168 matches found
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the applereportfixup function returning a newly allocated buffer without releasing it, potentiall...
Unity Linux 20.1050a Security Update: kernel (UTSA-2026-007037)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007037 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix buffer free/clear order in deferred receive path Fix a use-after-free window by...
Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011386)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011386 advisory. In the Linux kernel, the following vulnerability has been resolved: inet: inetdefrag: prevent sk release while still in use iplocalout and other functions can pass...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006725)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006725 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix buffer free/clear order in deferred receive path Fix a use-after-free window by...
Security Bulletin: IBM Event Streams is vulnerable to a denial of service
Summary IBM Event Streams is vulnerable to a denial of service due to improper buffer release in quarkus-resteasy. CVE-2025-1634 Vulnerability Details CVEID:CVE-2025-1634 DESCRIPTION: A flaw was found in the quarkus-resteasy extension, which causes memory leaks when client requests with low...
CVE-2026-23147 btrfs: zlib: fix the folio leak on S390 hardware acceleration
In the Linux kernel, the following vulnerability has been resolved: btrfs: zlib: fix the folio leak on S390 hardware acceleration BUG After commit aa60fe12b4f4 "btrfs: zlib: refactor S390x HW acceleration buffer preparation", we no longer release the folio of the page cache of folio returned by...
CVE-2026-23147 btrfs: zlib: fix the folio leak on S390 hardware acceleration
In the Linux kernel, the following vulnerability has been resolved: btrfs: zlib: fix the folio leak on S390 hardware acceleration BUG After commit aa60fe12b4f4 "btrfs: zlib: refactor S390x HW acceleration buffer preparation", we no longer release the folio of the page cache of folio returned by...
Siemens SCALANCE and RUGGEDCOM Improper Input Validation (CVE-2025-39841)
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix buffer free/clear order in deferred receive path Fix a use-after-free window by correcting the buffer release sequence in the deferred receive path. The code freed the RQ buffer first and only then cleared the...
Qualcomm Chipsets 资源管理错误漏洞
Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporation. Qualcomm Chipsets have a resource management vulnerability, which stems from improper handling of memory pointers when releasing the memory buffer of the graphics processing unit, potentially leading to memory corrupti...
Linux Kernel Security Vulnerabilities
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the release of the DMA buffer before task access. This can lead to reusing the buffer after it ha...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001191)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001191 advisory. Off-by-one error in the pipeadvance function in lib/ioviter.c in the Linux kernel before 4.9.5 allows local users to obtain sensitive information from uninitialized...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001677)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001677 advisory. drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev-buf release. Tenable has extracted the preceding description block directly from...
CVE-2025-68765 mt76: mt7615: Fix memory leak in mt7615_mcu_wtbl_sta_add()
In the Linux kernel, the following vulnerability has been resolved: mt76: mt7615: Fix memory leak in mt7615mcuwtblstaadd In mt7615mcuwtblstaadd, an skb sskb is allocated. If the subsequent call to mt76connacmcuallocwtblreq fails, the function returns an error without freeing sskb, leading to a...
PT-2026-1253
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the mt7615 mcu wtbl sta add function within the mt76 module. Specifically, an skb sskb is allocated, and if mt76 connac mcu alloc wtbl req subsequently fails, the...
CVE-2023-54223
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix invalid buffer access for legacy rq The below crash can be encountered when using xdpsock in rx mode for legacy rq: the buffer gets released in the XDPREDIRECT path, and then once again in the driver. This fix...
SUSE CVE-2023-54223
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix invalid buffer access for legacy rq The below crash can be encountered when using xdpsock in rx mode for legacy rq: the buffer gets released in the XDPREDIRECT path, and then once again in the driver. This fix...
SUSE CVE-2023-54320
In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd: pmc: Fix memory leak in amdpmcstbdebugfsopenv2 Function amdpmcstbdebugfsopenv2 may be called when the STB debug mechanism enabled. When amdpmcsendcmd fails, the 'buf' needs to be released...
CVE-2023-54320
In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd: pmc: Fix memory leak in amdpmcstbdebugfsopenv2 Function amdpmcstbdebugfsopenv2 may be called when the STB debug mechanism enabled. When amdpmcsendcmd fails, the 'buf' needs to be released...
CVE-2023-54223
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix invalid buffer access for legacy rq The below crash can be encountered when using xdpsock in rx mode for legacy rq: the buffer gets released in the XDPREDIRECT path, and then once again in the driver. This fix...
CVE-2023-54223
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix invalid buffer access for legacy rq The below crash can be encountered when using xdpsock in rx mode for legacy rq: the buffer gets released in the XDPREDIRECT path, and then once again in the driver. This fix...