847 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: net: lan966x: Fixed the page pool leak in error paths. lan966xfdmarxalloc creates a page pool, but does not destroy it if the subsequent fdmaalloccoherent call fails, resulting in the page pool being leaked. Similarly,...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: netlink: A flaw related to wraparounds of sk-skrmemalloc. This issue occurs in some parts of netlink. The flaw is as follows: If atomicread&sk-skrmemalloc sk-skrcvbuf, then atomicaddskb-truesize, &sk-skrmemalloc. This issue was...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: iwlwifi: Added a missing check for allocorderedworkqueue. Also added a check on the return value of allocorderedworkqueue, as it might return a NULL pointer...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: fs: udf: fix OOB read in lengthAllocDescs handling When parsing Allocation Extent Descriptor, lengthAllocDescs comes from on-disk data and must be validated against the block size. Crafted or corrupted images may set...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Do not call scsiRemoveHost in pm8001Alloc. Calling scsiRemoveHost before scsiAddHost results in a crash. BUG: Kernel NULL pointer dereferencing, address: 0000000000000108 RIP: 0010: devicedel+0x63/0x440 Call Trace:...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Added a rough attrallocsize check...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: scsi: target: core: Fixed the nullptrderef issue in targetallocdevice. There is a nullptrderef issue reported by KASAN: BUG: KASAN: Nullptrderef in targetallocdevice+0xbc4/0xbe0 targetcoremod … kasanreport+0xb9/0xf0...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: Wifi: ath11k: A memory leak has been fixed in ath11kpeerrxfragsetup. The cryptoallocshash function allocates resources, which should be released by cryptofreeshash. When ath11kpeerfind fails, there is a memory leak. Add the missi...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: dpll: fixed the error handling for xaalloccyclic. If the value 1 is returned from xaalloccyclic wrapping, ERRPTR1 will be returned, causing ISERR to be false. This can lead to dereferencing an unallocated pointer pin. The issue c...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: Added a check for mgmtallocskb in mgmtdeviceconnected. Added a check on the return value of mgmtallocskb in mgmtdeviceconnected to prevent null pointer dereferencing...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021614)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021614 advisory. In the Linux kernel, the following vulnerability has been resolved: drm: omapdrm: Add missing check for allocorderedworkqueue As it may return NULL pointer and cause...
vm2 安全漏洞
vm2 is a high-level virtual machine/sandbox developed by Czech developer Patrik Simek. It runs untrusted code using built-in Node.js modules listed in the allowlist. Versions of vm2 prior to 3.11.0 have a security vulnerability: sandbox code can call Buffer.alloc to allocate memory of arbitrary...
SUSE CVE-2026-43343
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fsubset: Fix unbalanced refcnt in gethfree gethalloc increments the reference count, but gethfree fails to decrement it. This prevents the configuration of attributes via configfs after unlinking the function...
freerdp security update
2:2.11.7-1.7 - Fix double free in xfrailwindowcommon cleanup CVE-2026-26986 - Fix growth of preallocated buffers CVE-2026-27951 - Fix heap-buffer-overflow in bitmapcacheput CVE-2026-29775 - Add DSP format checks CVE-2026-31884 - Fix DSP array bounds checks CVE-2026-31883 - Fix DSP array bounds...
UBUNTU-CVE-2026-43396
In the Linux kernel, the following vulnerability has been resolved: drm/xe/sync: Fix user fence leak on alloc failure When dmafencechainalloc fails, properly release the user fence reference to prevent a memory leak. cherry picked from commit a5d5634cde48a9fcd68c8504aa07f89f175074a0...
CVE-2026-43295
In the Linux kernel, the following vulnerability has been resolved: rapidio: replace riofreenet with kfree in rioscanallocnet When idtab allocation fails, net is not registered with rioaddnet yet, so kfreenet is sufficient to release the memory. Set mport-net to NULL to avoid dangling pointer...
CVE-2026-43343
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fsubset: Fix unbalanced refcnt in gethfree gethalloc increments the reference count, but gethfree fails to decrement it. This prevents the configuration of attributes via configfs after unlinking the function...
CVE-2026-43295 rapidio: replace rio_free_net() with kfree() in rio_scan_alloc_net()
In the Linux kernel, the following vulnerability has been resolved: rapidio: replace riofreenet with kfree in rioscanallocnet When idtab allocation fails, net is not registered with rioaddnet yet, so kfreenet is sufficient to release the memory. Set mport-net to NULL to avoid dangling pointer...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure of the dmafencechainalloc function during execution. As a result, user-fence referenc...
SUSE CVE-2026-43283
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ecbhf: Fix dmafreecoherent dma handle dmafreecoherent in error path takes priv-rxbuf.alloclen as the dma handle. This would lead to improper unmapping of the buffer. Change the dma handle to priv-rxbuf.allocphys...