btrfs: fix double free in create_space_info_sub_group() error path

...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: regmap: A possible double-free condition in regcacherbtreeexit has been fixed. In regcacherbtreeinserttoblock, when realloc fails with the value “present”, the “blk” variable, which is supposed to point to ‘rbnode-block’, will be...

CVE-2026-24680

FreeRDP (pre-3.22.0) is affected by an ASan-use-after-free in sdl_Pointer_New, which frees data on failure and then is freed again by pointer_free/sdl_Pointer_Free. The vulnerability affects the FreeRDP implementation of the Remote Desktop Protocol and is fixed in version 3.22.0. The CVSS metrics...

UBUNTU-CVE-2025-68359

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix double free of qgroup record after failure to add delayed ref head In the previous code it was possible to incur into a double kfree scenario when calling adddelayedrefhead. This could happen if the record was reported...

EulerOS 2.0 SP13 : gnutls (EulerOS-SA-2025-2434)

According to the versions of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject...

CVE-2023-53241 nfsd: call op_release, even when op_func returns an error

In the Linux kernel, the following vulnerability has been resolved: nfsd: call oprelease, even when opfunc returns an error For ops with "trivial" replies, nfsd4encodeoperation will shortcut most of the encoding work and skip to just marshalling up the status. One of the things it skips is callin...

SUSE-SU-2025:20594-1 Security update for libarchive

This update for libarchive fixes the following issues: - CVE-2025-5918: reading past EOF may be triggered for piped file streams bsc1244279 - CVE-2025-5917: off by one error in buildustarentryname at archivewritesetformatpax.c bsc1244336 - CVE-2025-5916: integer overflow while reading warc files ...

SUSE-SU-2025:01801-1 Security update for libsoup

This update for libsoup fixes the following issues: - CVE-2025-4948: Fixed integer underflow in soupmultipartnewfrommessage leading to denial of service bsc1243332 - CVE-2025-4969: Fixed off-by-one out-of-bounds read may lead to infoleak bsc1243423 - CVE-2025-32906: Fixed out of bounds reads in...

DEBIAN-CVE-2023-45666

stbimage is a single file MIT licensed library for processing images. It may look like stbiloadgifmain doesn’t give guarantees about the content of output value delays upon failure. Although it sets delays to zero at the beginning, it doesn’t do it in case the image is not recognized as GIF and a...

CVE-2023-37365

Hnswlib 0.7.0 has a double free in initindex when the M argument is a large integer...

openssl: double free after calling PEM_read_bio_ex

A double-free vulnerability was found in OpenSSL's PEMreadbioex function. The function PEMreadbioex reads a PEM file from a BIO and parses and decodes the "name" for example, "CERTIFICATE", any header data, and the payload data. If the function succeeds, then the "nameout," "header," and "data"...

openssl: double free after calling PEM_read_bio_ex

A double-free vulnerability was found in OpenSSL's PEMreadbioex function. The function PEMreadbioex reads a PEM file from a BIO and parses and decodes the "name" for example, "CERTIFICATE", any header data, and the payload data. If the function succeeds, then the "nameout," "header," and "data"...

SUSE CVE-2011-3626

Double free vulnerability in the prepareexec function in src/exec.c in Logsurfer 1.5b and earlier, and Logsurfer+ 1.7 and earlier, allows remote attackers to execute arbitrary commands via crafted strings in a log file...

CVE-2022-40304

An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked...

DEBIAN-CVE-2022-34495

rpmsgprobe in drivers/rpmsg/virtiorpmsgbus.c in the Linux kernel before 5.18.4 has a double free...

Double free

Adobe Animate version 20.5 and earlier is affected by a double free vulnerability when parsing a crafted .fla file, which could result in arbitrary code execution in the context of the current user. This vulnerability requires user interaction to exploit...

opensc: Double free handling responses from smartcards in libopensc/sc.c:sc_file_set_sec_attr()

A double free when handling responses from a smartcard in scfilesetsecattr in libopensc/sc.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service application crash or possibly have unspecified other impact...