95 matches found
CVE-2026-43445
In the Linux kernel, the following vulnerability has been resolved: e1000/e1000e: Fix leak in DMA error cleanup If an error is encountered while mapping TX buffers, the driver should unmap any buffers already mapped for that skb. Because count is incremented after a successful mapping, it will...
UBUNTU-CVE-2026-43445
In the Linux kernel, the following vulnerability has been resolved: e1000/e1000e: Fix leak in DMA error cleanup If an error is encountered while mapping TX buffers, the driver should unmap any buffers already mapped for that skb. Because count is incremented after a successful mapping, it will...
CVE-2026-43445
In the Linux kernel, the following vulnerability has been resolved: e1000/e1000e: Fix leak in DMA error cleanup If an error is encountered while mapping TX buffers, the driver should unmap any buffers already mapped for that skb. Because count is incremented after a successful mapping, it will...
CVE-2026-43445
CVE-2026-43445 is a Linux kernel vulnerability in the e1000/e1000e drivers (and potentially igbvf) where a DMA mapping error cleanup leak could occur. The root cause was an off-by-one condition in the dma_error path: count was decremented before the loop, so if any TX buffer mappings succeeded be...
CVE-2026-43445 e1000/e1000e: Fix leak in DMA error cleanup
In the Linux kernel, the following vulnerability has been resolved: e1000/e1000e: Fix leak in DMA error cleanup If an error is encountered while mapping TX buffers, the driver should unmap any buffers already mapped for that skb. Because count is incremented after a successful mapping, it will...
CVE-2026-43395
In the Linux kernel, the vulnerability CVE-2026-43395 affects the drm/xe/sync subsystem. During xe_sync_entry_parse(), references (syncobj, fence, chain fence, or user fence) can be allocated before a later failure path is reached, leaving partially initialized state and leaking refs. The fix rou...
PT-2026-39106
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the e1000 and e1000e drivers during DMA Direct Memory Access error cleanup. When an error occurs while mapping TX buffers, the driver fails to correctly unmap all...
CVE-2026-43192
In the Linux kernel, the following vulnerability has been resolved: dm mpath: Add missing dmputdevice when failing to get scsi dh name When commit fd81bc5cca8f "scsi: devicehandler: Return error pointer in scsidhattachedhandlername" added code to fail parsing the path if scsidhattachedhandlername...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Destroying vGIC structures during failed vCPU creation If the function kvmarchvcpucreate fails to share the vCPU page with the hypervisor, we propagate the error back to the ioctl, but leave the vGIC vCPU structures...
Azure Linux 3.0 Security Update: kernel (CVE-2025-38225)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38225 advisory. - In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: Cleanup after an...
CVE-2025-68791
A reference count leak flaw was found in the Linux kernel's FUSE filesystem when using iouring for argument copies. The copyfinish function is not called in error paths, causing page reference counts to leak. This can lead to memory being pinned indefinitely and potential resource exhaustion...
CVE-2025-68791
In the Linux kernel, the following vulnerability has been resolved: fuse: missing copyfinish in fuse-over-io-uring argument copies Fix a possible reference count leak of payload pages during fuse argument copies. Joanne: simplified error cleanup...
UBUNTU-CVE-2025-68791
In the Linux kernel, the following vulnerability has been resolved: fuse: missing copyfinish in fuse-over-io-uring argument copies Fix a possible reference count leak of payload pages during fuse argument copies. Joanne: simplified error cleanup...
CVE-2025-68791 fuse: missing copy_finish in fuse-over-io-uring argument copies
In the Linux kernel, the following vulnerability has been resolved: fuse: missing copyfinish in fuse-over-io-uring argument copies Fix a possible reference count leak of payload pages during fuse argument copies. Joanne: simplified error cleanup...
CVE-2025-62408 c-ares has a Use After Free vulnerability when connection is cleaned up after error
c-ares is an asynchronous resolver library. Versions 1.32.3 through 1.34.5 terminate a query after maximum attempts when using readanswer and processanswer, which can cause a Denial of Service. This issue is fixed in version 1.34.6...
CVE-2025-62408
CVE-2025-62408 affects the c-ares asynchronous DNS resolver. Versions 1.32.3–1.34.5 terminate a query after maximum attempts when read_answer() or process_answer() are used, causing a Denial of Service. The issue is fixed in version 1.34.6. Remediation: upgrade to 1.34.6 (or later).
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989276)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989276 advisory. In the Linux kernel, the following vulnerability has been resolved: watchqueue: Fix NULL dereference in error cleanup In watchqueuesetsize, the error cleanup code...
EUVD-2025-36983
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: frndis: Refactor bind path to use free After an bind/unbind cycle, the rndis-notifyreq is left stale. If a subsequent bind fails, the unified error label attempts to free this stale request, leading to a NULL pointer...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987600)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987600 advisory. In the Linux kernel, the following vulnerability has been resolved: watchqueue: Fix NULL dereference in error cleanup In watchqueuesetsize, the error cleanup code...
PT-2026-2523
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to fuse argument copies when using fuse-over-io-uring. Specifically, a missing copy finish function can lead to a reference count leak of payloa...