151 matches found
CVE-2022-49661 can: gs_usb: gs_usb_open/close(): fix memory leak
In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbopen/close: fix memory leak The gsusb driver appears to suffer from a malady common to many USB CAN adapter drivers in that it performs usballoccoherent to allocate a number of USB request blocks URBs for RX, and...
CVE-2022-49661
In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbopen/close: fix memory leak The gsusb driver appears to suffer from a malady common to many USB CAN adapter drivers in that it performs usballoccoherent to allocate a number of USB request blocks URBs for RX, and...
CVE-2022-49661
Affected component: Linux kernel, gs_usb driver (USB CAN adapter). Issue: memory leak in gs_usb_open/close where RX URBs allocated with usb_alloc_coherent() were not freed by usb_kill_anchored_urbs() and DMA memory leaked. Root cause: improper freeing pattern; the fix explicitly frees RX URBs and...
Unbreakable Enterprise kernel security update
5.4.17-2136.340.4.1 - RDS: avoid queueing delayed work on an offlined cpu Praveen Kumar Kannoju Orabug: 37566743 5.4.17-2136.340.4 - ftrace: use preemptenable/disable notrace macros to avoid double fault Koichiro Den - nfsd: restore callback functionality for NFSv4.0 NeilBrown - i2c: pnx: Fix...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: scsi: qedi: Fixed a possible memory leak in qediallocandinitsb. The hook “qediops-common-sbinit = qedsbinit” does not release the DMA-mapped memory sbvirt when it fails. Added dmafreecoherent to release this memory. This is th...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: r8169: Tally counter fields were added for RTL8125. RTL8125 added fields to the tally counter, which may cause the chip to DMA these new fields to unallocated memory. Therefore, ensure that the allocated memory area is large enou...
CVE-2024-56747
In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix a possible memory leak in qediallocandinitsb Hook "qediops-common-sbinit = qedsbinit" does not release the DMA memory sbvirt when it fails. Add dmafreecoherent to free it. This is the same way as qedrallocmemsb an...
SUSE CVE-2024-56747
In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix a possible memory leak in qediallocandinitsb Hook "qediops-common-sbinit = qedsbinit" does not release the DMA memory sbvirt when it fails. Add dmafreecoherent to free it. This is the same way as qedrallocmemsb an...
CVE-2024-56747
In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix a possible memory leak in qediallocandinitsb Hook "qediops-common-sbinit = qedsbinit" does not release the DMA memory sbvirt when it fails. Add dmafreecoherent to free it. This is the same way as qedrallocmemsb an...
DEBIAN-CVE-2024-56748
In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Fix a possible memory leak in qedfallocandinitsb Hook "qedops-common-sbinit = qedsbinit" does not release the DMA memory sbvirt when it fails. Add dmafreecoherent to free it. This is the same way as qedrallocmemsb and...
AZL-54756 CVE-2024-56748 affecting package kernel for versions less than 5.15.173.1-1
In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Fix a possible memory leak in qedfallocandinitsb Hook "qedops-common-sbinit = qedsbinit" does not release the DMA memory sbvirt when it fails. Add dmafreecoherent to free it. This is the same way as qedrallocmemsb and...
AZL-55118 CVE-2024-56747 affecting package kernel for versions less than 5.15.176.3-1
In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix a possible memory leak in qediallocandinitsb Hook "qediops-common-sbinit = qedsbinit" does not release the DMA memory sbvirt when it fails. Add dmafreecoherent to free it. This is the same way as qedrallocmemsb an...
AZL-55053 CVE-2024-56747 affecting package kernel for versions less than 6.6.64.2-1
In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix a possible memory leak in qediallocandinitsb Hook "qediops-common-sbinit = qedsbinit" does not release the DMA memory sbvirt when it fails. Add dmafreecoherent to free it. This is the same way as qedrallocmemsb an...
CVE-2024-56748 scsi: qedf: Fix a possible memory leak in qedf_alloc_and_init_sb()
In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Fix a possible memory leak in qedfallocandinitsb Hook "qedops-common-sbinit = qedsbinit" does not release the DMA memory sbvirt when it fails. Add dmafreecoherent to free it. This is the same way as qedrallocmemsb and...
CVE-2024-56748
CVE-2024-56748 affects the Linux kernel SCSI qedf driver (QLogic/QED) where memory allocated for sb (scsi block) was leaked on sb_init failure. The root cause was that the dma memory sb_virt allocated for the SB was not freed when qed_ops->common->sb_init failed, leading to a memory leak. T...
CVE-2024-56748 scsi: qedf: Fix a possible memory leak in qedf_alloc_and_init_sb()
In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Fix a possible memory leak in qedfallocandinitsb Hook "qedops-common-sbinit = qedsbinit" does not release the DMA memory sbvirt when it fails. Add dmafreecoherent to free it. This is the same way as qedrallocmemsb and...
CVE-2024-56747 scsi: qedi: Fix a possible memory leak in qedi_alloc_and_init_sb()
In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix a possible memory leak in qediallocandinitsb Hook "qediops-common-sbinit = qedsbinit" does not release the DMA memory sbvirt when it fails. Add dmafreecoherent to free it. This is the same way as qedrallocmemsb an...
CVE-2024-56747
CVE-2024-56747 concerns the Linux kernel scsi/qedi memory leak. The vulnerable path occurs when the sb (shared memory) for qedi_sb_init is allocated but not freed if sb_init fails, leading to a memory leak. The fix adds dma_free_coherent() to release sb_virt, aligning with the handling in qedr_al...
CVE-2024-56719
CVE-2024-56719 affects the Linux kernel net driver stmmac (TSO DMA path). The root cause was unbalanced DMA map/unmap: tx_skbuff_dma[] was populated later in stmmac_tso_xmit(), causing the dma cookie used by dma_unmap_single() to differ from dma_map_single() when priv->dma_cap.addr64 > 32. ...
AZL-60151 CVE-2024-8612 affecting package qemu 6.2.0-26
A flaw was found in QEMU, in the virtio-scsi, virtio-blk, and virtio-crypto devices. The size for virtqueuepush as set in virtioscsicompletereq / virtioblkreqcomplete / viritocryptoreqcomplete could be larger than the true size of the data which has been sent to guest. Once virtqueuepush finally...