CVE-2020-36788

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: avoid a use-after-free when BO init fails nouveauboinit is backed by ttmboinit and ferries its return code back to the caller. On failures, ttmboinit invokes the provided destructor which should de-initialize and fre...

ic-stable-structures vulnerable to BTreeMap memory leak when deallocating nodes with overflows

Impact When storing unbounded types in a BTreeMap, a node is represented as a linked list of "memory chunks". It was discovered recently that when we deallocate a node, in some cases only the first memory chunk is deallocated, and the rest of the memory chunks remain incorrectly allocated, causin...

GHSA-3RCQ-39XP-7XJP ic-stable-structures vulnerable to BTreeMap memory leak when deallocating nodes with overflows

Impact When storing unbounded types in a BTreeMap, a node is represented as a linked list of "memory chunks". It was discovered recently that when we deallocate a node, in some cases only the first memory chunk is deallocated, and the rest of the memory chunks remain incorrectly allocated, causin...

CVE-2024-4435

When storing unbounded types in a BTreeMap, a node is represented as a linked list of "memory chunks". It was discovered recently that when we deallocate a node, in some cases only the first memory chunk is deallocated, and the rest of the memory chunks remain incorrectly allocated, causing a...

CVE-2024-4435 BTreeMap memory leak when deallocating nodes with overflows

When storing unbounded types in a BTreeMap, a node is represented as a linked list of "memory chunks". It was discovered recently that when we deallocate a node, in some cases only the first memory chunk is deallocated, and the rest of the memory chunks remain incorrectly allocated, causing a...

CVE-2024-4435

CVE-2024-4435 concerns a memory leak in stable-structures’ BTreeMap when deallocating nodes that overflow, where only the first memory chunk is freed and subsequent chunks remain allocated. This can enable memory growth or exhaustion depending on how a canister uses the map. The issue has been fi...

SUSE CVE-2024-35832

In the Linux kernel, the following vulnerability has been resolved: bcachefs: kvfree bchfs::snapshots in bch2fssnapshotsexit bchfs::snapshots is allocated by kvzalloc in snapshottmut. It should be freed by kvfree not kfree. Or umount will triger: 406.829178 BUG: unable to handle page fault for...

SUSE CVE-2024-35860

In the Linux kernel, the following vulnerability has been resolved: bpf: support deferring bpflink dealloc to after RCU grace period BPF link for some program types is passed as a "context" which can be used by those BPF programs to look up additional information. E.g., for multi-kprobes and...

DEBIAN-CVE-2024-35860

In the Linux kernel, the following vulnerability has been resolved: bpf: support deferring bpflink dealloc to after RCU grace period BPF link for some program types is passed as a "context" which can be used by those BPF programs to look up additional information. E.g., for multi-kprobes and...

UBUNTU-CVE-2024-35860

In the Linux kernel, the following vulnerability has been resolved: bpf: support deferring bpflink dealloc to after RCU grace period BPF link for some program types is passed as a "context" which can be used by those BPF programs to look up additional information. E.g., for multi-kprobes and...

DEBIAN-CVE-2024-35829

In the Linux kernel, the following vulnerability has been resolved: drm/lima: fix a memleak in limaheapalloc When limavmmapbo fails, the resources need to be deallocated, or there will be memleaks...

CVE-2024-35832

In the Linux kernel, the following vulnerability has been resolved: bcachefs: kvfree bchfs::snapshots in bch2fssnapshotsexit bchfs::snapshots is allocated by kvzalloc in snapshottmut. It should be freed by kvfree not kfree. Or umount will triger: 406.829178 BUG: unable to handle page fault for...

CVE-2024-35832

CVE-2024-35832 : In the Linux kernel, a memory-management bug in bcachefs caused a local denial of service when unmounting, due to incorrect freeing of snapshots. Specifically, bch_fs::snapshots is allocated with kvzalloc but freed with kvfree, whereas it should be freed with kvfree to avoid a pa...

RUSTSEC-2024-0406 BTreeMap memory leak when deallocating nodes with overflows

When storing unbounded types in a BTreeMap, a node is represented as a linked list of "memory chunks". In some cases, when we deallocate a node only the first memory chunk is deallocated, and the rest of the memory chunks remain incorrectly allocated, causing a memory leak. In the worst case,...

CVE-2024-27411 drm/nouveau: keep DMA buffers required for suspend/resume

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: keep DMA buffers required for suspend/resume Nouveau deallocates a few buffers post GPU init which are required for GPU suspend/resume to function correctly. This is likely not as big an issue on systems where the...

SUSE CVE-2024-27077

In the Linux kernel, the following vulnerability has been resolved: media: v4l2-mem2mem: fix a memleak in v4l2m2mregisterentity The entity-name i.e. name is allocated in v4l2m2mregisterentity but isn't freed in its following error-handling paths. This patch adds such deallocation to prevent memle...

SUSE CVE-2024-27078

In the Linux kernel, the following vulnerability has been resolved: media: v4l2-tpg: fix some memleaks in tpgalloc In tpgalloc, resources should be deallocated in each and every error-handling paths, since they are allocated in for statements. Otherwise there would be memleaks because tpgfree is...

SUSE CVE-2024-27388

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix some memleaks in gssxdecoptionarray The creds and oa-data need to be freed in the error-handling paths after their allocation. So this patch add these deallocations in the corresponding paths...

DEBIAN-CVE-2024-27078

In the Linux kernel, the following vulnerability has been resolved: media: v4l2-tpg: fix some memleaks in tpgalloc In tpgalloc, resources should be deallocated in each and every error-handling paths, since they are allocated in for statements. Otherwise there would be memleaks because tpgfree is...

DEBIAN-CVE-2024-27077

In the Linux kernel, the following vulnerability has been resolved: media: v4l2-mem2mem: fix a memleak in v4l2m2mregisterentity The entity-name i.e. name is allocated in v4l2m2mregisterentity but isn't freed in its following error-handling paths. This patch adds such deallocation to prevent memle...