The vulnerability of the dev_put() function in the net/atm/lec.c module of the Linux kernel allows a hacker to cause a service failure.

The vulnerability of the devput function in the net/atm/lec.c module of the Linux kernel is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to cause a service failure...

SUSE CVE-2022-49787

In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci-pci: Fix possible memory leak caused by missing pcidevput pcigetdevice will increase the reference count for the returned pcidev. We need to use pcidevput to decrease the reference count before amdprobe returns. There ...

UBUNTU-CVE-2022-49390

In the Linux kernel, the following vulnerability has been resolved: macsec: fix UAF bug for realdev Create a new macsec device but not get reference to realdev. That can not ensure that realdev is freed after macsec. That will trigger the UAF bug for realdev as following:...

kernel: ACPI: fix NULL pointer dereference

A vulnerability was found in the Linux kernel’s ACPI subsystem, where the acpidevput function could attempt to operate on a NULL pointer, leads to a system crash due to a NULL pointer dereference, causing instability when managing ACPI devices...

DEBIAN-CVE-2022-48896

In the Linux kernel, the following vulnerability has been resolved: ixgbe: fix pci device refcount leak As the comment of pcigetdomainbusandslot says, it returns a PCI device with refcount incremented, when finish using it, the caller must decrement the reference count by calling pcidevput. In...

UBUNTU-CVE-2022-48807

In the Linux kernel, the following vulnerability has been resolved: ice: Fix KASAN error in LAG NETDEVUNREGISTER handler Currently, the same handler is called for both a NETDEVBONDINGINFO LAG unlink notification as for a NETDEVUNREGISTER call. This is causing a problem though, since the...

DEBIAN-CVE-2021-47555

In the Linux kernel, the following vulnerability has been resolved: net: vlan: fix underflow for the realdev refcnt Inject error before devholdrealdev in registervlandev, and execute the following testcase: ip link add dev dummy1 type dummy ip link add name dummy1.100 link dummy1 type vlan id 100...

SUSE CVE-2021-47289

In the Linux kernel, the following vulnerability has been resolved: ACPI: fix NULL pointer dereference Commit 71f642833284 "ACPI: utils: Fix reference counting in foreachacpidevmatch" started doing "acpidevput" on a pointer that was possibly NULL. That fails miserably, because that helper inline...

UBUNTU-CVE-2021-47289

In the Linux kernel, the following vulnerability has been resolved: ACPI: fix NULL pointer dereference Commit 71f642833284 "ACPI: utils: Fix reference counting in foreachacpidevmatch" started doing "acpidevput" on a pointer that was possibly NULL. That fails miserably, because that helper inline...

PT-2024-11292 · Linux +6 · Linux Kernel +6

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A NULL pointer dereference issue has been resolved in the Linux kernel. The problem occurred when the acpi dev put function was called on a possibly NULL pointer, which was not handled...

AZL-40085 CVE-2024-26898 affecting package kernel for versions less than 6.6.29.1-3

In the Linux kernel, the following vulnerability has been resolved: aoe: fix the potential use-after-free problem in aoecmdcfgpkts This patch is against CVE-2023-6270. The description of cve is: A flaw was found in the ATA over Ethernet AoE driver in the Linux kernel. The aoecmdcfgpkts function...

PT-2022-36538 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.14.300 Description: The issue is related to a possible memory leak caused by a missing pci dev put call. This problem was introduced in version v4.4 and is fixed in version v4.14.300. The actual impact and...