59 matches found
jbd2: stop waiting for space when jbd2_cleanup_journal_tail() returns error
...
SUSE CVE-2024-50241
In the Linux kernel, the following vulnerability has been resolved: NFSD: Initialize struct nfsd4copy earlier Ensure the refcount and asynccopies fields are initialized early. cleanupasynccopy will reference these fields if an error occurs in nfsd4copy. If they are not correctly initialized, at t...
SUSE CVE-2024-46751
In the Linux kernel, the following vulnerability has been resolved: btrfs: don't BUGON when 0 reference count at btrfslookupextentinfo Instead of doing a BUGON handle the error by returning -EUCLEAN, aborting the transaction and logging an error message...
kernel: TIPC message reassembly use-after-free remote code execution vulnerability
A use-after-free UAF flaw exists in the Linux Kernel within the reassembly of fragmented TIPC messages, specifically in the tipcbufappend function. The issue results due to a lack of checks in the error handling cleanup and can trigger a UAF on "struct skbuff", which may lead to remote code...
kernel: TIPC message reassembly use-after-free remote code execution vulnerability
A use-after-free UAF flaw exists in the Linux Kernel within the reassembly of fragmented TIPC messages, specifically in the tipcbufappend function. The issue results due to a lack of checks in the error handling cleanup and can trigger a UAF on "struct skbuff", which may lead to remote code...
kernel: TIPC message reassembly use-after-free remote code execution vulnerability
A use-after-free UAF flaw exists in the Linux Kernel within the reassembly of fragmented TIPC messages, specifically in the tipcbufappend function. The issue results due to a lack of checks in the error handling cleanup and can trigger a UAF on "struct skbuff", which may lead to remote code...
DEBIAN-CVE-2024-38390
In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: Avoid a nullptr dereference when speedbin setting fails Calling a6xxdestroy before adrenogpuinit leads to a null pointer dereference on: msmgpucleanup : platformsetdrvdatagpu-pdev, NULL; as gpu-pdev is only assigned...
DEBIAN-CVE-2021-47143
In the Linux kernel, the following vulnerability has been resolved: net/smc: remove device from smcddevlist after failed deviceadd If the deviceadd for a smcddev fails, there's no cleanup step that rolls back the earlier listadd. The device subsequently gets freed, and we end up with a corrupted...
UBUNTU-CVE-2021-47143
In the Linux kernel, the following vulnerability has been resolved: net/smc: remove device from smcddevlist after failed deviceadd If the deviceadd for a smcddev fails, there's no cleanup step that rolls back the earlier listadd. The device subsequently gets freed, and we end up with a corrupted...
The vulnerability of the drm_connector_cleanup() function of the Direct Rendering Manager (DRM) subsystem in Linux operating systems allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the drmconnectorcleanup function in the Direct Rendering Manager DRM subsystem of Linux operating systems is related to the use of memory after it is freed as a result of an incorrect cleanup procedure. Exploiting this vulnerability could allow an attacker to compromise the...
kernel: driver core: fix resource leak in device_add()
A reference leak was found in the Linux kernel's driver core device registration logic. When kobjectadd fails partway through deviceadd, the error cleanup attempts to free resources but fails because kobjectadd has already cleared the device's parent pointer. This prevents cleanupgluedir from...
smartctl 安全漏洞
smartctl is a command line application by Manuel B. Personal Developer. A security vulnerability exists in smartctl that stems from incorrect input cleanup, which can be exploited by an attacker to perform command injection via the info method...
The vulnerability of the Microsoft Outlook email client, related to incorrect cleaning or freeing of resources, allows a perpetrator to cause a service failure.
The vulnerability of the Microsoft Outlook email client is related to improper cleaning or release of resources. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...
kernel: memory leak in sof_set_get_large_ctrl_data() function in sound/soc/sof/ipc.c
A flaw was found in the Linux kernel’s sofsetgetlargectrldata function, in the way it handled memory cleanup in a specific error path. A local attacker could use this flaw to crash the system...
kernel: Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c allow for a DoS
A flaw was found in the Linux kernel. The rtlusbprobe function mishandles resource cleanup on error. An attacker able to induce the error conditions could use this flaw to crash the system. The highest threat from this vulnerability is to system availability...
kernel: memory leak in the crypto_report() function in crypto/crypto_user_base.c allows for DoS
A flaw was found in the Linux kernel. The cryptoreport function mishandles resource cleanup on error. A local attacker able to induce the error conditions could use this flaw to crash the system. The highest threat from this vulnerability is to system availability...
kernel: Memory leak in drivers/scsi/libsas/sas_expander.c
A memory leak flaw was found in the Linux kernel. An error in the resource cleanup of the sasexdiscoverexpander function can allow an attacker to induce error conditions that could crash the system. The highest threat from this vulnerability is to system availability...
kernel: memory leak in the crypto_report() function in crypto/crypto_user_base.c allows for DoS
A flaw was found in the Linux kernel. The cryptoreport function mishandles resource cleanup on error. A local attacker able to induce the error conditions could use this flaw to crash the system. The highest threat from this vulnerability is to system availability...
The vulnerability of the Android operating system from the CAF repository exists due to memory buffer cleanup errors, allowing attackers to cause memory corruption.
The vulnerability of the Linux operating system’s Android kernel from the CAF repository involves the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to cause memory corruption by using an incorrect length for memory buffer...