CVE-2022-49926

In the Linux kernel, the following vulnerability has been resolved: net: dsa: Fix possible memory leaks in dsaloopinit kmemleak reported memory leaks in dsaloopinit: kmemleak: 12 new suspected memory leaks unreferenced object 0xffff8880138ce000 size 2048: comm "modprobe", pid 390, jiffies...

CVE-2022-49904 net, neigh: Fix null-ptr-deref in neigh_table_clear()

In the Linux kernel, the following vulnerability has been resolved: net, neigh: Fix null-ptr-deref in neightableclear When IPv6 module gets initialized but hits an error in the middle, kenel panic with: KASAN: null-ptr-deref in range 0x0000000000000598-0x000000000000059f CPU: 1 PID: 361 Comm:...

PT-2025-20498

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A deadlock issue in the Linux kernel has been resolved. The problem occurred in the ivpu ms cleanup function, which is called by ivpu ms cleanup all during a cold boot after a failure in...

Directory Traversal

Overview aim is a super-easy way to record, search and compare AI experiments. Affected versions of this package are vulnerable to Directory Traversal via the LocalFileManager.cleanup function, by crafting a malicious glob-pattern that is not verified to be within the directory managed by...

CVE-2022-49651

In the Linux kernel, the following vulnerability has been resolved: srcu: Tighten cleanupsrcustruct GP checks Currently, cleanupsrcustruct checks for a grace period in progress, but it does not check for a grace period that has not yet started but which might start at any time. Such a situation...

CVE-2022-49310 char: xillybus: fix a refcount leak in cleanup_dev()

In the Linux kernel, the following vulnerability has been resolved: char: xillybus: fix a refcount leak in cleanupdev usbgetdev is called in xillyusbprobe. So it is better to call usbputdev before xdev is released...

PT-2025-36299

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A null pointer dereference issue exists in the AMD display driver's DC module cleanup function dc destruct. When display control context construction fails, a pointer remains NULL. Durin...

CVE-2024-56642

In the Linux kernel, the following vulnerability has been resolved: tipc: Fix use-after-free of kernel socket in cleanupbearer. syzkaller reported a use-after-free of UDP kernel socket in cleanupbearer without repro. 01 When bearerdisable calls tipcudpdisable, cleanup of the UDP kernel socket is...

UBUNTU-CVE-2024-42277

In the Linux kernel, the following vulnerability has been resolved: iommu: sprd: Avoid NULL deref in sprdiommuhwen In sprdiommucleanup before calling function sprdiommuhwen dom-sdev is equal to NULL, which leads to null dereference. Found by Linux Verification Center linuxtesting.org with SVACE...

DEBIAN-CVE-2022-48776

In the Linux kernel, the following vulnerability has been resolved: mtd: parsers: qcom: Fix missing free for pparts in cleanup Mtdpart doesn't free pparts when a cleanup function is declared. Add missing free for pparts in cleanup function for smem to fix the leak...

CVE-2022-48776 mtd: parsers: qcom: Fix missing free for pparts in cleanup

In the Linux kernel, the following vulnerability has been resolved: mtd: parsers: qcom: Fix missing free for pparts in cleanup Mtdpart doesn't free pparts when a cleanup function is declared. Add missing free for pparts in cleanup function for smem to fix the leak...

CVE-2022-48776

In the Linux kernel, the following vulnerability has been resolved: mtd: parsers: qcom: Fix missing free for pparts in cleanup Mtdpart doesn't free pparts when a cleanup function is declared. Add missing free for pparts in cleanup function for smem to fix the leak...

Linux/xen-netfront: Memory leak due to missing cleanup function

ISSUE DESCRIPTION In netfront, xennetalloconerxbuffer failed to call the appropriate clean-up function, resulting in a memory leak. IMPACT A malicious guest userspace process can exhaust memory resources within the guest kernel, potentially leading to a guest crash Denial of Service. It is not...

CVE-2024-26963 usb: dwc3-am62: fix module unload/reload behavior

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3-am62: fix module unload/reload behavior As runtime PM is enabled, the module can be runtime suspended when .remove is called. Do a pmruntimegetsync to make sure module is active before doing any register operations. Doi...

kernel: vmxnet3: NULL pointer dereference in vmxnet3_rq_cleanup()

A NULL pointer dereference flaw was found in vmxnet3rqcleanup in drivers/net/vmxnet3/vmxnet3drv.c in the networking sub-component in vmxnet3 in the Linux Kernel. This issue may allow a local attacker with normal user privilege to cause a denial of service due to a missing sanity check during...

SUSE CVE-2023-4256

Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the tcpeditdltcleanup function within plugins/dltplugins.c. This vulnerability can be exploited by supplying a specifically crafted file to the tcprewrite binary. This flaw enables a local attacker to initiate a...

cleanup() does not properly handle debt repayment

Lines of code Vulnerability details Impact The cleanup... function in the PositionManager.sol contract is used to deposit remaining users assets back to ROE, repaying debt if any. However the users debt will not be repaid if the user has debt leading to loss of funds for the lenders and the proje...

kernel: RDMA/rxe: Fix "kernel NULL pointer dereference" error

A NULL pointer dereference vulnerability was found in the RXE Soft-RoCE RDMA driver in the Linux kernel. When rxequeueinit fails during queue pair initialization in rxeqpinitreq, the task function and argument pointers qp-req.task.func and qp-req.task.arg remain uninitialized. The cleanup functio...

mariadb: server crash in Item_func_in::cleanup/Item::cleanup_processor

MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Itemfuncin::cleanup/Item::cleanupprocessor...

mariadb: use-after-poison when complex conversion is involved in blob

A flaw was found in the MariaDB Server, where it contains a use-after-free in the component, Itemfuncin::cleanup. This issue is exploited via specially crafted SQL statements, affecting availability...