12621 matches found
CVE-2023-53466
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7915: fix memory leak in mt7915mcuexit Always purge mcu skb queues in mt7915mcuexit routine even if mt7915firmwarestate fails...
CVE-2022-50459
In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi: iscsitcp: Fix null-ptr-deref while calling getpeername Fix a NULL pointer crash that occurs when we are freeing the socket at the same time we access it via sysfs. The problem is that: 1. iscsiswtcpconngetparam and...
UBUNTU-CVE-2023-53489
In the Linux kernel, the following vulnerability has been resolved: tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp. syzkaller reported 0 memory leaks of an UDP socket and ZEROCOPY skbs. We can reproduce the problem with these sequences: sk = socketAFINET, SOCKDGRAM, 0...
UBUNTU-CVE-2023-53466
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7915: fix memory leak in mt7915mcuexit Always purge mcu skb queues in mt7915mcuexit routine even if mt7915firmwarestate fails...
UBUNTU-CVE-2023-53464
In the Linux kernel, the following vulnerability has been resolved: scsi: iscsitcp: Check that sock is valid before iscsisetparam The validity of sock should be checked before assignment to avoid incorrect values. Commit 57569c37f0ad "scsi: iscsi: iscsitcp: Fix null-ptr-deref while calling...
UBUNTU-CVE-2023-53496
In the Linux kernel, the following vulnerability has been resolved: x86/platform/uv: Use alternate source for socket to node data The UV code attempts to build a set of tables to allow it to do bidirectional socketnode lookups. But when nrcpus is set to a smaller number than actually present, the...
UBUNTU-CVE-2022-50459
In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi: iscsitcp: Fix null-ptr-deref while calling getpeername Fix a NULL pointer crash that occurs when we are freeing the socket at the same time we access it via sysfs. The problem is that: 1. iscsiswtcpconngetparam and...
CVE-2023-53496 x86/platform/uv: Use alternate source for socket to node data
In the Linux kernel, the following vulnerability has been resolved: x86/platform/uv: Use alternate source for socket to node data The UV code attempts to build a set of tables to allow it to do bidirectional socketnode lookups. But when nrcpus is set to a smaller number than actually present, the...
CVE-2023-53496
CVE-2023-53496 – In the Linux kernel, the UV (socketnode lookup) code loops over CPUs to build socket tables; when nr_cpus is less than actual CPUs, cpu_to_node() data for unused CPUs is missing, leading to -1 entries and potential oops. The fix replaces the CPU-loop with a loop over APICIDs mapp...
CVE-2023-53496 x86/platform/uv: Use alternate source for socket to node data
In the Linux kernel, the following vulnerability has been resolved: x86/platform/uv: Use alternate source for socket to node data The UV code attempts to build a set of tables to allow it to do bidirectional socketnode lookups. But when nrcpus is set to a smaller number than actually present, the...
CVE-2023-53489 tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp.
In the Linux kernel, the following vulnerability has been resolved: tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp. syzkaller reported 0 memory leaks of an UDP socket and ZEROCOPY skbs. We can reproduce the problem with these sequences: sk = socketAFINET, SOCKDGRAM, 0...
CVE-2023-53489 tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp.
In the Linux kernel, the following vulnerability has been resolved: tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp. syzkaller reported 0 memory leaks of an UDP socket and ZEROCOPY skbs. We can reproduce the problem with these sequences: sk = socketAFINET, SOCKDGRAM, 0...
CVE-2022-50459 scsi: iscsi: iscsi_tcp: Fix null-ptr-deref while calling getpeername()
In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi: iscsitcp: Fix null-ptr-deref while calling getpeername Fix a NULL pointer crash that occurs when we are freeing the socket at the same time we access it via sysfs. The problem is that: 1. iscsiswtcpconngetparam and...
CVE-2022-50459 scsi: iscsi: iscsi_tcp: Fix null-ptr-deref while calling getpeername()
In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi: iscsitcp: Fix null-ptr-deref while calling getpeername Fix a NULL pointer crash that occurs when we are freeing the socket at the same time we access it via sysfs. The problem is that: 1. iscsiswtcpconngetparam and...
CVE-2022-50459
CVE-2022-50459 affects the Linux kernel’s iSCSI TCP path (scsi: iscsi: iscsi_tcp) where a NULL pointer dereference can occur if a socket is freed while accessed via sysfs. Details describe the sequence: sock_hold() on struct sock, then sockfd_put() frees the socket, __sock_release() clears sock-&...
CVE-2023-53466 wifi: mt76: mt7915: fix memory leak in mt7915_mcu_exit
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7915: fix memory leak in mt7915mcuexit Always purge mcu skb queues in mt7915mcuexit routine even if mt7915firmwarestate fails...
CVE-2023-53464
CVE-2023-53464 affects the Linux kernel: the iscsi_tcp path in SCSI may assign values to tcp_sw_conn->sendpage and conn->datadgst_en before validating sock, risking inconsistency due to a null/invalid sock. The fix relocates the assignment so the sock is validated prior to use, as described...
CVE-2023-53464 scsi: iscsi_tcp: Check that sock is valid before iscsi_set_param()
In the Linux kernel, the following vulnerability has been resolved: scsi: iscsitcp: Check that sock is valid before iscsisetparam The validity of sock should be checked before assignment to avoid incorrect values. Commit 57569c37f0ad "scsi: iscsi: iscsitcp: Fix null-ptr-deref while calling...
CVE-2025-39897
In the Linux kernel, the following vulnerability has been resolved: net: xilinx: axienet: Add error handling for RX metadata pointer retrieval Add proper error checking for dmaenginedescgetmetadataptr which can return an error pointer and lead to potential crashes or undefined behaviour if the...
UBUNTU-CVE-2025-39897
In the Linux kernel, the following vulnerability has been resolved: net: xilinx: axienet: Add error handling for RX metadata pointer retrieval Add proper error checking for dmaenginedescgetmetadataptr which can return an error pointer and lead to potential crashes or undefined behaviour if the...