CVE-2025-8734

A vulnerability has been found in GNU Bison up to 3.8.2. This impacts the function codefree of the file src/scan-code.c. The manipulation leads to double free. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The actual existence of this...

CVE-2025-8734

GNU Bison up to 3.8.2 contains a vulnerability in function code_free (src/scan-code.c) that can cause a double free. Exploitation appears to be locally actionable; the exploit has been disclosed, but the actual existence of this issue is disputed as reproductions from a GNU Bison 3.8.2 tarball in...

UBUNTU-CVE-2022-49959

In the Linux kernel, the following vulnerability has been resolved: openvswitch: fix memory leak at failed datapath creation ovsdpcmdnew-ovsdpchange-ovsdpsetupcallportids allocates array via kmalloc. If for some reason newvport fails during ovsdpcmdnew dp-upcallportids must be freed. Add missing...

PT-2025-25875 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A memory leak issue has been identified in the firmware upload functionality of the Linux kernel. Specifically, when firmware is uploaded, an instance of struct fw upload is allocated...

PT-2025-27962 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A use-after-free issue has been identified in the Linux kernel, specifically in the r535 gsp rpc push function. This occurs when the RPC container is released after being passed to r53...

CVE-2023-53069

In the Linux kernel, the following vulnerability has been resolved: octeontx2-vf: Add missing free for allocpercpu Add the freepercpu for the allocated "vf-hw.lmtinfo" in order to avoid memory leak, same as the "pf-hw.lmtinfo" in drivers/net/ethernet/marvell/octeontx2/nic/otx2pf.c...

DEBIAN-CVE-2022-49837

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix memory leaks in checkfunccall kmemleak reports this issue: unreferenced object 0xffff88817139d000 size 2048: comm "testprogs", pid 33246, jiffies 4307381979 age 45851.820s hex dump first 32 bytes: 01 00 00 00 00 00 00 00...

CVE-2020-36789 can: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard IRQ context

In the Linux kernel, the following vulnerability has been resolved: can: dev: cangetechoskb: prevent call to kfreeskb in hard IRQ context If a driver calls cangetechoskb during a hardware IRQ which is often, but not always, the case, the 'WARNONinirq' in net/core/skbuff.cskbreleaseheadstate might...

HDF5 安全漏洞

HDF5 is a library of HDF open source . HDF5 has a buffer overflow vulnerability , the vulnerability stems from the H5Faccumfree function fails to correctly validate the length of the input data size , an attacker can use this vulnerability to cause a denial of service...

DEBIAN-CVE-2025-21842

In the Linux kernel, the following vulnerability has been resolved: amdkfd: properly free gangctxbo when failed to init user queue The destructor of a gtt bo is declared as void amdgpuamdkfdfreegttmemstruct amdgpudevice adev, void memobj; Which takes void as the second parameter. GCC allows passi...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a race condition in the PCM hwparams and hwfree calls...

PT-2025-32389 · Gnu +1 · Gnu Bison +1

Name of the Vulnerable Software and Affected Versions: GNU Bison versions through 3.8.2 Description: A problematic vulnerability has been found in GNU Bison. The issue affects the code free function within the src/scan-code.c file, leading to a double free condition. The attack requires local...

DEBIAN-CVE-2024-56534

In the Linux kernel, the following vulnerability has been resolved: isofs: avoid memory leak in iocharset A memleak was found as below: unreferenced object 0xffff0000d10164d8 size 8: comm "pool-udisksd", pid 108217, jiffies 4295408555 hex dump first 8 bytes: 75 74 66 38 00 cc cc cc utf8...

CVE-2024-56546 drivers: soc: xilinx: add the missing kfree in xlnx_add_cb_for_suspend()

In the Linux kernel, the following vulnerability has been resolved: drivers: soc: xilinx: add the missing kfree in xlnxaddcbforsuspend If we fail to allocate memory for cbdata by kmalloc, the memory allocation for evedata is never freed, add the missing kfree in the error handling path...

kernel: net: atlantic: Fix DMA mapping for PTP hwts ring

In the Linux kernel, the following vulnerability has been resolved: net: atlantic: Fix DMA mapping for PTP hwts ring Function aqringhwtsrxalloc maps extra AQCFGRXDSDEF bytes for PTP HWTS ring but then generic aqringfree does not take this into account. Create and use a specific function to free...

SUSE CVE-2024-47732

In the Linux kernel, the following vulnerability has been resolved: crypto: iaa - Fix potential use after free bug The freedevicecompressionmodeiaadevice, devicemode function frees "devicemode" but it iss passed to iaacompressionmodesi-free a few lines later resulting in a use after free. The goo...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a problematic call to the doslabfree function, which could lead to memory corruption and a system crash...

Stack-based Buffer Overflow

libcurl.so is vulnerable to a Stack-based Buffer Overflow. The vulnerability is due to improper handling of memory in the utf8asn1str function, which invokes free function on a 4-byte local stack buffer when detecting an invalid field. Attackers can exploit this flaw to overwrite nearby stack...

CVE-2022-48724

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix potential memory leak in intelsetupirqremapping After commit e3beca48a45b "irqdomain/treewide: Keep firmware node unconditionally allocated". For tear down scenario, fn is only freed after fail to allocate irdomai...

The vulnerability of Omron Sysmac Studio and CX-One software, which is related to the use of the “Free” function for the pointer not at the beginning of the buffer, allows a hacker to execute arbitrary code.

The vulnerability of Omron Sysmac Studio and CX-One software, which are used for automating and managing manufacturing processes, stems from the use of the “Free” function for the pointer not at the beginning of the buffer. Exploiting this vulnerability allows an attacker to execute arbitrary cod...