1996 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Tracing: Add a NULL pointer check to triggerdatafree. If triggerdataalloc fails and returns NULL, eventhisttriggerparse jumps into the outfree error path. While kfree safely handles a NULL pointer, triggerdatafree does not. This...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3: Error handling in gicpopulateppipartitions was fixed. The function ofgetchildbyname returns a node pointer with a refcount incremented. We should use ofnodeput on it when it is no longer needed. When kcalloc fails...
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
A issue was discovered in the Linux kernel through version 6.1-rc8. The function dpucrtcatomiccheck in the file drivers/gpu/drm/msm/disp/dpu1/dpucrtc.c lacks a check for the return value of kzalloc. This issue may lead to a NULL Pointer Dereference...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: nfp: flower: handling of actinetdevs allocation failures The kmallocarray function in nfpfllagdowork will return null if physical memory runs out. As a result, if we dereference actinetdevs, null pointer dereferencing bugs may...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: clk: zynq – Prevent null pointer dereferencing caused by kmalloc failures The kmalloc function in zynqclksetup will return null if physical memory runs out. As a result, if we use snprintf to write data to a null address, a null...
Astra Linux – Vulnerability in Linux
In the Linux kernel, the following vulnerability has been resolved: net: lantiq – Fix for memory corruption in the RX ring. In situations where memory allocation or DMA mapping fails, an invalid address may be programmed into the descriptor. This can lead to memory corruption. If memory allocatio...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: xfrm: Update ipcompscratches with NULL when freed Currently, if ipcompallocscratches fails to allocate memory, ipcompscratches holds an obsolete address. Therefore, when we try to free the percpu scratches using...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ext4: a potential memory leak has been fixed in ext4fcrecordregions. Since krealloc may return NULL, in this case, state-fcregions may not be freed by krealloc. However, state-fcregions is already set to NULL. This could lead to ...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Driver: soc: xilinx: fixed a memory leak in xlnxaddcbfornotifyevent. The kfree function should be called when memory fails to be allocated for cbdata in xlnxaddcbfornotifyevent. Otherwise, a memory leak will occur; therefore,...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: ASoC: pxa: fixed a null-pointer dereference in filter The kasprintf function would return a NULL pointer when kmalloc fails to allocate memory. It is necessary to check the return pointer before calling strcmp...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: xfs: removed calls to xchkxfiledescr macros. The xchkxfiledescr macros use kasprintf, which may fail to allocate memory if the formatted string is longer than 16 bytes or whatever value nofail currently guarantees. Some of the...
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: vlan: Fixed a memory leak in vlannewlink. The responsible commit added back a bug that I fixed in commit 9bbd917e0bec “vlan: fixed a memory leak in vlandevsetegresspriority”. If a memory allocation fails in vlanchangelink afte...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: catch commit test ctx allocation failure The patch series “mm/damon/sysfs: fix commit test damonctx deallocation” addresses this issue. The DAMON sysfs interface dynamically allocates and uses a damonctx object to...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ima: Fixed a potential memory leak in imainitcrypto. If the SHA1 template is unable to be allocated, IMA fails to initialize and exits without freeing the imaalgoarray. Adding the necessary kfree call for imaalgoarray will preven...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: net: Handling of integer overflows in kmallocreserve The committed change was as follows: c ptr = kmallocsize; if ptr size = ksizeptr; size = kmallocsizeroundupsize; ptr = kmallocsize; This caused various crashes, as reported ...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: clk: bcm: rpi: A NULL check has been added in raspberrypiclkregister. devmkasprintf returns NULL when memory allocation fails. Currently, raspberrypiclkregister does not check for this case, which results in a NULL pointer being...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: xprtrdma: Decrementing rereceiving on early exit paths In cases where rpcrdmapostrecvs fails to create a work request due to memory allocation failures, for example or exits early, we should decrement ep-rereceiving before...
SUSE CVE-2026-11788
A flaw was found in 389 Directory Server. The dereference control plugin does not check for allocation failure before using a BER structure, allowing an unauthenticated remote attacker to crash the LDAP server when the system is under memory pressure...
DEBIAN-CVE-2026-53462
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-50 and 7.1.2-25, when an allocation fails in CheckPrimitiveExtent this can result in a heap-use-after-free and result in a crash. This issue has been patched in versions 6.9.13-...
CVE-2026-53462
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-50 and 7.1.2-25, when an allocation fails in CheckPrimitiveExtent this can result in a heap-use-after-free and result in a crash. This issue has been patched in versions 6.9.13-...