2372 matches found
CVE-2025-47404
Memory corruption when dynamically changing the size of a previously allocated buffer while its contents are being modified...
kernel: scsi: qla2xxx: Fix improper freeing of purex item
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix improper freeing of purex item In qla2xxxprocesspurlsiocb, an item is allocated via qla27xxcopymultiplepkt, which internally calls qla24xxallocpurexitem. The qla24xxallocpurexitem function may return a...
SUSE CVE-2026-31470
In the Linux kernel, the following vulnerability has been resolved: virt: tdx-guest: Fix handling of host controlled 'quote' buffer length Validate host controlled value quotebuf-outlen that determines how many bytes of the quote are copied out to guest userspace. In TDX environments with remote...
SUSE CVE-2026-31520
In the Linux kernel, the following vulnerability has been resolved: HID: apple: avoid memory leak in applereportfixup The applereportfixup function was returning a newly kmemdup-allocated buffer, but never freeing it. The caller of reportfixup does not take ownership of the returned pointer, but ...
kernel: scsi: qla2xxx: Fix improper freeing of purex item
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix improper freeing of purex item In qla2xxxprocesspurlsiocb, an item is allocated via qla27xxcopymultiplepkt, which internally calls qla24xxallocpurexitem. The qla24xxallocpurexitem function may return a...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013240)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013240 advisory. In the Linux kernel, the following vulnerability has been resolved: udplite: Fix NULL pointer dereference in skmemraiseallocated. syzbot reported 0 a null-ptr-deref ...
kernel: scsi: qla2xxx: Fix improper freeing of purex item
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix improper freeing of purex item In qla2xxxprocesspurlsiocb, an item is allocated via qla27xxcopymultiplepkt, which internally calls qla24xxallocpurexitem. The qla24xxallocpurexitem function may return a...
SUSE CVE-2026-23418
In the Linux kernel, the following vulnerability has been resolved: drm/xe/regsr: Fix leak on xastore failure Free the newly allocated entry when xastore fails to avoid a memory leak on the error path. v2: use goto failfree. Bala cherry picked from commit 6bc6fec71ac45f52db609af4e62bdb96b9f5fadb...
PT-2026-30032
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the drm/xe/reg sr component of the Linux kernel. Specifically, the issue occurs when xa store fails, and the newly allocated entry is not freed, leading to a memo...
SUSE SLES15 Security Update : kernel (Live Patch 35 for SUSE Linux Enterprise 15 SP5) (SUSE-SU-2026:1060-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2026:1060-1 advisory. This update for the SUSE Linux Enterprise Kernel 5.14.21-150500.55.136 fixes one security issue The following security issue was fixed: - CVE-2025-2173...
CVE-2026-23277 net/sched: teql: fix NULL pointer dereference in iptunnel_xmit on TEQL slave xmit
In the Linux kernel, the following vulnerability has been resolved: net/sched: teql: fix NULL pointer dereference in iptunnelxmit on TEQL slave xmit teqlmasterxmit calls netdevstartxmitskb, slave to transmit through slave devices, but does not update skb-dev to the slave device beforehand. When a...
EUVD-2026-12894
In the Linux kernel, the following vulnerability has been resolved: regmap: maple: free entry on masstoregfp failure regcachemaplewrite allocates a new block 'entry' to merge adjacent ranges and then stores it with masstoregfp. When masstoregfp fails, the new 'entry' remains allocated and is neve...
CVE-2026-2922
GStreamer RealMedia Demuxer Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary...
libpng: LIBPNG has a heap buffer overflow in png_set_quantize
A heap based buffer overflow flaw has been discovered in LibPNG. Prior to version 1.6.55, an out-of-bounds read vulnerability exists in the pngsetquantize API function. When the function is called with no histogram and the number of colors in the palette is more than twice the maximum supported b...
CVE-2026-23135
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix dmafreecoherent pointer dmaalloccoherent allocates a DMA mapped buffer and stores the addresses in XXXunaligned fields. Those should be reused when freeing the buffer rather than the aligned addresses...
CVE-2026-23133 wifi: ath10k: fix dma_free_coherent() pointer
In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: fix dmafreecoherent pointer dmaalloccoherent allocates a DMA mapped buffer and stores the addresses in XXXunaligned fields. Those should be reused when freeing the buffer rather than the aligned addresses...
CVE-2026-23052
In the Linux kernel, the following vulnerability has been resolved: ftrace: Do not over-allocate ftrace memory The pgremaining calculation in ftraceprocesslocs assumes that ENTRIESPERPAGE multiplied by 2^order equals the actual capacity of the allocated page group. However, ENTRIESPERPAGE is...
CVE-2026-23052 ftrace: Do not over-allocate ftrace memory
In the Linux kernel, the following vulnerability has been resolved: ftrace: Do not over-allocate ftrace memory The pgremaining calculation in ftraceprocesslocs assumes that ENTRIESPERPAGE multiplied by 2^order equals the actual capacity of the allocated page group. However, ENTRIESPERPAGE is...
EUVD-2026-5494
In the Linux kernel, the following vulnerability has been resolved: ftrace: Do not over-allocate ftrace memory The pgremaining calculation in ftraceprocesslocs assumes that ENTRIESPERPAGE multiplied by 2^order equals the actual capacity of the allocated page group. However, ENTRIESPERPAGE is...
CVE-2026-23052 ftrace: Do not over-allocate ftrace memory
In the Linux kernel, the following vulnerability has been resolved: ftrace: Do not over-allocate ftrace memory The pgremaining calculation in ftraceprocesslocs assumes that ENTRIESPERPAGE multiplied by 2^order equals the actual capacity of the allocated page group. However, ENTRIESPERPAGE is...