104 matches found
CVE-2022-50774 crypto: qat - fix DMA transfer direction
In the Linux kernel, the following vulnerability has been resolved: crypto: qat - fix DMA transfer direction When CONFIGDMAAPIDEBUG is selected, while running the crypto self test on the QAT crypto algorithms, the function adddmaentry reports a warning similar to the one below, saying that...
PT-2025-53184
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to the blk-cgroup subsystem. Specifically, the issue involves dropping the reference count of a parent block group blkg before the pd free fn...
Linux Distros Unpatched Vulnerability : CVE-2023-54107
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - blk-cgroup: dropping parent refcount after pdfreefn is done Some cgroup policies will access parent pd through child pd even after pdofflinefn is done. If...
PT-2025-52977
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a memory leak in the dmaengine subsystem, specifically within the sf-pdma driver. A change introduced by commit b2cc5c465c2c altered the behavior of the sf pdma...
usb: gadget: f_ecm: Refactor bind path to use __free()
...
UBUNTU-CVE-2025-40092
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: Refactor bind path to use free After an bind/unbind cycle, the ncm-notifyreq is left stale. If a subsequent bind fails, the unified error label attempts to free this stale request, leading to a NULL pointer...
CVE-2025-40094
CVE-2025-40094 affects the Linux kernel’s USB gadget f_acm binding path. After a bind/unbind cycle, acm->notify_req can be left stale, and if a subsequent bind fails, the unified error label may try to free it, causing a NULL pointer dereference when accessing ep->ops->free_request. The ...
JLSEC-2025-14 cairo 1.16.0, in cairo_ft_apply_variations() in cairo-ft-font.c, would free memory using a free func...
cairo 1.16.0, in cairoftapplyvariations in cairo-ft-font.c, would free memory using a free function incompatible with WebKit's fastMalloc, leading to an application crash with a "free: invalid pointer" error...
EUVD-2018-8996
Malware in sbrugna...
EUVD-2022-36084
Malicious code in bioql PyPI...
EUVD-2025-28935
Malicious code in bioql PyPI...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an improper reference counting operation in the idxdfree function, which could lead to reuse after release...
PT-2025-37653
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A memory leak exists in the driver core due to the failure to free the acpi pld info structure before returning from an allocation failure. Specifically, the ACPI FREE function was not...
UBUNTU-CVE-2025-39777
In the Linux kernel, the following vulnerability has been resolved: crypto: acomp - Fix CFI failure due to type punning To avoid a crash when control flow integrity is enabled, make the workspace "stream" free function use a consistent type, and call it through a function pointer that has that sa...
CVE-2025-39777
The CVE-2025-39777 entry concerns the Linux kernel crypto: acomp component, where a control flow integrity (CFI) failure was caused by type punning. The issue could lead to a crash when CFG is enabled. The documented fix uses a consistent type for the workspace free function and ensures it is inv...
CVE-2025-39777 crypto: acomp - Fix CFI failure due to type punning
In the Linux kernel, the following vulnerability has been resolved: crypto: acomp - Fix CFI failure due to type punning To avoid a crash when control flow integrity is enabled, make the workspace "stream" free function use a consistent type, and call it through a function pointer that has that sa...
GNU Bison scan-code.c code_free double free
...
Linux Distros Unpatched Vulnerability : CVE-2025-8734
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability has been found in GNU Bison up to 3.8.2. This impacts the function codefree of the file src/scan-code.c. The manipulation leads to double free. ...
CVE-2025-8734
A flaw was found in bison. The codefree function in src/scan-code.c is susceptible to a double-free condition due to improper memory management, allowing a local attacker to trigger a memory corruption issue. This manipulation occurs when processing specially crafted input, resulting in a potenti...
CVE-2025-8734
Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: Additional analysis indicates that the files referenced in the stack trace do not exist in Bison...