CVE-2024-58056 remoteproc: core: Fix ida_free call while not allocated

In the Linux kernel, the following vulnerability has been resolved: remoteproc: core: Fix idafree call while not allocated In the rprocalloc function, on error, putdevice&rproc-dev is called, leading to the call of the rproctyperelease function. An error can occurs before idaalloc is called. In...

CVE-2024-58056 remoteproc: core: Fix ida_free call while not allocated

In the Linux kernel, the following vulnerability has been resolved: remoteproc: core: Fix idafree call while not allocated In the rprocalloc function, on error, putdevice&rproc-dev is called, leading to the call of the rproctyperelease function. An error can occurs before idaalloc is called. In...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the unused bpfmemalloc in the PREEMPTRT environment, which could lead to a memory allocation failure...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from miscminoralloc not using ida for all dynamic minors, which could lead to a memory leak...

OESA-2025-1214 uboot-tools security update

This package includes the mkimage program, which allows generation of U-Boot images in various formats, and the fwprintenv and fwsetenv programs to read and modify U-Boot's environment. Security Fixes: An integer overflow in ext4fsreadsymlink in Das U-Boot before 2025.01-rc1 occurs for zalloc...

PT-2025-9099 · Git +1 · Ghostscript

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A crash occurs due to an unknown read issue. The crash state involves functions such as insert free, chunk obj alloc, and pdfi object alloc. Recommendations: At the moment, there is no...

PT-2025-9098 · Git +1 · Ghostscript

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A crash occurs due to an unknown read issue. The crash involves the chunk obj alloc and pdfi read cff dict functions. Recommendations: At the moment, there is no information about a newer...

DEBIAN-CVE-2025-21759

In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: extend RCU protection in igmp6send igmp6send can be called without RTNL or RCU being held. Extend RCU protection so that we can safely fetch the net pointer and avoid a potential UAF. Note that we no longer can use...

UBUNTU-CVE-2025-21764

In the Linux kernel, the following vulnerability has been resolved: ndisc: use RCU protection in ndiscallocskb ndiscallocskb can be called without RTNL or RCU being held. Add RCU protection to avoid possible UAF...

UBUNTU-CVE-2025-21758

In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: add RCU protection to mldnewpack mldnewpack can be called without RTNL or RCU being held. Note that we no longer can use sockallocsendskb because ipv6.igmpsk uses GFPKERNEL allocations which can sleep. Instead use...

UBUNTU-CVE-2025-21748

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix integer overflows on 32 bit systems On 32bit systems the addition operations in ipcmsgalloc can potentially overflow leading to memory corruption. Add bounds checking using KSMBDIPCMAXPAYLOAD to avoid overflow...

SUSE CVE-2022-49079

In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: traverse devices under chunkmutex in btrfscanactivatezone btrfscanactivatezone can be called with the devicelistmutex already held, which will lead to a deadlock: insertdevextents // Takes devicelistmutex -...

SUSE CVE-2022-49097

In the Linux kernel, the following vulnerability has been resolved: NFS: Avoid writeback threads getting stuck in mempoolalloc In a low memory situation, allow the NFS writeback code to fail without getting stuck in infinite loops in mempoolalloc...

SUSE CVE-2022-49328

In the Linux kernel, the following vulnerability has been resolved: mt76: fix use-after-free by removing a non-RCU wcid pointer Fixes an issue caught by KASAN about use-after-free in mt76txqschedule by protecting mtxq-wcid with rculock between mt76txqschedule and stainfoalloc, free. 18853.876689...

CVE-2022-49190

In the Linux kernel, the following vulnerability has been resolved: kernel/resource: fix kfree of bootmem memory again Since commit ebff7d8f270d "mem hotunplug: fix kfree of bootmem memory", we could get a resource allocated during boot via allocresource. And it's required to release the resource...

UBUNTU-CVE-2022-49720

In the Linux kernel, the following vulnerability has been resolved: block: Fix handling of offline queues in blkmqallocrequesthctx This patch prevents that test nvme/004 triggers the following: UBSAN: array-index-out-of-bounds in block/blk-mq.h:135:9 index 512 is out of range for type 'long...

UBUNTU-CVE-2022-49300

In the Linux kernel, the following vulnerability has been resolved: nbd: fix race between nbdallocconfig and module removal When nbd module is being removing, nbdallocconfig may be called concurrently by nbdgenlconnect, although trymoduleget will return false, but nbdallocconfig doesn't handle it...

CVE-2022-49209

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix memleak in tcpbpfsendmsg while sk msg is full If tcpbpfsendmsg is running while sk msg is full. When skmsgalloc returns -ENOMEM error, tcpbpfsendmsg goes to waitformemory. If partial memory has been alloced by...

DEBIAN-CVE-2022-49170

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on curseg-alloctype As Wenqing Liu reported in bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=215657 - Overview UBSAN: array-index-out-of-bounds in fs/f2fs/segment.c:3460:2 when mount and operat...

UBUNTU-CVE-2022-49127

In the Linux kernel, the following vulnerability has been resolved: reftracker: implement use-after-free detection Whenever reftrackerdirinit is called, mark the struct reftrackerdir as dead. Test the dead status from reftrackeralloc and reftrackerfree This should detect buggy devput/devhold...