DEBIAN-CVE-2022-50245

In the Linux kernel, the following vulnerability has been resolved: rapidio: fix possible UAF when kfifoalloc fails If kfifoalloc fails in mportcdevopen, goto errfifo and just free priv. But priv is still in the chdev-filelist, then list traversal may cause UAF. This fixes the following smatch...

UBUNTU-CVE-2022-50245

In the Linux kernel, the following vulnerability has been resolved: rapidio: fix possible UAF when kfifoalloc fails If kfifoalloc fails in mportcdevopen, goto errfifo and just free priv. But priv is still in the chdev-filelist, then list traversal may cause UAF. This fixes the following smatch...

CVE-2022-50245

CVE-2022-50245 concerns a Linux kernel issue in the rapidio driver where a UAF can occur if kfifo_alloc() fails during mport_cdev_open(). The fix removes priv from the chdev->file_list before freeing it to prevent traversal from accessing a freed object (the smatch warning reference). Affected...

PT-2025-37675

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a memory leak in the watchdog cdev register function. The issue occurs because put device is not called when cdev device add fails and wdd-id is not equal to ...

CVE-2025-36902

In CVE-2025-36902, the vulnerable component is syna_tcm2_sysfs.c, specifically the syna_cdev_ioctl_store_pid() function. It reports a heap buffer overflow causing an out-of-bounds write, which could enable local escalation of privilege with System execution privileges required. Exploitation requi...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an improper release of cdev-osdescreq in the configfscompositebind function, which could lead to post-releas...

CVE-2021-39733

In amcscdevunlockedioctl of audiometrics.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

SUSE CVE-2022-49422

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix the error handling path in idxdcdevregister If a call to allocchrdevregion fails, the already allocated resources are leaking. Add the needed error handling path to fix the leak...

DEBIAN-CVE-2021-47634

In the Linux kernel, the following vulnerability has been resolved: ubi: Fix race condition between ctrlcdevioctl and ubicdevioctl Hulk Robot reported a KASAN report about use-after-free: ================================================================== BUG: KASAN: use-after-free in...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a race condition between ctrlcdevioctl and ubicdevioctl...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an incorrectly handled path in idxdcdevregister that results in resource consumption...

Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005552 fixes several issues. The following security issues were fixed: CVE-2024-35905: Fixed int overflow for stack access size bsc1226327. CVE-2021-47598: schcake: do not call cakedestroy from cakeinit bsc1227471. CVE-2024-35863: Fixed potential UAF i...

Security update for the Linux Kernel RT (Live Patch 10 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505001335 fixes several issues. The following security issues were fixed: CVE-2024-35905: Fixed int overflow for stack access size bsc1226327. CVE-2021-47598: schcake: do not call cakedestroy from cakeinit bsc1227471. CVE-2024-35863: Fixed potential UAF i...

openSUSE: Security Advisory for the Linux Kernel (Live Patch 7 for SLE 15 SP5) (SUSE-SU-2024:3706-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for the Linux Kernel (Live Patch 9 for SLE 15 SP5) (SUSE-SU-2024:3670-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2024:3706-1 Security update for the Linux Kernel (Live Patch 7 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005536 fixes several issues. The following security issues were fixed: - CVE-2024-35861: Fixed potential UAF in cifssignalcifsdforreconnect bsc1225312. - CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfochangednotify bsc1225739. -...

SUSE-SU-2024:3702-1 Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005568 fixes several issues. The following security issues were fixed: - CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfochangednotify bsc1225739. - CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails...

SUSE-SU-2024:3697-1 Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005552 fixes several issues. The following security issues were fixed: - CVE-2024-35861: Fixed potential UAF in cifssignalcifsdforreconnect bsc1225312. - CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfochangednotify bsc1225739. -...

SUSE-SU-2024:3695-1 Security update for the Linux Kernel (Live Patch 24 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024111 fixes several issues. The following security issues were fixed: - CVE-2024-35861: Fixed potential UAF in cifssignalcifsdforreconnect bsc1225312. - CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfochangednotify bsc1225739. -...

Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-150600237 fixes several issues. The following security issues were fixed: CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfochangednotify bsc1225739. CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails bsc1227808...