10 matches found
CVE-2022-50514
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fhid: fix refcount leak on error path When failing to allocate reportdesc, opts-refcnt has already been incremented so it needs to be decremented to avoid leaving the options structure permanently locked...
CVE-2022-50514
CVE-2022-50514 concerns the Linux kernel’s usb gadget f_hid path. The vulnerability arises from a refcount leak on the error path when report_desc allocation fails: opts->refcnt has already been incremented and must be decremented to avoid leaving the options structure permanently locked. The ...
EUVD-2024-53399
Malicious code in bioql PyPI...
CVE-2024-41096 PCI/MSI: Fix UAF in msi_capability_init
In the Linux kernel, the following vulnerability has been resolved: PCI/MSI: Fix UAF in msicapabilityinit KFENCE reports the following UAF: BUG: KFENCE: use-after-free read in pcienablemsirange+0x2c0/0x488 Use-after-free read at 0x0000000024629571 in kfence-12: pcienablemsirange+0x2c0/0x488...
CVE-2024-41096 PCI/MSI: Fix UAF in msi_capability_init
In the Linux kernel, the following vulnerability has been resolved: PCI/MSI: Fix UAF in msicapabilityinit KFENCE reports the following UAF: BUG: KFENCE: use-after-free read in pcienablemsirange+0x2c0/0x488 Use-after-free read at 0x0000000024629571 in kfence-12: pcienablemsirange+0x2c0/0x488...
PT-2025-41019
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A reference count leak exists in the USB gadget f hid functionality. Specifically, when allocation of report desc fails, the reference count opts-refcnt is not decremented, leading to th...
GLSA-201903-09 : GNU C Library: Arbitrary descriptor allocation
The remote host is affected by the vulnerability described in GLSA-201903-09 GNU C Library: Arbitrary descriptor allocation A vulnerability was discovered in the GNU C Library functions xdrbytes and xdrstring. Impact : A remote attacker, by sending a crafted UDP packet, could cause a Denial of...
CVE-2015-6252
The vhostdevioctl function in drivers/vhost/vhost.c in the Linux kernel before 4.1.5 allows local users to cause a denial of service memory consumption via a VHOSTSETLOGFD ioctl call that triggers permanent file-descriptor allocation...
CVE-2015-6252
The vhostdevioctl function in drivers/vhost/vhost.c in the Linux kernel before 4.1.5 allows local users to cause a denial of service memory consumption via a VHOSTSETLOGFD ioctl call that triggers permanent file-descriptor allocation...
CVE-2015-6252
The vhostdevioctl function in drivers/vhost/vhost.c in the Linux kernel before 4.1.5 allows local users to cause a denial of service memory consumption via a VHOSTSETLOGFD ioctl call that triggers permanent file-descriptor allocation...