2032 matches found
CVE-2023-53744 soc: ti: pm33xx: Fix refcount leak in am33xx_pm_probe
In the Linux kernel, the following vulnerability has been resolved: soc: ti: pm33xx: Fix refcount leak in am33xxpmprobe wkupm3ipcget takes refcount, which should be freed by wkupm3ipcput. Add missing refcount release in the error paths...
CVE-2022-50620
CVE-2022-50620: Linux kernel/f2fs issue fixed. Root cause: in the error path of f2fs_start_discard_thread(), dcc->f2fs_issue_discard was not invalidated, allowing kthread_stop() to dereference an invalid pointer in the shutdown path (e.g., f2fs_stop_discard_thread, kill_f2fs_super, and related...
CVE-2022-50620 f2fs: fix to invalidate dcc->f2fs_issue_discard in error path
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to invalidate dcc-f2fsissuediscard in error path Syzbot reports a NULL pointer dereference issue as below: refcountadd include/linux/refcount.h:193 inline refcountinc include/linux/refcount.h:250 inline refcountinc...
CVE-2022-50620 f2fs: fix to invalidate dcc->f2fs_issue_discard in error path
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to invalidate dcc-f2fsissuediscard in error path Syzbot reports a NULL pointer dereference issue as below: refcountadd include/linux/refcount.h:193 inline refcountinc include/linux/refcount.h:250 inline refcountinc...
CVE-2022-50620
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to invalidate dcc-f2fsissuediscard in error path Syzbot reports a NULL pointer dereference issue as below: refcountadd include/linux/refcount.h:193 inline refcountinc include/linux/refcount.h:250 inline refcountinc...
CVE-2022-50619 drm/amdkfd: Fix memory leak in kfd_mem_dmamap_userptr()
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix memory leak in kfdmemdmamapuserptr If the number of pages from the userptr BO differs from the SG BO then the allocated memory for the SG table doesn't get freed before returning -EINVAL, which may lead to a memor...
CVE-2022-50618 mmc: meson-gx: fix return value check of mmc_add_host()
In the Linux kernel, the following vulnerability has been resolved: mmc: meson-gx: fix return value check of mmcaddhost mmcaddhost may return error, if we ignore its return value, it will lead two issues: 1. The memory that allocated in mmcallochost is leaked. 2. In the remove path, mmcremovehost...
CVE-2022-50626
In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: fix memory leak in dvbusbadapterinit Syzbot reports a memory leak in "dvbusbadapterinit". The leak is due to not accounting for and freeing current iteration's adapter-priv in case of an error. Currently if an err...
PT-2025-49461
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to invalidate dcc-f2fs issue discard in error path Syzbot reports a NULL pointer dereference issue as below: refcount add include/linux/refcount.h:193 inline refcount inc include/linux/refcount.h:250 inline refcount inc...
PT-2025-49494
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1.0-rc2+ 3 Description The Linux kernel contains a flaw within the ath12k driver related to lock handling during peer ID retrieval. Specifically, the ath12k peer find by id function requires a lock, but this lo...
drm/msm: Fix pgtable prealloc error path
...
UBUNTU-CVE-2025-40260
In the Linux kernel, the following vulnerability has been resolved: schedext: Fix scxenable crash on helper kthread creation failure A crash was observed when the schedext selftests runner was terminated with Ctrl+\ while test 15 was running: NIP c00000000028fa58 scxenable.constprop.0+0x358/0x12b...
CVE-2025-40247 drm/msm: Fix pgtable prealloc error path
In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix pgtable prealloc error path The following splat was reported: Unable to handle kernel NULL pointer dereference at virtual address 0000000000000010 Mem abort info: ESR = 0x0000000096000004 EC = 0x25: DABT current EL, ...
CVE-2025-40247 drm/msm: Fix pgtable prealloc error path
In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix pgtable prealloc error path The following splat was reported: Unable to handle kernel NULL pointer dereference at virtual address 0000000000000010 Mem abort info: ESR = 0x0000000096000004 EC = 0x25: DABT current EL, ...
CVE-2025-40247
CVE-2025-40247 affects the Linux kernel drm/msm path. The issue arises in msm_vma_job_free via an ioctl path cleanup when prealloc_cleanup() runs without a preceding successful prealloc_allocate(), leading to a NULL-pointer/translation fault in the pgtable preallocation flow. Public details descr...
kernel: ALSA: bcd2000: Fix a UAF bug on the error path of probing
In the Linux kernel, the following vulnerability has been resolved: ALSA: bcd2000: Fix a UAF bug on the error path of probing When the driver fails in sndcardregister at probe time, it will free the 'bcd2k-midiouturb' before killing it, which may cause a UAF bug. The following log can reveal it:...
EUVD-2025-198438
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix memory leak of qgrouplist in btrfsaddqgrouprelation When btrfsaddqgrouprelation is called with invalid qgroup levels src = dst, the function returns -EINVAL directly without freeing the preallocated qgrouplist structur...
CVE-2025-40209
CVE-2025-40209 affects the Linux kernel. The btrfs path btrfs_add_qgroup_relation() leaks memory when called with invalid qgroup levels (src >= dst) due to an early return before freeing the preallocated qgroup_list. The leak occurs because cleanup is bypassed on that error path; the caller’s ...
PT-2026-2514
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's SCSI target functionality. Specifically, if memory allocation for cmd-t task cdb fails, the pointer remains NULL and is subsequently dereferenced,...
SUSE CVE-2025-40137
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to truncate first page in error path of f2fstruncate syzbot reports a bug as below: loop0: detected capacity change from 0 to 40427 F2FS-fs loop0: Wrong SSA boundary, start3584 end4096 blocks3072 F2FS-fs loop0: Can't fi...