Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fixed a double-free in arfscreategroups. When the memory allocated by kvzalloc fails, arfscreategroups will free ft-g and return an error. However, arfscreatetable, the only function calling arfscreategroups, will hold...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-390843)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-390843 advisory. In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fix a double-free in arfscreategroups When in allocated by kvzalloc fails,...

kernel: net/mlx5e: fix a double-free in arfs_create_groups

A double-free vulnerability was found in the arfscreategroups function in the Linux kernel's net/mlx5e driver. This issue could lead to memory corruption or a system crash if exploited, as freeing the same memory twice may cause undefined behavior...

kernel: net/mlx5e: fix a double-free in arfs_create_groups

A double-free vulnerability was found in the arfscreategroups function in the Linux kernel's net/mlx5e driver. This issue could lead to memory corruption or a system crash if exploited, as freeing the same memory twice may cause undefined behavior...

kernel: net/mlx5e: fix a double-free in arfs_create_groups

A double-free vulnerability was found in the arfscreategroups function in the Linux kernel's net/mlx5e driver. This issue could lead to memory corruption or a system crash if exploited, as freeing the same memory twice may cause undefined behavior...

kernel: net/mlx5e: fix a potential double-free in fs_any_create_groups

A double-free flaw was found in the Linux kernel ConnectX-4 and Connect-IB cards in the Mellanox driver. This issue could allow a local user to crash the system...

SUSE CVE-2023-52667

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fix a potential double-free in fsanycreategroups When kcalloc for ft-g succeeds but kvzalloc for in fails, fsanycreategroups will free ft-g. However, its caller fsanycreatetable will free ft-g again through calling...

SUSE CVE-2024-35835

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fix a double-free in arfscreategroups When in allocated by kvzalloc fails, arfscreategroups will free ft-g and return an error. However, arfscreatetable, the only caller of arfscreategroups, will hold this error and ca...

DEBIAN-CVE-2024-35835

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fix a double-free in arfscreategroups When in allocated by kvzalloc fails, arfscreategroups will free ft-g and return an error. However, arfscreatetable, the only caller of arfscreategroups, will hold this error and ca...

UBUNTU-CVE-2024-35835

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fix a double-free in arfscreategroups When in allocated by kvzalloc fails, arfscreategroups will free ft-g and return an error. However, arfscreatetable, the only caller of arfscreategroups, will hold this error and ca...

GitLab: Stored XSS in "Create Groups"

NOTE! Thanks for submitting a report! Please replace all the parenthesized sections below with the pertinent details. Remember, the more detail you provide, the easier it is for us to triage and respond quickly, so be sure to take your time filling out the report! Summary Stored attacks are those...

Design/Logic Flaw

The form-autocompletion functionality in Moodle 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 makes it easier for physically proximate attackers to discover passwords by reading the contents of a non-password field, as demonstrated by accessing a create-groups page with Safari on...

PT-2012-2877 · Moodle · Moodle

Name of the Vulnerable Software and Affected Versions: Moodle versions 2.0.x through 2.0.6 Moodle versions 2.1.x through 2.1.3 Moodle versions 2.2.x through 2.2.0 Description: The form-autocompletion functionality makes it easier for physically proximate attackers to discover passwords by reading...