849 matches found
CVE-2026-23135
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix dmafreecoherent pointer dmaalloccoherent allocates a DMA mapped buffer and stores the addresses in XXXunaligned fields. Those should be reused when freeing the buffer rather than the aligned addresses...
EUVD-2026-5902
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix dmafreecoherent pointer dmaalloccoherent allocates a DMA mapped buffer and stores the addresses in XXXunaligned fields. Those should be reused when freeing the buffer rather than the aligned addresses...
CVE-2026-23133
In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: fix dmafreecoherent pointer dmaalloccoherent allocates a DMA mapped buffer and stores the addresses in XXXunaligned fields. Those should be reused when freeing the buffer rather than the aligned addresses...
nodejs: Nodejs uninitialized memory exposure
A memory exposure flaw has been discovered in Node.js. A flaw in Node.js's buffer allocation logic can expose uninitialized memory when allocations are interrupted, when using the vm module with the timeout option. Under specific timing conditions, buffers allocated with Buffer.alloc and other...
CVE-2026-23044 PM: hibernate: Fix crash when freeing invalid crypto compressor
In the Linux kernel, the following vulnerability has been resolved: PM: hibernate: Fix crash when freeing invalid crypto compressor When cryptoallocacomp fails, it returns an ERRPTR value, not NULL. The cleanup code in savecompressedimage and loadcompressedimage unconditionally calls...
CVE-2026-23038
In the Linux kernel, the following vulnerability has been resolved: pnfs/flexfiles: Fix memory leak in nfs4ffallocdeviceidnode In nfs4ffallocdeviceidnode, if the allocation for dsversions fails, the function jumps to the outscratch label without freeing the already allocated dsaddrs list, leading...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005002)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005002 advisory. In the Linux kernel, the following vulnerability has been resolved: Fix page corruption caused by racy check in freepages When we upgraded our kernel, we started...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005048)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005048 advisory. In the Linux kernel, the following vulnerability has been resolved: vfio/pci: fix potential memory leak in vfiointxenable If vfioirqctxalloc failed will lead to 'nam...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004854)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004854 advisory. In the Linux kernel, the following vulnerability has been resolved: PNP: fix name memory leak in pnpallocdev After commit 1fa5ae857bb1 driver core: get rid of struct...
Azure Linux 3.0 Security Update: kernel (CVE-2024-41087)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-41087 advisory. - In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: Fix double free on err...
AZL-74979 CVE-2025-55131 affecting package nodejs for versions less than 20.14.0-13
A flaw in Node.js's buffer allocation logic can expose uninitialized memory when allocations are interrupted, when using the vm module with the timeout option. Under specific timing conditions, buffers allocated with Buffer.alloc and other TypedArray instances like Uint8Array may contain leftover...
CVE-2025-55131
A flaw in Node.js's buffer allocation logic can expose uninitialized memory when allocations are interrupted, when using the vm module with the timeout option. Under specific timing conditions, buffers allocated with Buffer.alloc and other TypedArray instances like Uint8Array may contain leftover...
UBUNTU-CVE-2025-55131
A flaw in Node.js's buffer allocation logic can expose uninitialized memory when allocations are interrupted, when using the vm module with the timeout option. Under specific timing conditions, buffers allocated with Buffer.alloc and other TypedArray instances like Uint8Array may contain leftover...
CVE-2025-55131
A flaw in Node.js's buffer allocation logic can expose uninitialized memory when allocations are interrupted, when using the vm module with the timeout option. Under specific timing conditions, buffers allocated with Buffer.alloc and other TypedArray instances like Uint8Array may contain leftover...
CVE-2026-23732 FreeRDP has heap-buffer-overflow in Glyph_Alloc
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, FastGlyph parsing trusts cbData/remaining length and never validates against the minimum size implied by cx/cy. A malicious server can trigger a client‑side global buffer overflow, causing a crash DoS. Versi...
CVE-2026-23732 FreeRDP has heap-buffer-overflow in Glyph_Alloc
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, FastGlyph parsing trusts cbData/remaining length and never validates against the minimum size implied by cx/cy. A malicious server can trigger a client‑side global buffer overflow, causing a crash DoS. Versi...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003839)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003839 advisory. In binderallocfreepage of binderalloc.c, there is a possible double free due to improper locking. This could lead to local escalation of privilege in the kernel with...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004027)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004027 advisory. An issue was discovered in kmemcacheallocbulk in mm/slub.c in the Linux kernel before 5.5.11. The slowpath lacks the required TID increment, aka CID-fd4d9c7d0c71...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004123)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004123 advisory. A memory leak in the mwifiexpciealloccmdrspbuf function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allows attackers to cause a...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004144)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004144 advisory. A memory leak in the allocsgtable function in drivers/net/wireless/intel/iwlwifi/fw/dbg.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of...