365 matches found
kernel: xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create
A flaw was found in the Linux kernel in which a system crash can occur if there are certain errors establishing RPC-over-RDMA connections...
kernel: xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create
A flaw was found in the Linux kernel in which a system crash can occur if there are certain errors establishing RPC-over-RDMA connections...
Mozilla Firefox 安全漏洞
Mozilla Firefox is an open source web browser.Mozilla Thunderbird is a set of e-mail client software separate from the Mozilla Application Suite. A code execution vulnerability exists in Mozilla Firefox and Thunderbird due to a double release issue in secpkcs7decoderstartdecrypt when handling err...
CVE-2024-50186
In the Linux kernel, the following vulnerability has been resolved: net: explicitly clear the sk pointer, when pf-create fails We have recently noticed the exact same KASAN splat as in commit 6cd4a78d962b "net: do not leave a dangling sk pointer, when socket creation fails". The problem is that...
kernel: soc: ti: pm33xx: Fix refcount leak in am33xx_pm_probe
The TI AM33xx power management driver in the Linux kernel fails to release reference counts acquired via wkupm3ipcget when errors occur during probe. Since the corresponding wkupm3ipcput call is missing from error paths, repeated probe failures gradually exhaust kernel resources...
CVE-2024-50186
In the Linux kernel, the following vulnerability has been resolved: net: explicitly clear the sk pointer, when pf-create fails We have recently noticed the exact same KASAN splat as in commit 6cd4a78d962b "net: do not leave a dangling sk pointer, when socket creation fails". The problem is that...
CVE-2024-49938
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9khtc: Use skbsetlength for resetting urb before resubmit Syzbot points out that skbtrim has a sanity check on the existing length of the skb, which can be uninitialised in some error paths. The intent here is clearly ju...
CVE-2024-47687
In the Linux kernel, the following vulnerability has been resolved: vdpa/mlx5: Fix invalid mr resource destroy Certain error paths from mlx5vdpadevadd can end up releasing mr resources which never got initialized in the first place. This patch adds the missing check in mlx5vdpadestroymrresources ...
CVE-2024-47687
The CVE-2024-47687 issue affects the Linux kernel mlx5/vdpa path. It fixes an invalid MR resource destroy where error paths could release uninitialized MR resources. The patch adds a missing check in mlx5_vdpa_destroy_mr_resources() to block destroying non-initialized MR resources, addressing a N...
SUSE CVE-2024-46733
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix qgroup reserve leaks in cowfilerange In the buffered write path, the dirty page owns the qgroup reserve until it creates an orderedextent. Therefore, any errors that occur before the orderedextent is created must free...
DEBIAN-CVE-2024-46733
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix qgroup reserve leaks in cowfilerange In the buffered write path, the dirty page owns the qgroup reserve until it creates an orderedextent. Therefore, any errors that occur before the orderedextent is created must free...
kernel: mmc: sdio: fix possible resource leaks in some error paths
In the Linux kernel, the following vulnerability has been resolved: mmc: sdio: fix possible resource leaks in some error paths If sdioaddfunc or sdioinitfunc fails, sdioremovefunc can not release the resources, because the sdio function is not presented in these two cases, it won't call ofnodeput...
SUSE CVE-2022-48740
In the Linux kernel, the following vulnerability has been resolved: selinux: fix double free of condlist on error paths On error path from condreadlist and duplicatepolicydbcondlist the condlistdestroy gets called a second time in caller functions, resulting in NULL pointer deref. Fix this by...
DEBIAN-CVE-2022-48740
In the Linux kernel, the following vulnerability has been resolved: selinux: fix double free of condlist on error paths On error path from condreadlist and duplicatepolicydbcondlist the condlistdestroy gets called a second time in caller functions, resulting in NULL pointer deref. Fix this by...
UBUNTU-CVE-2022-48740
In the Linux kernel, the following vulnerability has been resolved: selinux: fix double free of condlist on error paths On error path from condreadlist and duplicatepolicydbcondlist the condlistdestroy gets called a second time in caller functions, resulting in NULL pointer deref. Fix this by...
UBUNTU-CVE-2022-48723
In the Linux kernel, the following vulnerability has been resolved: spi: uniphier: fix reference count leak in uniphierspiprobe The issue happens in several error paths in uniphierspiprobe. When either dmagetslavecaps or devmspiregistermaster returns an error code, the function forgets to decreas...
CVE-2022-48740 selinux: fix double free of cond_list on error paths
In the Linux kernel, the following vulnerability has been resolved: selinux: fix double free of condlist on error paths On error path from condreadlist and duplicatepolicydbcondlist the condlistdestroy gets called a second time in caller functions, resulting in NULL pointer deref. Fix this by...
CVE-2022-48740
In the Linux kernel, the following vulnerability has been resolved: selinux: fix double free of condlist on error paths On error path from condreadlist and duplicatepolicydbcondlist the condlistdestroy gets called a second time in caller functions, resulting in NULL pointer deref. Fix this by...
CVE-2022-48740 selinux: fix double free of cond_list on error paths
In the Linux kernel, the following vulnerability has been resolved: selinux: fix double free of condlist on error paths On error path from condreadlist and duplicatepolicydbcondlist the condlistdestroy gets called a second time in caller functions, resulting in NULL pointer deref. Fix this by...
CVE-2022-48728 IB/hfi1: Fix AIP early init panic
In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix AIP early init panic An early failure in hfi1ipoibsetuprn can lead to the following panic: BUG: unable to handle kernel NULL pointer dereference at 00000000000001b0 PGD 0 P4D 0 Oops: 0002 1 SMP NOPTI Workqueue: event...