1182 matches found
CVE-2026-43295
A flaw was found in the Linux kernel's rapidio subsystem. When memory allocation for idtab fails within the rioscanallocnet function, the network object is not correctly freed, resulting in a dangling pointer. This improper memory management could lead to system instability or a denial of service...
EUVD-2026-28694
In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: clear walkcontrol on inactive context in damoswalk damoswalk sets ctx-walkcontrol to the caller-provided control structure before checking whether the context is running. If the context is inactive damonisrunning...
CVE-2026-43388
In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: clear walkcontrol on inactive context in damoswalk damoswalk sets ctx-walkcontrol to the caller-provided control structure before checking whether the context is running. If the context is inactive damonisrunning...
CVE-2026-43388
In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: clear walkcontrol on inactive context in damoswalk damoswalk sets ctx-walkcontrol to the caller-provided control structure before checking whether the context is running. If the context is inactive damonisrunning...
UBUNTU-CVE-2026-43388
In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: clear walkcontrol on inactive context in damoswalk damoswalk sets ctx-walkcontrol to the caller-provided control structure before checking whether the context is running. If the context is inactive damonisrunning...
CVE-2026-43388 mm/damon/core: clear walk_control on inactive context in damos_walk()
In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: clear walkcontrol on inactive context in damoswalk damoswalk sets ctx-walkcontrol to the caller-provided control structure before checking whether the context is running. If the context is inactive damonisrunning...
CVE-2026-43388
CVE-2026-43388 (Linux kernel, DAMON) : The vulnerability arises in mm/damon/core/damos_walk(), which sets ctx->walk_control to a caller-provided control structure before checking if the context is running. If the context is inactive, it returns -EINVAL without clearing the pointer, leaving a d...
UBUNTU-CVE-2026-43295
In the Linux kernel, the following vulnerability has been resolved: rapidio: replace riofreenet with kfree in rioscanallocnet When idtab allocation fails, net is not registered with rioaddnet yet, so kfreenet is sufficient to release the memory. Set mport-net to NULL to avoid dangling pointer...
PT-2026-39049
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the damos walk function where ctx-walk control is set to a caller-provided control structure before verifying if the context is running. If the context is inactive, the...
PT-2026-39448
Name of the Vulnerable Software and Affected Versions PHP versions 8.2.0 through 8.2.30 PHP versions 8.3.0 through 8.3.30 PHP versions 8.4.0 through 8.4.20 PHP versions 8.5.0 through 8.5.5 Description When SoapServer is configured with SOAP PERSISTENCE SESSION, the handler object is persisted...
CVE-2026-43063
A flaw was found in the Linux kernel's XFS filesystem. When recovering attributes, if the xlogrecoveryiget function fails to obtain a valid pointer, a subsequent irele operation attempts to release an invalid memory address. This dangling pointer issue can be exploited by a local attacker,...
SUSE CVE-2026-43063
In the Linux kernel, the following vulnerability has been resolved: xfs: don't irele after failing to iget in xfsattrirecoverwork xlogrecoveryiget never set @ip to a valid pointer if they return an error, so this irele will walk off a dangling pointer. Fix that...
Linux Distros Unpatched Vulnerability : CVE-2026-43063
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xfs: don't irele after failing to iget in xfsattrirecoverwork xlogrecoveryiget never set @ip to a valid pointer if they return an error, so this irele will walk...
EUVD-2026-27359
In the Linux kernel, the following vulnerability has been resolved: xfs: don't irele after failing to iget in xfsattrirecoverwork xlogrecoveryiget never set @ip to a valid pointer if they return an error, so this irele will walk off a dangling pointer. Fix that...
CVE-2026-43063
In the Linux kernel, the following vulnerability has been resolved: xfs: don't irele after failing to iget in xfsattrirecoverwork xlogrecoveryiget never set @ip to a valid pointer if they return an error, so this irele will walk off a dangling pointer. Fix that...
CVE-2026-43063
CVE-2026-43063 pertains to the Linux kernel XFS attribute recovery path. The vulnerability arises when xlog_recovery_iget* fails to yield a valid pointer and an ensuing irele operates on a dangling pointer, potentially enabling a local attacker to crash the system and cause a DoS. The Red Hat adv...
CVE-2026-43063 xfs: don't irele after failing to iget in xfs_attri_recover_work
In the Linux kernel, the following vulnerability has been resolved: xfs: don't irele after failing to iget in xfsattrirecoverwork xlogrecoveryiget never set @ip to a valid pointer if they return an error, so this irele will walk off a dangling pointer. Fix that...
CVE-2026-43063
In the Linux kernel, the following vulnerability has been resolved: xfs: don't irele after failing to iget in xfsattrirecoverwork xlogrecoveryiget never set @ip to a valid pointer if they return an error, so this irele will walk off a dangling pointer. Fix that...
CLSA-2026-1777940008 python3: Fix of CVE-2026-6100
CVE-2026-6100: clear dangling nextin pointer on MemoryError in bz2/lzma decompressors to avoid use-after-free on instance reuse...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: net: inet: Do not leave a dangling sk pointer in inetcreate The sockinitdata function attaches the allocated sk object to the provided sock object. If inetcreate fails later, the sk object is freed, but the sock object retains a...