DEBIAN-CVE-2024-27077

In the Linux kernel, the following vulnerability has been resolved: media: v4l2-mem2mem: fix a memleak in v4l2m2mregisterentity The entity-name i.e. name is allocated in v4l2m2mregisterentity but isn't freed in its following error-handling paths. This patch adds such deallocation to prevent memle...

CVE-2024-27074

In the Linux kernel, the following vulnerability has been resolved: media: go7007: fix a memleak in go7007loadencoder In go7007loadencoder, bouncei.e. go-bootfw, is allocated without a deallocation thereafter. After the following call chain: saa7134go7007init |- go7007bootencoder |-...

UBUNTU-CVE-2024-27073

In the Linux kernel, the following vulnerability has been resolved: media: ttpci: fix two memleaks in budgetavattach When saa7146registerdevice and saa7146vvinit fails, budgetavattach should free the resources it allocates, like the error-handling of ttpcibudgetinit does. Besides, there are two...

UBUNTU-CVE-2024-27074

In the Linux kernel, the following vulnerability has been resolved: media: go7007: fix a memleak in go7007loadencoder In go7007loadencoder, bouncei.e. go-bootfw, is allocated without a deallocation thereafter. After the following call chain: saa7134go7007init |- go7007bootencoder |-...

CVE-2024-27077

In the Linux kernel, the following vulnerability has been resolved: media: v4l2-mem2mem: fix a memleak in v4l2m2mregisterentity The entity-name i.e. name is allocated in v4l2m2mregisterentity but isn't freed in its following error-handling paths. This patch adds such deallocation to prevent memle...

CVE-2024-27074

The CVE-2024-27074 entry concerns a Linux kernel memory leak in the media go7007 path. Specifically, in go7007_load_encoder the bounce object (go->boot_fw) is allocated but not deallocated, and is freed later via kfree(go) after the call chain saa7134_go7007_init -> go7007_boot_encoder -&gt...

CVE-2024-27074 media: go7007: fix a memleak in go7007_load_encoder

In the Linux kernel, the following vulnerability has been resolved: media: go7007: fix a memleak in go7007loadencoder In go7007loadencoder, bouncei.e. go-bootfw, is allocated without a deallocation thereafter. After the following call chain: saa7134go7007init |- go7007bootencoder |-...

DEBIAN-CVE-2024-26939

In the Linux kernel, the following vulnerability has been resolved: drm/i915/vma: Fix UAF on destroy against retire race Object debugging tools were sporadically reporting illegal attempts to free a still active i915 VMA object when parking a GT believed to be idle. 161.359441 ODEBUG: free active...

kernel: RDMA/efa: Fix wrong resources deallocation order

In the Linux kernel, the following vulnerability has been resolved: RDMA/efa: Fix wrong resources deallocation order When trying to destroy QP or CQ, we first decrease the refcount and potentially free memory regions allocated for the object and then request the device to destroy the object. If t...

SUSE CVE-2024-26912

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix several DMA buffer leaks Nouveau manages GSP-RM DMA buffers with nvkmgspmem objects. Several of these buffers are never dealloced. Some of them can be deallocated right after GSP-RM is initialized, but the rest...

DEBIAN-CVE-2024-26912

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix several DMA buffer leaks Nouveau manages GSP-RM DMA buffers with nvkmgspmem objects. Several of these buffers are never dealloced. Some of them can be deallocated right after GSP-RM is initialized, but the rest...

CVE-2024-26912 drm/nouveau: fix several DMA buffer leaks

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix several DMA buffer leaks Nouveau manages GSP-RM DMA buffers with nvkmgspmem objects. Several of these buffers are never dealloced. Some of them can be deallocated right after GSP-RM is initialized, but the rest...

DEBIAN-CVE-2024-26825

In the Linux kernel, the following vulnerability has been resolved: nfc: nci: free rxdatareassembly skb on NCI device cleanup rxdatareassembly skb is stored during NCI data exchange for processing fragmented packets. It is dropped only when the last fragment is processed or when an NTF packet wit...

DEBIAN-CVE-2024-26839

In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix a memleak in initcreditreturn When dmaalloccoherent fails to allocate dd-crbasei.va, initcreditreturn should deallocate dd-crbase and dd-crbasei that allocated before. Or those resources would be never freed and a...

CVE-2024-26832

In the Linux kernel, the following vulnerability has been resolved: mm: zswap: fix missing folio cleanup in writeback race path In zswapwritebackentry, after we get a folio from readswapcacheasync, we grab the tree lock again to check that the swap entry was not invalidated and recycled. If it wa...

CVE-2024-26825 nfc: nci: free rx_data_reassembly skb on NCI device cleanup

In the Linux kernel, the following vulnerability has been resolved: nfc: nci: free rxdatareassembly skb on NCI device cleanup rxdatareassembly skb is stored during NCI data exchange for processing fragmented packets. It is dropped only when the last fragment is processed or when an NTF packet wit...

Use After Free

GTKWave is vulnerable to multiple use-after-free in the VCD getvartoken realloc functionality. The vulnerability is due to improper handling of memory deallocation, specifically when triggered via the GUI's legacy VCD parsing code, which can be exploited by opening a specially crafted .vcd file,...

CVE-2024-24862

Removed by vendor...

Memory Corruption

thunderbird is vulnerable to Memory Corruption.The vulnerability is due to improper handling of memory allocation or deallocation, It allows for potential memory corruption within the Firefox and Thunderbird applications, which could lead to the execution of arbitrary code by attackers...

EulerOS Virtualization 2.11.1 : httpd (EulerOS-SA-2024-1400)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Out-of-bounds Read vulnerability in modmacro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57...