14 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: crypto: comp – Use the same definition for the context alloc and free operations. In commit 42d9f6c77479 “crypto: acomp – Move the scomp stream allocation code into acomp”, the cryptoacompstreams struct was designed to rely on th...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a memory leak during the vector context allocation in RISC-V virtualization. This vulnerability m...
CVE-2025-40228 mm/damon/sysfs: catch commit test ctx alloc failure
In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: catch commit test ctx alloc failure Patch series "mm/damon/sysfs: fix commit test damonctx deallocation". DAMON sysfs interface dynamically allocates and uses a damonctx object for testing if given inputs for onli...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an uncaught test context allocation failure that could lead to memory access errors...
PT-2025-49055
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the mm/damon/sysfs interface. This interface dynamically allocates a damon ctx object for testing the validity of inputs for online DAMON...
EUVD-2025-36465
In the Linux kernel, the following vulnerability has been resolved: crypto: comp - Use same definition of context alloc and free ops In commit 42d9f6c77479 "crypto: acomp - Move scomp stream allocation code into acomp", the cryptoacompstreams struct was made to rely on having the allocctx and...
CVE-2025-40063
In CVE-2025-40063, the Linux kernel fixed a cryptographic component mismatch: crypto_acomp_streams and scomp_alg relied on alloc_ctx/free_ctx in the same order, but structure layout randomization could desynchronize their definitions. The fix removes a union from scomp_alg so both structures shar...
CVE-2025-40063 crypto: comp - Use same definition of context alloc and free ops
In the Linux kernel, the following vulnerability has been resolved: crypto: comp - Use same definition of context alloc and free ops In commit 42d9f6c77479 "crypto: acomp - Move scomp stream allocation code into acomp", the cryptoacompstreams struct was made to rely on having the allocctx and...
CVE-2025-40063
In the Linux kernel, the following vulnerability has been resolved: crypto: comp - Use same definition of context alloc and free ops In commit 42d9f6c77479 "crypto: acomp - Move scomp stream allocation code into acomp", the cryptoacompstreams struct was made to rely on having the allocctx and...
PT-2025-44131
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's crypto component related to context allocation and freeing operations within the compression framework. A discrepancy in the definition and order of...
OESA-2025-1771 ffmpeg security update
FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. Security Fixes: A heap-use-after-free i...
PT-2025-20530
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to a problem in the Linux kernel's perf/core subsystem, where a WARN ON ONCE cleanup check could trigger after the initial check passed but before the child event's...
kernel: vfio/pci: fix potential memory leak in vfio_intx_enable()
In the Linux kernel, the following vulnerability has been resolved: vfio/pci: fix potential memory leak in vfiointxenable If vfioirqctxalloc failed will lead to 'name' memory leak...
SUSE CVE-2024-38632
In the Linux kernel, the following vulnerability has been resolved: vfio/pci: fix potential memory leak in vfiointxenable If vfioirqctxalloc failed will lead to 'name' memory leak...