ksmbd: Fix dangling pointer in krb_authenticate

...

CVE-2025-38323

In the Linux kernel, the following vulnerability has been resolved: net: atm: add lecmutex syzbot found its way in net/atm/lec.c, and found an error path in lecdattach could leave a dangling pointer in devlec. Add a mutex to protect devlecp uses from lecdattach, lecvccattach and lecmcastattach...

AZL-64938 CVE-2025-38323 affecting package kernel for versions less than 6.6.96.1-1

In the Linux kernel, the following vulnerability has been resolved: net: atm: add lecmutex syzbot found its way in net/atm/lec.c, and found an error path in lecdattach could leave a dangling pointer in devlec. Add a mutex to protect devlecp uses from lecdattach, lecvccattach and lecmcastattach...

CVE-2025-38323

Summary (CVE-2025-38323): In the Linux kernel, the ATM LECS code path (net/atm/lec.c) had a potential use-after-free due to a path that could leave a dangling pointer in dev_lec[] from lecd_attach(). The patch adds a mutex (lec_mutex) to protect dev_lecp[] uses from lecd_attach(), lec_vcc_attach(...

PT-2025-29045

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A use-after-free issue was identified in the net/atm/lec.c component of the Linux kernel. Specifically, an error path in the lecd attach function could result in a dangling pointer...

Security update for the Linux Kernel (Live Patch 22 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005591 fixes one issue. The following security issue was fixed: CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inetcreate bsc1235231. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like...

SUSE-SU-2025:02113-1 Security update for the Linux Kernel (Live Patch 20 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005583 fixes several issues. The following security issues were fixed: - CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inetcreate bsc1235231. - CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing...

Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-150600105 fixes several issues. The following security issues were fixed: CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inetcreate bsc1235231. CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing bsc1233708...

Security update for the Linux Kernel (Live Patch 59 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122225 fixes several issues. The following security issues were fixed: CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inetcreate bsc1235231. CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing bsc1233708...

Security update for the Linux Kernel RT (Live Patch 6 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506001020 fixes several issues. The following security issues were fixed: CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inetcreate bsc1235231. CVE-2024-56582: btrfs: fix use-after-free in btrfsencodedreadendio bsc1235129. CVE-2024-56605:...

CVE-2022-41196

Due to lack of proper memory management, when a victim opens a manipulated VRML Worlds .wrl, vrml.x3d file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a...

CVE-2022-41177

Due to lack of proper memory management, when a victim opens a manipulated Iges Part and Assembly .igs, .iges, CoreCadTranslator.exe file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload force...

CVE-2020-3671

Use-after-free issue could occur due to dangling pointer when generating a frame buffer in OpenGL ES in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8009, Nicobar, QCM2150, QCS405, Saipan, SDM845, SM8150, SM8250, SXR2130...

SUSE-SU-2025:20369-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_4

This update for kernel-livepatch-MICRO-6-0-RTUpdate4 fixes the following issues: - CVE-2024-53237: Bluetooth: fix use-after-free in deviceforeachchild bsc1235008 - CVE-2024-56650: netfilter: xtables: fix LED ID check in ledtgcheck bsc1235431 - CVE-2024-56600: net: inet6: do not leave a dangling s...

CVE-2025-37924 ksmbd: fix use-after-free in kerberos authentication

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in kerberos authentication Setting sess-user = NULL was introduced to fix the dangling pointer created by ksmbdfreeuser. However, it is possible another thread could be operating on the session and make...

ghostscript: dangling pointer in gdev_prn_open_printer_seekable()

A flaw was found in Ghostscript. A remote attacker may use a specially crafted payload to trigger access to previously freed memory, which can potentially lead to remote code execution or an application crash...

kernel: net: ieee802154: do not leave a dangling sk pointer in ieee802154_create()

A user-after-free vulnerability was found in the linux kernel. sockinitdata attaches the allocated sk object to the provided sock object. If ieee802154create fails later, the allocated sk object is freed, but the dangling pointer remains in the provided sock object, leading to a crash and loss of...

kernel: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create()

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2capsockcreate btsockalloc allocates the sk object and attaches it to the provided sock object. On error l2capsockalloc frees the sk object, but the dangling pointer...

kernel: net: inet6: do not leave a dangling sk pointer in inet6_create()

In the Linux kernel, the following vulnerability has been resolved: net: inet6: do not leave a dangling sk pointer in inet6create sockinitdata attaches the allocated sk pointer to the provided sock object. If inet6create fails later, the sk object is released, but the sock object retains the...

kernel: net: explicitly clear the sk pointer, when pf->create fails

In the Linux kernel, the following vulnerability has been resolved: net: explicitly clear the sk pointer, when pf-create fails We have recently noticed the exact same KASAN splat as in commit 6cd4a78d962b "net: do not leave a dangling sk pointer, when socket creation fails". The problem is that...