AZL-25609 CVE-2023-23005 affecting package kernel for versions less than 5.15.111.1-1

In the Linux kernel before 6.2, mm/memory-tiers.c misinterprets the allocmemorytype return value expects it to be NULL in the error case, whereas it is actually an error pointer. NOTE: this is disputed by third parties because there are no realistic cases in which a user can cause the...

DEBIAN-CVE-2023-23005

In the Linux kernel before 6.2, mm/memory-tiers.c misinterprets the allocmemorytype return value expects it to be NULL in the error case, whereas it is actually an error pointer. NOTE: this is disputed by third parties because there are no realistic cases in which a user can cause the...

UBUNTU-CVE-2023-23005

In the Linux kernel before 6.2, mm/memory-tiers.c misinterprets the allocmemorytype return value expects it to be NULL in the error case, whereas it is actually an error pointer. NOTE: this is disputed by third parties because there are no realistic cases in which a user can cause the...

Linux kernel 代码问题漏洞

The Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A security vulnerability exists in the Linux kernel prior to version 6.2, which stems from an error in the mm/memory-tiers.c file that incorrectly handles the return value of allocmemorytype...

segmentation fault in regexp.c:1788

Description SIGSEGV raised on regtilde function at regexp.c. As the function processes the tainted string inside the poc file, constant calls to the alloc function with ever-increasing size actually exhausts memory and the process terminates. At last negative size value is assigned. Version $ git...

SUSE CVE-2007-4571

The sndmemprocread function in sound/core/memalloc.c in the Advanced Linux Sound Architecture ALSA in the Linux kernel before 2.6.22.8 does not return the correct write size, which allows local users to obtain sensitive information kernel memory contents via a small count argument, as demonstrate...

SUSE CVE-2016-6207

Integer overflow in the gdContributionsAlloc function in gdinterpolation.c in GD Graphics Library aka libgd before 2.2.3 allows remote attackers to cause a denial of service out-of-bounds memory write or memory consumption via unspecified vectors...

SUSE CVE-2018-5332

In the Linux kernel through 3.2, the rdsmessageallocsgs function does not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write related to the rdsrdmaextrasize function in net/rds/rdma.c...

SUSE CVE-2018-11212

An issue was discovered in libjpeg 9a and 9d. The allocsarray function in jmemmgr.c allows remote attackers to cause a denial of service divide-by-zero error via a crafted file...

SUSE CVE-2019-15922

An issue was discovered in the Linux kernel before 5.0.9. There is a NULL pointer dereference for a pf data structure if allocdisk fails in drivers/block/paride/pf.c...

SUSE CVE-2019-15923

An issue was discovered in the Linux kernel before 5.0.9. There is a NULL pointer dereference for a cd data structure if allocdisk fails in drivers/block/paride/pf.c...

SUSE CVE-2019-15921

An issue was discovered in the Linux kernel before 5.0.6. There is a memory leak issue when idralloc fails in genlregisterfamily in net/netlink/genetlink.c...

SUSE CVE-2019-16230

drivers/gpu/drm/radeon/radeondisplay.c in the Linux kernel 5.2.14 does not check the allocworkqueue return value, leading to a NULL pointer dereference. NOTE: A third-party software maintainer states that the work queue allocation is happening during device initialization, which for a graphics ca...

SUSE CVE-2019-16233

drivers/scsi/qla2xxx/qlaos.c in the Linux kernel 5.2.14 does not check the allocworkqueue return value, leading to a NULL pointer dereference...

SUSE CVE-2019-19058

A memory leak in the allocsgtable function in drivers/net/wireless/intel/iwlwifi/fw/dbg.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service memory consumption by triggering allocpage failures, aka CID-b4b814fec1a5...

SUSE CVE-2021-20268

An out-of-bounds access flaw was found in the Linux kernel's implementation of the eBPF code verifier in the way a user running the eBPF script calls devmapinitmap or sockmapalloc. This flaw allows a local user to crash the system or possibly escalate their privileges. The highest threat from thi...

SUSE CVE-2021-26934

An issue was discovered in the Linux kernel 4.18 through 5.10.16, as used by Xen. The backend allocation aka be-alloc mode of the drmxenfront drivers was not meant to be a supported configuration, but this wasn't stated accordingly in its support status entry...

SUSE CVE-2021-33452

An issue was discovered in NASM version 2.16rc0. There are memory leaks in nasmmalloc in nasmlib/alloc.c...

SUSE CVE-2021-33450

An issue was discovered in NASM version 2.16rc0. There are memory leaks in nasmcalloc in nasmlib/alloc.c...

SUSE CVE-2022-21385

A flaw in netrdsallocsgs in Oracle Linux kernels allows unprivileged local users to crash the machine. CVSS 3.1 Base Score 6.2 Availability impacts. CVSS Vector CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H...