282 matches found
net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME
A flaw was found in the net package of Go golang, specifically when using the LookupCNAME function with the cgo DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name CNAME response. This can trigger a double-free of C memory, leading to a crash and a Denial of...
EUVD-2026-40976
In the Linux kernel, the following vulnerability has been resolved: arm64: mm: call pagetable dtor when freeing hot-removed page tables Since 5e8eb9aeeda3 "arm64: mm: always call PTE/PMD ctor in createpgdmapping" page-table allocation on ARM64 always calls pagetablepte,pmd,pud,p4dctor. This sets...
CVE-2026-52955 libceph: Fix potential out-of-bounds access in crush_decode()
In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in crushdecode A message of type CEPHMSGOSDMAP containing a crush map with at least one bucket has two fields holding the bucket algorithm. If the values in these two fields differ, an...
CVE-2026-46283 tpm: Use kfree_sensitive() to free auth session in tpm_dev_release()
In the Linux kernel, the following vulnerability has been resolved: tpm: Use kfreesensitive to free auth session in tpmdevrelease tpmdevrelease uses plain kfree to free chip-auth, which contains sensitive cryptographic material including HMAC session keys, nonces, and passphrase data struct...
SUSE CVE-2026-45922
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix memory leak in GETDATADIRECTSYSFSPATH handler The UVERBSHANDLERMLX5IBMETHODGETDATADIRECTSYSFSPATH function allocates memory for the device path using kobjectgetpath. If the length of the device path exceeds the...
SUSE CVE-2026-46067
In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: validate damosquotagoal-nid for nodememcgused,freebp Users can set damosquotagoal-nid with arbitrary value for nodememcgused,freebp. But DAMON core is using those for NODE-DATA without a validation of the value. Th...
CVE-2026-45928
In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix memory leak on codecinfo allocation failure In wave5vpuopenenc and wave5vpuopendec, a vpu instance is allocated via kzalloc. If the subsequent allocation for inst-codecinfo fails, the functions retu...
EUVD-2026-32449
In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: validate damosquotagoal-nid for nodememcgused,freebp Users can set damosquotagoal-nid with arbitrary value for nodememcgused,freebp. But DAMON core is using those for NODE-DATA without a validation of the value. Th...
CVE-2026-46067
CVE-2026-46067 affects the Linux kernel DAMON core. The issue arises because the code path in mm/damon/core validates the node-datas used by NODE-DATA() relies on damos_quota_goal->nid but does not validate its value, allowing an arbitrary nid to be supplied for node_memcg_{used,free}_bp. This...
CVE-2026-45863
Summary: CVE-2026-45863 relates to the Linux kernel i3c dw driver, where dw_i3c_master_i2c_xfers() leaks memory when pm_runtime_resume_and_get() fails. The root cause is allocating the xfer structure via dw_i3c_master_alloc_xfer() without freeing on the error path. Consequence: memory leak potent...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: comedi: A memory leak has been fixed in compatinsnlist. compatinsnlist handles the 32-bit version of the COMEDIINSNLIST ioctl function when CONFIGCOMPAT is enabled. It allocates memory to temporarily hold an array of struct...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fixed the vport QoS cleanup mechanism in case of errors. When enabling vport QoS fails, the scheduling node never gets freed, resulting in a leak. The missing operations were added, and the vport scheduling node pointer...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: zloop: Fixed the KASAN use-after-free of the tagset. When a zloop device is removed, the KASAN-enabled kernel reports a “BUG KASAN use-after-free” in the blkmqfreetagset function. This bug occurs because zloopctlRemove calls...
CLSA-2026-1778798046 binutils: Fix of CVE-2022-48065
CVE-2022-48065: Fix memory leak in function findabstractinstance in dwarf2.c and free allocated memory...
CVE-2026-43462
CVE-2026-43462 affects the Linux kernel spacemit network driver. An error in the function emac_tx_mem_map() could leak DMA mappings on a mapping failure. This resource mismanagement may lead to a denial of service, impacting system availability. The published fix frees the leaked DMA mappings usi...
CVE-2026-43457
In the Linux kernel, the following vulnerability has been resolved: mctp: i2c: fix skb memory leak in receive path When 'midev-allowrx' is false, the newly allocated skb isn't consumed by netifrx, it needs to free the skb directly...
EUVD-2026-28419
When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash...
CVE-2026-33811
When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash...
CVE-2026-33811
When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash...
CVE-2026-33811 Crash when handling long CNAME response in net
When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash...