Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: xen/privcmd: fixed the error exit of privcmdioctldmop. The error exit of privcmdioctldmop calls unlockpages, potentially with pages being NULL, leading to a NULL dereference. Additionally, lockpages does not check whether...

SUSE CVE-2022-50776

In the Linux kernel, the following vulnerability has been resolved: clk: st: Fix memory leak in stofquadfssetup If stclkregisterquadfspll fails, @lock should be freed before goto @errexit, otherwise will cause meory leak issue, fix it...

UBUNTU-CVE-2022-50776

In the Linux kernel, the following vulnerability has been resolved: clk: st: Fix memory leak in stofquadfssetup If stclkregisterquadfspll fails, @lock should be freed before goto @errexit, otherwise will cause meory leak issue, fix it...

CVE-2025-39976

In the Linux kernel, the following vulnerability has been resolved: futex: Use correct exit on failure from futexhashallocatedefault copyprocess uses the wrong error exit path from futexhashallocatedefault. After exiting from futexhashallocatedefault, neither tasklistlock nor siglock has been...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a privcmdioctldmop error exit, which could lead to a null pointer dereference...

CVE-2021-47643 media: ir_toy: free before error exiting

In the Linux kernel, the following vulnerability has been resolved: media: irtoy: free before error exiting Fix leak in error path...

CVE-2024-50002 static_call: Handle module init failure correctly in static_call_del_module()

In the Linux kernel, the following vulnerability has been resolved: staticcall: Handle module init failure correctly in staticcalldelmodule Module insertion invokes staticcalladdmodule to initialize the static calls in a module. staticcalladdmodule invokes staticcallinit, which allocates a struct...

CVE-2021-47369

CVE-2021-47369 — Linux kernel (s390/qeth): The issue is a NULL dereference in qeth_clear_working_pool_list() triggered when qeth_set_online() rolls back after an error in qeth_hardsetup_card(), before card->qdio.in_q has been allocated by qeth_alloc_qdio_queues() via qeth_mpc_initialize(). Thi...

PT-2022-33996 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.140 Description: The issue is related to an error exit in the privcmd ioctl dm op function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions...

GSD-2022-1005024 xen/privcmd: fix error exit of privcmd_ioctl_dm_op()

xen/privcmd: fix error exit of privcmdioctldmop This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.6 by commit...

Flaw in `realloc` allows reading unknown memory

When reallocing, if we allocate new space, we need to copy the old allocation's bytes into the new space. There are oldsize number of bytes in the old allocation, but we were accidentally copying newsize number of bytes, which could lead to copying bytes into the realloc'd space from past the chu...

Linux: Uninitialized state in x86 PV failsafe callback path

ISSUE DESCRIPTION Linux has a failsafe callback, invoked by Xen under certain conditions. Normally in this failsafe callback, errorentry is paired with errorexit; and errorentry uses %ebx to communicate to errorexit whether to use the user or kernel return path. Unfortunately, on 64-bit PV Xen on...

Halliburton LogView Pro Remote Code Execution Vulnerability

Halliburton LogView is a comprehensive file format processing software. A remote code execution vulnerability exists in Halliburton LogView Pro. Due to a dynamic link library AXCGMV.ocx in the software in the call to process the file, the file reading is not controlled for the length of the file,...