361 matches found
EUVD-2026-18688
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: always free skb on ieee80211txprepareskb failure ieee80211txprepareskb has three error paths, but only two of them free the skb. The first error path ieee80211txprepare returning TXDROP does not free it, while...
SUSE CVE-2026-23339
In the Linux kernel, the following vulnerability has been resolved: nfc: nci: free skb on ncitransceive early error paths ncitransceive takes ownership of the skb passed by the caller, but the -EPROTO, -EINVAL, and -EBUSY error paths return without freeing it. Due to issues clearing NCIDATAEXCHAN...
CVE-2026-23339
In the Linux kernel, the following vulnerability has been resolved: nfc: nci: free skb on ncitransceive early error paths ncitransceive takes ownership of the skb passed by the caller, but the -EPROTO, -EINVAL, and -EBUSY error paths return without freeing it. Due to issues clearing NCIDATAEXCHAN...
UBUNTU-CVE-2026-23339
In the Linux kernel, the following vulnerability has been resolved: nfc: nci: free skb on ncitransceive early error paths ncitransceive takes ownership of the skb passed by the caller, but the -EPROTO, -EINVAL, and -EBUSY error paths return without freeing it. Due to issues clearing NCIDATAEXCHAN...
CVE-2026-23389
CVE-2026-23389 (Linux kernel ice component) : The issue is a memory leak in ice_set_ringparam() where tx_rings and xdp_rings are allocated before rx_rings. If rx_rings allocation fails, the code jumps to a done path that leaks both tx_rings and xdp_rings; if a per-Rx ring setup fails, code may ju...
CVE-2026-23389 ice: Fix memory leak in ice_set_ringparam()
In the Linux kernel, the following vulnerability has been resolved: ice: Fix memory leak in icesetringparam In icesetringparam, txrings and xdprings are allocated before rxrings. If the allocation of rxrings fails, the code jumps to the done label leaking both txrings and xdprings. Furthermore, i...
CVE-2026-23389
In the Linux kernel, the following vulnerability has been resolved: ice: Fix memory leak in icesetringparam In icesetringparam, txrings and xdprings are allocated before rxrings. If the allocation of rxrings fails, the code jumps to the done label leaking both txrings and xdprings. Furthermore, i...
CVE-2026-23339
In the Linux kernel, the following vulnerability has been resolved: nfc: nci: free skb on ncitransceive early error paths ncitransceive takes ownership of the skb passed by the caller, but the -EPROTO, -EINVAL, and -EBUSY error paths return without freeing it. Due to issues clearing NCIDATAEXCHAN...
CVE-2026-23339
In the Linux kernel, the following vulnerability has been resolved: nfc: nci: free skb on ncitransceive early error paths ncitransceive takes ownership of the skb passed by the caller, but the -EPROTO, -EINVAL, and -EBUSY error paths return without freeing it. Due to issues clearing NCIDATAEXCHAN...
CVE-2026-23339
CVE-2026-23339 is resolved in the Linux kernel through fixes around NFC/NCI skb handling (nci_transceive error paths releasing skb) as cited by multiple OSV entries and kernel patches. Connected advisories show Root: Debian/Ubuntu/Mageia patches for rootio-linux, with multiple fixed versions (e.g...
SUSE CVE-2025-71268
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix reservation leak in some error paths when inserting inline extent If we fail to allocate a path or join a transaction, we return from cowfilerangeinline without freeing the reserved qgroup data, resulting in a leak. Fi...
CVE-2025-71268
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix reservation leak in some error paths when inserting inline extent If we fail to allocate a path or join a transaction, we return from cowfilerangeinline without freeing the reserved qgroup data, resulting in a leak. Fi...
UBUNTU-CVE-2025-71268
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix reservation leak in some error paths when inserting inline extent If we fail to allocate a path or join a transaction, we return from cowfilerangeinline without freeing the reserved qgroup data, resulting in a leak. Fi...
CVE-2025-71268 btrfs: fix reservation leak in some error paths when inserting inline extent
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix reservation leak in some error paths when inserting inline extent If we fail to allocate a path or join a transaction, we return from cowfilerangeinline without freeing the reserved qgroup data, resulting in a leak. Fi...
CVE-2025-71268
The CVE-2025-71268 issue is a Linux kernel vulnerability in btrfs where a reservation leak can occur on some error paths when inserting an inline extent. The root cause is that __cow_file_range_inline() may exit without freeing reserved qgroup data if allocation of a path or join of a transaction...
CVE-2026-31888 Shopware has user enumeration via distinct error codes on Store API login endpoint
Shopware is an open commerce platform. Prior to 6.7.8.1 and 6.6.10.15, the Store API login endpoint POST /store-api/account/login returns different error codes depending on whether the submitted email address belongs to a registered customer CHECKOUTCUSTOMERAUTHBADCREDENTIALS or is unknown...
kernel: drm/sched: Fix potential double free in drm_sched_job_add_resv_dependencies
A flaw was found in the kernel subsystem handling of the DRM scheduler. Under certain error conditions, the function drmschedjobadddependency consumes a fence reference and then later erroneously attempts to free it again double free. This may lead to memory corruption and, in some configurations...
CVE-2026-25796
CVE-2026-25796 affects ImageMagick. In ReadSTEGANOImage() (coders/stegano.c), the watermark Image object is not freed on three early-return paths, causing a definite memory leak (~13.5 KB+) per invocation. This can be exploited for denial of service. Patched in versions 7.1.2-15 and 6.9.13-40 . I...
ksmbd: fix infinite loop caused by next_smb2_rcv_hdr_off reset in error paths
...
CVE-2025-12343
A flaw was found in FFmpeg’s TensorFlow backend within the libavfilter/dnnbackendtf.c source file. The issue occurs in the dnnexecutemodeltf function, where a task object is freed multiple times in certain error-handling paths. This redundant memory deallocation can lead to a double-free conditio...