EUVD-2023-60381

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix lost destroy smbd connection when MR allocate failed If the MR allocate failed, the smb direct connection info is NULL, then smbddestroy will directly return, then the connection info will be leaked. Let's set the smb...

CVE-2022-50843

In the Linux kernel, the following vulnerability has been resolved: dm clone: Fix UAF in clonedtr Dmclone also has the same UAF problem when dmresume and dmdestroy are concurrent. Therefore, cancelling timer again in clonedtr...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a wrong-path failure to perform a destroy operation, which could lead to a memory leak...

PT-2025-53133

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains use-after-free flaws within the fbdev and smscufx components. These flaws can occur when a USB device is physically removed. The fix introduces the ufx ops...

CVE-2023-53799 crypto: api - Use work queue in crypto_destroy_instance

In the Linux kernel, the following vulnerability has been resolved: crypto: api - Use work queue in cryptodestroyinstance The function cryptodropspawn expects to be called in process context. However, when an instance is unregistered while it still has active users, the last user may cause the...

CVE-2023-53795 iommufd: IOMMUFD_DESTROY should not increase the refcount

In the Linux kernel, the following vulnerability has been resolved: iommufd: IOMMUFDDESTROY should not increase the refcount syzkaller found a race where IOMMUFDDESTROY increments the refcount: obj = iommufdgetobjectucmd-ictx, cmd-id, IOMMUFDOBJANY; if ISERRobj return PTRERRobj;...

EUVD-2022-55658

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: fix memory corruption in ioctl If "smem.bytes" is larger than the buffer size it leads to memory corruption...

PT-2025-40730

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free UAF issue was identified and resolved in the dm cache functionality of the Linux kernel. This problem occurs when dm resume and dm destroy are executed concurrently. The...

EUVD-2022-55249

Malicious code in bioql PyPI...

nvme: tcp: avoid race between queue_lock lock and destroy

...

GO-2023-1900 Hashicorp Vault Fails to Verify if Approle SecretID Belongs to Role During a Destroy Operation in github.com/hashicorp/vault

Hashicorp Vault Fails to Verify if Approle SecretID Belongs to Role During a Destroy Operation in github.com/hashicorp/vault...

kernel: PCI/DOE: Fix destroy_work_on_stack() race

A race condition flaw was found in the Linux kernel's PCI Data Object Exchange DOE implementation. The destroyworkonstack function is called after signaling completion, creating a race where the work struct can go out of scope before being destroyed. This triggers debug object warnings when...

UBUNTU-CVE-2021-47212

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Update error handler for UCTX and UMEM In the fast unload flow, the device state is set to internal error, which indicates that the driver started the destroy process. In this case, when a destroy command is being...

CVE-2023-24999 Vault Fails to Verify if the AppRole SecretID Belongs to Role During a Destroy Operation

HashiCorp Vault and Vault Enterprise’s approle auth method allowed any authenticated user with access to an approle destroy endpoint to destroy the secret ID of any other role by providing the secret ID accessor. This vulnerability is fixed in Vault 1.13.0, 1.12.4, 1.11.8, 1.10.11 and above...

CVE-2023-24999 Vault Fails to Verify if the AppRole SecretID Belongs to Role During a Destroy Operation

HashiCorp Vault and Vault Enterprise’s approle auth method allowed any authenticated user with access to an approle destroy endpoint to destroy the secret ID of any other role by providing the secret ID accessor. This vulnerability is fixed in Vault 1.13.0, 1.12.4, 1.11.8, 1.10.11 and above...

DEBIAN-CVE-2017-18203

The dmgetfromkobject function in drivers/md/dm.c in the Linux kernel before 4.14.3 allow local users to cause a denial of service BUG by leveraging a race condition with dmdestroy during creation and removal of DM devices...