2026 matches found
CVE-2026-23273
In the Linux kernel, the following vulnerability has been resolved: macvlan: observe an RCU grace period in macvlancommonnewlink error path valis reported that a race condition still happens after my prior patch. macvlancommonnewlink might have made @dev visible before detecting an error, and its...
CVE-2026-23273 macvlan: observe an RCU grace period in macvlan_common_newlink() error path
In the Linux kernel, the following vulnerability has been resolved: macvlan: observe an RCU grace period in macvlancommonnewlink error path valis reported that a race condition still happens after my prior patch. macvlancommonnewlink might have made @dev visible before detecting an error, and its...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the absence of a RCU timeout interval in the error path of the macvlancommonnewlink function. Thi...
CVE-2026-23273
In the Linux kernel, the following vulnerability has been resolved: macvlan: observe an RCU grace period in macvlancommonnewlink error path valis reported that a race condition still happens after my prior patch. macvlancommonnewlink might have made @dev visible before detecting an error, and its...
CVE-2025-71268 btrfs: fix reservation leak in some error paths when inserting inline extent
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix reservation leak in some error paths when inserting inline extent If we fail to allocate a path or join a transaction, we return from cowfilerangeinline without freeing the reserved qgroup data, resulting in a leak. Fi...
GO-2026-4583 malcontent: Error-path cleanup gap can leak scanners and fds and degrade availability in github.com/chainguard-dev/malcontent
malcontent: Error-path cleanup gap can leak scanners and fds and degrade availability in github.com/chainguard-dev/malcontent...
CVE-2024-14027
In the Linux kernel, the following vulnerability has been resolved: fs/xattr: missing fdput in fremovexattr error path In the Linux kernel, the fremovexattr syscall calls fdget to acquire a file reference but returns early without calling fdput when strncpyfromuser fails on the name argument. In...
UBUNTU-CVE-2024-14027
In the Linux kernel, the following vulnerability has been resolved: fs/xattr: missing fdput in fremovexattr error path In the Linux kernel, the fremovexattr syscall calls fdget to acquire a file reference but returns early without calling fdput when strncpyfromuser fails on the name argument. In...
CVE-2024-14027 xattr: switch to CLASS(fd)
In the Linux kernel, the following vulnerability has been resolved: fs/xattr: missing fdput in fremovexattr error path In the Linux kernel, the fremovexattr syscall calls fdget to acquire a file reference but returns early without calling fdput when strncpyfromuser fails on the name argument. In...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the absence of the fdput call in the fremovexattr error path. This vulnerability could potentiall...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005729)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005729 advisory. In the Linux kernel, the following vulnerability has been resolved: cassini: Fix a memory leak in the error handling path of casinitone cassaturnfirmwareinit allocat...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005652)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005652 advisory. In the Linux kernel, the following vulnerability has been resolved: powerpc/52xx: Fix a resource leak in an error handling path The error handling path of...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005479)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005479 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix memory leak why Resource release is needed on the error handling path to...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to improper cleanup in error paths within resource extraction and scanning processes. An attacker can degrade system availability by causing resource leaks and exhausting file...
malcontent: Error-path cleanup gap can leak scanners and fds and degrade availability
Several extraction and scanning code paths registered late defers which could leak resources and exhaust system resources. This report is an aggregate of these individual reports for the affected code: Advisory | Affected File -- | -- GHSA-jjgh-mc5q-gch7 | pkg/action/scan.go GHSA-mwmf-fxh2-w4x7 |...
GHSA-54P8-X2M9-C593 malcontent: Error-path cleanup gap can leak scanners and fds and degrade availability
Several extraction and scanning code paths registered late defers which could leak resources and exhaust system resources. This report is an aggregate of these individual reports for the affected code: Advisory | Affected File -- | -- GHSA-jjgh-mc5q-gch7 | pkg/action/scan.go GHSA-mwmf-fxh2-w4x7 |...
scsi: qla2xxx: Free sp in error path to fix system crash
...
SUSE CVE-2025-71232
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Free sp in error path to fix system crash System crash seen during load/unload test in a loop, 61110.449331 qla2xxx 0000:27:00.0-0042:0: Disabled MSI-X. 61110.467494...
UBUNTU-CVE-2026-23220
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix infinite loop caused by nextsmb2rcvhdroff reset in error paths The problem occurs when a signed request fails smb2 signature verification check. In processrequest, if checksignreq returns an error, setsmb2rspstatuswork...
CVE-2025-71232
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Free sp in error path to fix system crash System crash seen during load/unload test in a loop, 61110.449331 qla2xxx 0000:27:00.0-0042:0: Disabled MSI-X. 61110.467494...