127 matches found
DEBIAN-CVE-2025-38154
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Avoid using sksocket after free when sending The sk-sksocket is not locked or referenced in backlog thread, and during the call to skbsendsock, there is a race condition with the release of sksocket. All types of...
kernel: bpf, sockmap: Fix race between element replace and close()
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix race between element replace and close Element replace with a socket different from the one stored may race with socket's close link popping & unlinking. sockmapdelete unconditionally unrefs the wrong element: /...
SUSE CVE-2022-49450
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix listen setting the bar too high for the prealloc rings AFRXRPC's listen handler lets you set the backlog up to 32 if you bump up the sysctl, but whilst the preallocation circular buffers have 32 slots in them, one of...
UBUNTU-CVE-2022-49450
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix listen setting the bar too high for the prealloc rings AFRXRPC's listen handler lets you set the backlog up to 32 if you bump up the sysctl, but whilst the preallocation circular buffers have 32 slots in them, one of...
PT-2025-8623 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been identified, where the tls sk proto close function is executed repeatedly due to an incorrect update of the ctx-sk proto to sock-sk prot by...
Medium: nodejs
Issue Overview: A memory leak could occur when a remote peer abruptly closes the socket without sending a GOAWAY notification. Additionally, if an invalid header was detected by nghttp2, causing the connection to be terminated by the peer, the same leak was triggered. This flaw could lead to...
nodejs: GOAWAY HTTP/2 frames cause memory leak outside heap
A vulnerability was found in NodeJS when handling HTTP/2 connections, where the remote peer abruptly closes the socket without sending the proper HTTP/2 notification to the server, leading to a memory leak. This flaw allows an attacker to force the targeted process in the targeted host to an...
nodejs: GOAWAY HTTP/2 frames cause memory leak outside heap
A vulnerability was found in NodeJS when handling HTTP/2 connections, where the remote peer abruptly closes the socket without sending the proper HTTP/2 notification to the server, leading to a memory leak. This flaw allows an attacker to force the targeted process in the targeted host to an...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: netlink: terminate outstanding dump on socket close netlink supports iterative dumping of data. It includes the following functions: - start – optional Initiates the dumping process. - dump – The actual dumping process; this...
ALPINE-CVE-2025-23085
A memory leak could occur when a remote peer abruptly closes the socket without sending a GOAWAY notification. Additionally, if an invalid header was detected by nghttp2, causing the connection to be terminated by the peer, the same leak was triggered. This flaw could lead to increased memory...
DEBIAN-CVE-2025-23085
A memory leak could occur when a remote peer abruptly closes the socket without sending a GOAWAY notification. Additionally, if an invalid header was detected by nghttp2, causing the connection to be terminated by the peer, the same leak was triggered. This flaw could lead to increased memory...
Node.js 安全漏洞
Node.js is an open source, cross-platform JavaScript runtime environment from the Node.js open source. A security vulnerability exists in Node.js versions v18.x, v20.x, v22.x, and v23.x. The vulnerability stems from a memory leak that may occur when a remote peer suddenly closes a socket without...
netlink: terminate outstanding dump on socket close
...
SUSE CVE-2024-56664
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix race between element replace and close Element replace with a socket different from the one stored may race with socket's close link popping & unlinking. sockmapdelete unconditionally unrefs the wrong element: /...
CVE-2024-53210
In the Linux kernel, the following vulnerability has been resolved: s390/iucv: MSGPEEK causes memory leak in iucvsockdestruct Passing MSGPEEK flag to skbrecvdatagram increments skb refcount skb-users and iucvsockrecvmsg does not decrement skb refcount at exit. This results in skb memory leak in...
SUSE CVE-2024-53210
In the Linux kernel, the following vulnerability has been resolved: s390/iucv: MSGPEEK causes memory leak in iucvsockdestruct Passing MSGPEEK flag to skbrecvdatagram increments skb refcount skb-users and iucvsockrecvmsg does not decrement skb refcount at exit. This results in skb memory leak in...
AZL-55615 CVE-2024-53210 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: s390/iucv: MSGPEEK causes memory leak in iucvsockdestruct Passing MSGPEEK flag to skbrecvdatagram increments skb refcount skb-users and iucvsockrecvmsg does not decrement skb refcount at exit. This results in skb memory leak in...
SUSE CVE-2024-53140
In the Linux kernel, the following vulnerability has been resolved: netlink: terminate outstanding dump on socket close Netlink supports iterative dumping of data. It provides the families the following ops: - start - optional kicks off the dumping process - dump - actual dump helper, keeps getti...
AZL-54197 CVE-2024-53140 affecting package kernel for versions less than 5.15.176.3-1
In the Linux kernel, the following vulnerability has been resolved: netlink: terminate outstanding dump on socket close Netlink supports iterative dumping of data. It provides the families the following ops: - start - optional kicks off the dumping process - dump - actual dump helper, keeps getti...
DEBIAN-CVE-2024-53140
In the Linux kernel, the following vulnerability has been resolved: netlink: terminate outstanding dump on socket close Netlink supports iterative dumping of data. It provides the families the following ops: - start - optional kicks off the dumping process - dump - actual dump helper, keeps getti...