849 matches found
DEBIAN-CVE-2021-47361
In the Linux kernel, the following vulnerability has been resolved: mcb: fix error handling in mcballocbus There are two bugs: 1 If idasimpleget fails then this code calls putdevicecarrier but we haven't yet called getdevicecarrier and probably that leads to a use after free. 2 After...
SUSE CVE-2024-35829
In the Linux kernel, the following vulnerability has been resolved: drm/lima: fix a memleak in limaheapalloc When limavmmapbo fails, the resources need to be deallocated, or there will be memleaks...
SUSE CVE-2024-35962
In the Linux kernel, the following vulnerability has been resolved: netfilter: complete validation of user input In my recent commit, I missed that doreplace handlers use copyfromsockptr which I fixed, followed by unsafe copyfromsockptroffset calls. In all functions, we can perform the @optlen...
UBUNTU-CVE-2024-35974
In the Linux kernel, the following vulnerability has been resolved: block: fix q-blkglist corruption during disk rebind Multiple gendisk instances can allocated/added for single request queue in case of disk rebind. blkg may still stay in q-blkglist when calling blkcginitdisk for rebind, then...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the sndemu10k1pcmchannelalloc function allowing out-of-bounds access...
AZL-40298 CVE-2024-27078 affecting package hyperv-daemons for versions less than 6.6.29.1-1
In the Linux kernel, the following vulnerability has been resolved: media: v4l2-tpg: fix some memleaks in tpgalloc In tpgalloc, resources should be deallocated in each and every error-handling paths, since they are allocated in for statements. Otherwise there would be memleaks because tpgfree is...
SUSE CVE-2024-26839
In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix a memleak in initcreditreturn When dmaalloccoherent fails to allocate dd-crbasei.va, initcreditreturn should deallocate dd-crbase and dd-crbasei that allocated before. Or those resources would be never freed and a...
DEBIAN-CVE-2024-26911
In the Linux kernel, the following vulnerability has been resolved: drm/buddy: Fix allocrange error handling code Few users have observed display corruption when they boot the machine to KDE Plasma or playing games. We have root caused the problem that whenever allocrange couldn't find the requir...
UBUNTU-CVE-2024-26911
In the Linux kernel, the following vulnerability has been resolved: drm/buddy: Fix allocrange error handling code Few users have observed display corruption when they boot the machine to KDE Plasma or playing games. We have root caused the problem that whenever allocrange couldn't find the requir...
PT-2024-21576
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to the drm/buddy component of the Linux kernel, specifically with the alloc range function. This function was returning SUCCESS in certain corner cases when it...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the allocrange error handling code...
CVE-2024-26741
In the Linux kernel, the following vulnerability has been resolved: dccp/tcp: Unhash sk from ehash for tb2 alloc failure after checkestalblished. syzkaller reported a warning 0 in inetcskdestroysock with no repro. WARNONinetsksk-inetnum && !inetcsksk-icskbindhash; However, the syzkaller's log...
CVE-2024-26741
In the Linux kernel, the following vulnerability has been resolved: dccp/tcp: Unhash sk from ehash for tb2 alloc failure after checkestalblished. syzkaller reported a warning 0 in inetcskdestroysock with no repro. WARNONinetsksk-inetnum && !inetcsksk-icskbindhash; However, the syzkaller's log...
CVE-2024-26741 dccp/tcp: Unhash sk from ehash for tb2 alloc failure after check_estalblished().
In the Linux kernel, the following vulnerability has been resolved: dccp/tcp: Unhash sk from ehash for tb2 alloc failure after checkestalblished. syzkaller reported a warning 0 in inetcskdestroysock with no repro. WARNONinetsksk-inetnum && !inetcsksk-icskbindhash; However, the syzkaller's log...
DEBIAN-CVE-2024-26712
In the Linux kernel, the following vulnerability has been resolved: powerpc/kasan: Fix addr error caused by page alignment In kasaninitregion, when kstart is not page aligned, at the begin of for loop, kcur = kstart & PAGEMASK is less than kstart, and then va = block + kcur - kstart is less than...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel has a security vulnerability that stems from a security flaw in allocpage...
SUSE CVE-2021-47177
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix sysfs leak in allociommu iommudevicesysfsadd is called before, so is has to be cleaned on subsequent errors...
CVE-2023-52622 ext4: avoid online resizing failures due to oversized flex bg
In the Linux kernel, the following vulnerability has been resolved: ext4: avoid online resizing failures due to oversized flex bg When we online resize an ext4 filesystem with a oversized flexbgsize, mkfs.ext4 -F -G 67108864 $dev -b 4096 100M mount $dev $dir resize2fs $dev 16G the following WARNO...
CVE-2024-2452 Integer wraparound, under-allocation, and heap buffer overflow in Eclipse ThreadX NetX Duo __portable_aligned_alloc()
In Eclipse ThreadX NetX Duo before 6.4.0, if an attacker can control parameters of portablealignedalloc could cause an integer wrap-around and an allocation smaller than expected. This could cause subsequent heap buffer overflows...
CVE-2024-2452
In Eclipse ThreadX NetX Duo prior to 6.4.0, an attacker who can control parameters of the __portable_aligned_alloc() function may trigger an integer wrap-around with an under-sized allocation, enabling subsequent heap buffer overflows. Affected software: Eclipse ThreadX NetX Duo (pre-6.4.0). Root...