UBUNTU-CVE-2024-41098

In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: Fix null pointer dereference on error If the ataportalloc call in atahostalloc fails, atahostrelease will get called. However, the code in atahostrelease tries to free ataport struct members unconditionally, whi...

sysstat bug fix update

An update is available for sysstat. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The sysstat packages provide the sar and iostat commands. These commands enab...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the fact that the vmaneedsreservation function may return -ENOMEM if the allocatefileregionentries function...

PT-2024-41470 · Ооо 'Ред Софт' · Ред База Данных

Уязвимость функции CCH flush модуля cch.cpp системы управления базами данных «Ред База Данных» связана с неправильным выделением свободной оперативной памяти для кэша базы данных параметр конфигурации DefaultDbCachePages. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно,...

PT-2024-7621

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.30-02659-gc18865c4dfbd Description The vulnerability is related to the wifi component of the Linux kernel, specifically the rtw89 module. It is caused by a mistake in the allocation of memory for the skb sock...

UBUNTU-CVE-2024-39276

In the Linux kernel, the following vulnerability has been resolved: ext4: fix mbcacheentry's erefcnt leak in ext4xattrblockcachefind Syzbot reports a warning as follows: ============================================ WARNING: CPU: 0 PID: 5075 at fs/mbcache.c:419 mbcachedestroy+0x224/0x290 Modules...

RHEL 7 : libcroco (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libcroco: Infinite loop in the crparserparseselectorcore function CVE-2017-8871 - The crinputnewfromuri...

RHEL 6 : libcroco (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libcroco: Infinite loop in the crparserparseselectorcore function CVE-2017-8871 - The crinputnewfromuri...

RHEL 5 : libcroco (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libcroco: Infinite loop in the crparserparseselectorcore function CVE-2017-8871 - The crinputnewfromuri...

RHEL 7 : soundtouch (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - soundtouch: Heap-based buffer overflow in SoundStretch/WavFile.cpp:WavInFile::readHeaderBlock potentially...

SUSE CVE-2021-47373

In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Fix potential VPE leak on error In itsvpeirqdomainalloc, when itsvpeinit returns an error, there is an off-by-one in the number of VPEs to be freed. Fix it by simply passing the number of VPEs allocated, which...

CVE-2021-47535 drm/msm/a6xx: Allocate enough space for GMU registers

In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: Allocate enough space for GMU registers In commit 142639a52a01 "drm/msm/a6xx: fix crashstate capture for A650" we changed a6xxgetgmuregisters to read 3 sets of registers. Unfortunately, we didn't change the memory...

DEBIAN-CVE-2021-47440

In the Linux kernel, the following vulnerability has been resolved: net: encx24j600: check error in devmregmapinitencx24j600 devmregmapinit may return error which caused by like out of memory, this will results in null pointer dereference later when reading or writing register: general protection...

CVE-2023-52835

CVE-2023-52835 affects the Linux kernel perf subsystem. The root issue is that a large AUX area (e.g., 4 GB) can cause rb_alloc_aux and related allocations to hit bounds and mmap failure, triggering a WARN and an ENOMEM during perf-record. The fix is to bail out early if the requested AUX area is...

CVE-2023-52664

In the Linux kernel, the following vulnerability has been resolved: net: atlantic: eliminate double free in error handling logic Driver has a logic leak in ring data allocation/free, where aqringfree could be called multiple times on same ring, if system is under stress and got memory allocation...

CVE-2023-52664

The CVE-2023-52664 issue affects the Linux kernel net: Atlantic driver, where a logic error in ring data allocation/free can lead to a double-free scenario in error handling if memory allocation fails. The root cause is using the ring pointer as a failure indicator, while only ring data is alloca...

CVE-2023-52664 net: atlantic: eliminate double free in error handling logic

In the Linux kernel, the following vulnerability has been resolved: net: atlantic: eliminate double free in error handling logic Driver has a logic leak in ring data allocation/free, where aqringfree could be called multiple times on same ring, if system is under stress and got memory allocation...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a memory allocation error...

CVE-2024-26920

In the Linux kernel, the following vulnerability has been resolved: tracing/trigger: Fix to return error if failed to alloc snapshot Fix registersnapshottrigger to return error code if it failed to allocate a snapshot instead of 0 success. Unless that, it will register snapshot trigger without an...

SUSE CVE-2021-47171

In the Linux kernel, the following vulnerability has been resolved: net: usb: fix memory leak in smsc75xxbind Syzbot reported memory leak in smsc75xxbind. The problem was is non-freed memory in case of errors after memory allocation. backtrace: kmalloc include/linux/slab.h:556 inline kzalloc...