CVE-2023-52684

In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: qseecom: fix memory leaks in error paths Fix instances of returning error codes directly instead of jumping to the relevant labels where memory allocated for the SCM calls would be freed...

CVE-2023-52684

CVE-2023-52684 affects the Linux kernel’s Qualcomm QSEE communication driver (qseecom). The issue involves memory leaks in error paths where memory allocated for SCM calls could fail to be freed. The root cause was returning error codes directly instead of jumping to the cleanup labels that relea...

DEBIAN-CVE-2024-27418

In the Linux kernel, the following vulnerability has been resolved: net: mctp: take ownership of skb in mctplocaloutput Currently, mctplocaloutput only takes ownership of skb on success, and we may leak an skb if mctplocaloutput fails in specific states; the skb ownership isn't transferred until...

PT-2024-14692 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to memory leaks in error paths in the Linux kernel, specifically in the qseecom firmware component. The problem occurs when error codes are returned directly inste...

PT-2024-21882

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to the mctp local output function in the Linux kernel, which only takes ownership of the skb on success. If mctp local output fails in specific states, it may leak a...

CVE-2024-26935

In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix unremoved procfs host directory regression Commit fc663711b944 "scsi: core: Remove the /proc/scsi/$procname directory earlier" fixed a bug related to modules loading/unloading, by adding a call to scsiprochostdirr...

DEBIAN-CVE-2024-27078

In the Linux kernel, the following vulnerability has been resolved: media: v4l2-tpg: fix some memleaks in tpgalloc In tpgalloc, resources should be deallocated in each and every error-handling paths, since they are allocated in for statements. Otherwise there would be memleaks because tpgfree is...

UBUNTU-CVE-2024-27388

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix some memleaks in gssxdecoptionarray The creds and oa-data need to be freed in the error-handling paths after their allocation. So this patch add these deallocations in the corresponding paths...

SUSE CVE-2023-52571

In the Linux kernel, the following vulnerability has been resolved: power: supply: rk817: Fix node refcount leak Dan Carpenter reports that the Smatch static checker warning has found that there is another refcount leak in the probe function. While ofnodeput was added in one of the return paths, ...

DEBIAN-CVE-2023-52571

In the Linux kernel, the following vulnerability has been resolved: power: supply: rk817: Fix node refcount leak Dan Carpenter reports that the Smatch static checker warning has found that there is another refcount leak in the probe function. While ofnodeput was added in one of the return paths, ...

DEBIAN-CVE-2021-47052

In the Linux kernel, the following vulnerability has been resolved: crypto: sa2ul - Fix memory leak of rxd There are two error return paths that are not freeing rxd and causing memory leaks. Fix these. Addresses-Coverity: "Resource leak"...

DEBIAN-CVE-2021-47053

In the Linux kernel, the following vulnerability has been resolved: crypto: sun8i-ss - Fix memory leak of pad It appears there are several failure return paths that don't seem to be free'ing pad. Fix these. Addresses-Coverity: "Resource leak"...

CVE-2021-47009

In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: Fix memory leak on object td Two error return paths are neglecting to free allocated object td, causing a memory leak. Fix this by returning via the error return path that securely kfree's td. Fixes clang scan-buil...

Spoofing

In the Linux kernel, the following vulnerability has been resolved: media: venus: core: Fix some resource leaks in the error path of 'venusprobe' If an error occurs after a successful 'oficcget' call, it must be undone. Use 'devmoficcget' instead of 'oficcget' to avoid the leak. Update the remove...

UBUNTU-CVE-2021-47052

In the Linux kernel, the following vulnerability has been resolved: crypto: sa2ul - Fix memory leak of rxd There are two error return paths that are not freeing rxd and causing memory leaks. Fix these. Addresses-Coverity: "Resource leak"...

kernel: drm: amd: display: Fix memory leakage

A memory leak flaw was found in the Linux kernel's AMD display driver in the display context construction logic. A local user can trigger this issue during AMD GPU initialization when the dcconstructctx function fails to release allocated memory in error paths. This results in permanent memory...

kernel: thermal: core: call put_device() only after device_register() fails

In the Linux kernel, the following vulnerability has been resolved: thermal: core: call putdevice only after deviceregister fails putdevice shouldn't be called before a prior call to deviceregister. thermalcoolingdeviceregister doesn't follow that properly and needs fixing. Also...

Vapor's Metrics integration could cause a system drain

This is a DoS attack against anyone who Bootstraps a metrics backend for their Vapor app with the following attack vector: 1. send unlimited requests against a vapor instance with different paths. this will create “unlimited” counters and timers, which will eventually drain the system. 2...

CVE-2021-46755

Failure to unmap certain SysHub mappings in error paths of the ASP AMD Secure Processor bootloader may allow an attacker with a malicious bootloader to exhaust the SysHub resources resulting in a potential denial of service...

Denial of service

Failure to unmap certain SysHub mappings in error paths of the ASP AMD Secure Processor bootloader may allow an attacker with a malicious bootloader to exhaust the SysHub resources resulting in a potential denial of service...