12 matches found
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003899)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003899 advisory. In the Linux kernel before 5.1, there is a memory leak in featregistersp in net/dccp/feat.c, which may cause denial of service, aka CID-1d3ff0950e2b. Tenable has...
Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-391380)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-391380 advisory. In the Linux kernel, the following vulnerability has been resolved: dccp: Fix memory leak in dccpfeatchangerecv If dccpfeatpushconfirm fails after new value for SP...
CVE-2024-56643
In the Linux kernel, the following vulnerability has been resolved: dccp: Fix memory leak in dccpfeatchangerecv If dccpfeatpushconfirm fails after new value for SP feature was accepted without reconciliation 'entry == NULL' branch, memory allocated for that value with dccpfeatclonespval is never...
AZL-54917 CVE-2024-56643 affecting package kernel for versions less than 6.6.76.1-1
In the Linux kernel, the following vulnerability has been resolved: dccp: Fix memory leak in dccpfeatchangerecv If dccpfeatpushconfirm fails after new value for SP feature was accepted without reconciliation 'entry == NULL' branch, memory allocated for that value with dccpfeatclonespval is never...
CVE-2024-56643
In the Linux kernel, the following vulnerability has been resolved: dccp: Fix memory leak in dccpfeatchangerecv If dccpfeatpushconfirm fails after new value for SP feature was accepted without reconciliation 'entry == NULL' branch, memory allocated for that value with dccpfeatclonespval is never...
AZL-54744 CVE-2024-56643 affecting package kernel for versions less than 5.15.176.3-1
In the Linux kernel, the following vulnerability has been resolved: dccp: Fix memory leak in dccpfeatchangerecv If dccpfeatpushconfirm fails after new value for SP feature was accepted without reconciliation 'entry == NULL' branch, memory allocated for that value with dccpfeatclonespval is never...
CVE-2024-56643 dccp: Fix memory leak in dccp_feat_change_recv
In the Linux kernel, the following vulnerability has been resolved: dccp: Fix memory leak in dccpfeatchangerecv If dccpfeatpushconfirm fails after new value for SP feature was accepted without reconciliation 'entry == NULL' branch, memory allocated for that value with dccpfeatclonespval is never...
SUSE CVE-2008-2358
Integer overflow in the dccpfeatchange function in net/dccp/feat.c in the Datagram Congestion Control Protocol DCCP subsystem in the Linux kernel 2.6.18, and 2.6.17 through 2.6.20, allows local users to gain privileges via an invalid feature length, which leads to a heap-based buffer overflow...
Medium: kernel-livepatch-4.14.165-131.185
Issue Overview: In the Linux kernel before 5.1, there is a memory leak in featregistersp in net/dccp/feat.c, which may cause denial of service, aka CID-1d3ff0950e2b.CVE-2019-20096 Affected Packages: kernel-livepatch-4.14.165-131.185 Issue Correction: Please ensure you have live patching enabled...
Important: kernel-livepatch-4.14.165-133.209
Issue Overview: An issue was discovered in the Linux kernel before 5.0.10. SMB2negotiate in fs/cifs/smb2pdu.c has an out-of-bounds read because data structures are incompletely updated after a change from smb30 to smb21.CVE-2019-15918 In the Linux kernel before 5.1, there is a memory leak in...
Linux kernel '__feat_register_sp()' function memory leak vulnerability
Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A memory leak vulnerability exists in the 'featregistersp' function in the net/dccp/feat.c file in versions of Linux kernel prior to 5.1. An attacker could exploit thi...
kernel: dccp: sanity check feature length
Integer overflow in the dccpfeatchange function in net/dccp/feat.c in the Datagram Congestion Control Protocol DCCP subsystem in the Linux kernel 2.6.18, and 2.6.17 through 2.6.20, allows local users to gain privileges via an invalid feature length, which leads to a heap-based buffer overflow...