CVE-2026-43457

A flaw was found in the Linux kernel's Management Component Transport Protocol MCTP over I2C receive path. When the midev-allowrx flag is false, a newly allocated network buffer skb is not properly freed. This memory leak can lead to a gradual exhaustion of system memory, potentially allowing a...

EUVD-2022-43307

Malicious code in bioql PyPI...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not checking for NULL addresses in MCTP I3C transfers...

The vulnerability of the mctproute_input() function in the implementation of the Management Component Transport Protocol (MCTP) kernel of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the mctprouteinput function in the net/mctp/route.c module, which is part of the Management Component Transport Protocol MCTP implementation in the Linux operating system, relates to the reutilization of previously freed memory. Exploiting this vulnerability could allow an...

SUSE CVE-2022-3977

A use-after-free flaw was found in the Linux kernel MCTP Management Component Transport Protocol functionality. This issue occurs when a user simultaneously calls DROPTAG ioctl and socket close happens, which could allow a local user to crash the system or potentially escalate their privileges on...

Design/Logic Flaw

A use-after-free flaw was found in the Linux kernel MCTP Management Component Transport Protocol functionality. This issue occurs when a user simultaneously calls DROPTAG ioctl and socket close happens, which could allow a local user to crash the system or potentially escalate their privileges on...