2033 matches found
DEBIAN-CVE-2024-26655
In the Linux kernel, the following vulnerability has been resolved: Fix memory leak in posixclockopen If the clk ops.open function returns an error, we don't release the pccontext we allocated for this clock. Re-organize the code slightly to make it all more obvious...
CVE-2024-2379
libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL. If told to use an unknown/bad cipher or curve, the error path accidentally skips the verification and returns OK, thus ignoring any certificate problems...
CURL-CVE-2024-2379 QUIC certificate check bypass with wolfSSL
libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL. If told to use an unknown/bad cipher or curve, the error path accidentally skips the verification and returns OK, thus ignoring any certificate problems...
CVE-2024-2379 QUIC certificate check bypass with wolfSSL
libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL. If told to use an unknown/bad cipher or curve, the error path accidentally skips the verification and returns OK, thus ignoring any certificate problems...
CVE-2024-2379
libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL. If told to use an unknown/bad cipher or curve, the error path accidentally skips the verification and returns OK, thus ignoring any certificate problems...
SUSE CVE-2021-47147
In the Linux kernel, the following vulnerability has been resolved: ptp: ocp: Fix a resource leak in an error handling path If an error occurs after a successful 'pciioremapbar' call, it must be undone by a corresponding 'pciiounmap' call, as already done in the remove function...
SUSE CVE-2021-47161
In the Linux kernel, the following vulnerability has been resolved: spi: spi-fsl-dspi: Fix a resource leak in an error handling path 'dspirequestdma' should be undone by a 'dspireleasedma' call in the error handling path of the probe function, as already done in the remove function...
PT-2024-3469 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a double free error in the Linux kernel's USB driver, specifically in the ljca module. When auxiliary device add returns an error and calls auxiliary device...
DEBIAN-CVE-2021-47161
In the Linux kernel, the following vulnerability has been resolved: spi: spi-fsl-dspi: Fix a resource leak in an error handling path 'dspirequestdma' should be undone by a 'dspireleasedma' call in the error handling path of the probe function, as already done in the remove function...
Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel (Azure) vulnerabilities (USN-6716-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6716-1 advisory. Wenqing Liu discovered that the f2fs file system implementation in the Linux kernel did not properly validate inode types while performing...
Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel (AWS) vulnerabilities (USN-6681-4)
The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6681-4 advisory. Wenqing Liu discovered that the f2fs file system implementation in the Linux kernel did not properly validate inode types while performing...
SUSE CVE-2021-47116
In the Linux kernel, the following vulnerability has been resolved: ext4: fix memory leak in ext4mbinitbackend on error path. Fix a memory leak discovered by syzbot when a file system is corrupted with an illegally large sloggroupsperflex...
DEBIAN-CVE-2021-47116
In the Linux kernel, the following vulnerability has been resolved: ext4: fix memory leak in ext4mbinitbackend on error path. Fix a memory leak discovered by syzbot when a file system is corrupted with an illegally large sloggroupsperflex...
SUSE CVE-2023-52492
In the Linux kernel, the following vulnerability has been resolved: dmaengine: fix NULL pointer in channel unregistration function dmaasyncdevicechannelregister can fail. In case of failure, chan-local is freed with freepercpu, and chan-local is nullified. When dmaasyncdeviceunregister is called...
CVE-2023-52491
In the Linux kernel, the following vulnerability has been resolved: media: mtk-jpeg: Fix use after free bug due to error path handling in mtkjpegdecdevicerun In mtkjpegprobe, &jpeg-jobtimeoutwork is bound with mtkjpegjobtimeoutwork. In mtkjpegdecdevicerun, if error happens in mtkjpegsetdecdst, it...
DEBIAN-CVE-2023-52491
In the Linux kernel, the following vulnerability has been resolved: media: mtk-jpeg: Fix use after free bug due to error path handling in mtkjpegdecdevicerun In mtkjpegprobe, &jpeg-jobtimeoutwork is bound with mtkjpegjobtimeoutwork. In mtkjpegdecdevicerun, if error happens in mtkjpegsetdecdst, it...
Spoofing
In the Linux kernel, the following vulnerability has been resolved: media: mtk-jpeg: Fix use after free bug due to error path handling in mtkjpegdecdevicerun In mtkjpegprobe, &jpeg-jobtimeoutwork is bound with mtkjpegjobtimeoutwork. In mtkjpegdecdevicerun, if error happens in mtkjpegsetdecdst, it...
UBUNTU-CVE-2023-52491
In the Linux kernel, the following vulnerability has been resolved: media: mtk-jpeg: Fix use after free bug due to error path handling in mtkjpegdecdevicerun In mtkjpegprobe, &jpeg-jobtimeoutwork is bound with mtkjpegjobtimeoutwork. In mtkjpegdecdevicerun, if error happens in mtkjpegsetdecdst, it...
Null pointer dereference
In the Linux kernel, the following vulnerability has been resolved: dmaengine: fix NULL pointer in channel unregistration function dmaasyncdevicechannelregister can fail. In case of failure, chan-local is freed with freepercpu, and chan-local is nullified. When dmaasyncdeviceunregister is called...
SUSE CVE-2021-47104
In the Linux kernel, the following vulnerability has been resolved: IB/qib: Fix memory leak in qibusersdmaqueuepkts The wrong goto label was used for the error case and missed cleanup of the pkt allocation. Addresses-Coverity-ID: 1493352 "Resource leak"...