,prepare_lookup}

In the Linux kernel, the following vulnerability has been resolved: ext4: fix memory leaks in ext4fnamesetupfilename,preparelookup If the filename casefolding fails, we'll be leaking memory from the fscryptname struct, namely from the 'cryptobuf.name' member. Make sure we free it in the error pat...

UBUNTU-CVE-2023-53606

In the Linux kernel, the following vulnerability has been resolved: nfsd: clean up potential nfsdfile refcount leaks in COPY codepath There are two different flavors of the nfsd4copy struct. One is embedded in the compound and is used directly in synchronous copies. The other is dynamically...

CVE-2023-53567

CVE-2023-53567 – Linux kernel : The issue affects the kernel SPI QUP driver. The root cause is returning early from a platform driver’s remove callback, which prevents releasing DMA resources in the error path, causing a permanent resource leak. The fix ensures proper cleanup by not skipping hard...

EUVD-2025-26088

Malicious code in bioql PyPI...

CVE-2025-39837 platform/x86: asus-wmi: Fix racy registrations

In the Linux kernel, the following vulnerability has been resolved: platform/x86: asus-wmi: Fix racy registrations asuswmiregisterdriver may be called from multiple drivers concurrently, which can lead to the racy list operations, eventually corrupting the memory and hitting Oops on some ASUS...

CVE-2022-50357

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: core: fix some leaks in probe The dwc3getproperties function calls: dwc-usbpsy = powersupplygetbynameusbpsyname; so there is some additional clean up required on these error paths...

DEBIAN-CVE-2022-50357

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: core: fix some leaks in probe The dwc3getproperties function calls: dwc-usbpsy = powersupplygetbynameusbpsyname; so there is some additional clean up required on these error paths...

CVE-2025-38612

In the Linux kernel, the following vulnerability has been resolved: staging: fbtft: fix potential memory leak in fbtftframebufferalloc In the error paths after fbinfo structure is successfully allocated, the memory allocated in fbdeferredioinit for info-pagerefs is not freed. Fix that by adding t...

DEBIAN-CVE-2025-38612

In the Linux kernel, the following vulnerability has been resolved: staging: fbtft: fix potential memory leak in fbtftframebufferalloc In the error paths after fbinfo structure is successfully allocated, the memory allocated in fbdeferredioinit for info-pagerefs is not freed. Fix that by adding t...

UBUNTU-CVE-2025-38612

In the Linux kernel, the following vulnerability has been resolved: staging: fbtft: fix potential memory leak in fbtftframebufferalloc In the error paths after fbinfo structure is successfully allocated, the memory allocated in fbdeferredioinit for info-pagerefs is not freed. Fix that by adding t...

CVE-2025-38612

CVE-2025-38612 affects the Linux kernel staging driver fbtft (staging: fbtft). The vulnerability is due to a memory leak in fb_deferred_io_init() where memory allocated for info->pagerefs in the fb_info error path was not freed after fb_info allocation completed. The fix adds the cleanup on th...

CVE-2025-38612

In the Linux kernel, the following vulnerability has been resolved: staging: fbtft: fix potential memory leak in fbtftframebufferalloc In the error paths after fbinfo structure is successfully allocated, the memory allocated in fbdeferredioinit for info-pagerefs is not freed. Fix that by adding t...

CVE-2025-38603

The connected Nessus entry provides concrete details for CVE-2025-38603: it affects the Linux kernel’s amdgpu driver, specifically a slab-use-after-free in amdgpu_userq_mgr_fini. The issue could occur when amdgpu_fpriv is freed in amdgpu_driver_postclose_kms() and later accessed in amdgpu_drm_rel...

CVE-2025-38410 drm/msm: Fix a fence leak in submit error path

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix a fence leak in submit error path In error paths, we could unref the submit without calling drmschedentitypushjob, so msmjobfree will never get called. Since drmschedjobcleanup will NULL out the sfence, we can use th...

yt-dlp 操作系统命令注入漏洞

yt-dlp is the youtube-dl branch of yt-dlp based on the now inactive youtube-dlc. An operating system command injection vulnerability exists in yt-dlp version 2025.06.25 and earlier, which stems from insufficient path cleanup in the --exec option file, and could lead to remote code execution...

ColoradoFTP Server 安全漏洞

ColoradoFTP Server is a Java FTP server software from Colorado Open Source. A security vulnerability exists in ColoradoFTP Server version 1.3 Build 8, which stems from improper path cleanup in the FTP GET and PUT commands, which could lead to directory traversal...

RSJoomla! RSFirewall! 安全漏洞

RSJoomla! RSFirewall! is a website security protection tool from RSJoomla! A security vulnerability exists in RSJoomla! RSFirewall! versions 2.9.7 through 3.1.5, which stems from insufficient path cleanup and could lead to arbitrary file reads...

CVE-2025-22005 ipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw().

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix memleak of nhcpcpurthoutput in fibchecknhv6gw. fibchecknhv6gw expects that fib6nhinit cleans up everything when it fails. Commit 7dd73168e273 "ipv6: Always allocate pcpu memory in a fib6nh" moved fibnhcommoninit before...

CVE-2025-22005 ipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw().

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix memleak of nhcpcpurthoutput in fibchecknhv6gw. fibchecknhv6gw expects that fib6nhinit cleans up everything when it fails. Commit 7dd73168e273 "ipv6: Always allocate pcpu memory in a fib6nh" moved fibnhcommoninit before...