19 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: ASoC: qcom: q6apm: moved component registration to unmanaged version The q6apm component registers DAIS dynamically from ASoC toplology. These resources are allocated using device-managed API methods. Assigning both components...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007279)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007279 advisory. In the Linux kernel, the following vulnerability has been resolved: iavf: free qvectors before queues in iavfdisablevf iavffreequeues clears adapter-numactivequeues,...
PT-2026-30124
In the Linux kernel, the following vulnerability has been resolved: iommu/sva: Fix crash in iommu sva unbind device domain-mm-iommu mm can be freed by iommu domain free: iommu domain free mmdrop mmdrop mm pasid drop After iommu domain free returns, accessing domain-mm-iommu mm may dereference a...
PT-2025-51595
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the iwlwifi module, specifically in the iwl mld remove link function. The code frees a memory location referred to as "link" using kfree rcu, and...
Oracle Linux 10 : kernel (ELSA-2025-18318)
The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-18318 advisory. - scsi: lpfc: Fix buffer free/clear order in deferred receive path CKI Backport Bot RHEL-119125 CVE-2025-39841 - efivarfs: Fix slab-out-of-bounds in...
CVE-2025-11517
The Event Tickets and Registration plugin for WordPress is vulnerable to payment bypass in all versions up to, and including, 5.26.5. This is due to the /wp-json/tribe/tickets/v1/commerce/free/order endpoint not verifying that a ticket type should be free allowing the user to bypass the payment...
EUVD-2025-34982
The Event Tickets and Registration plugin for WordPress is vulnerable to payment bypass in all versions up to, and including, 5.26.5. This is due to the /wp-json/tribe/tickets/v1/commerce/free/order endpoint not verifying that a ticket type should be free allowing the user to bypass the payment...
CVE-2025-11517
The Event Tickets and Registration plugin for WordPress is vulnerable to payment bypass in all versions up to, and including, 5.26.5. This is due to the /wp-json/tribe/tickets/v1/commerce/free/order endpoint not verifying that a ticket type should be free allowing the user to bypass the payment...
CVE-2025-11517 Event Tickets and Registration <= 5.26.5 - Unauthenticated Ticket Payment Bypass
The Event Tickets and Registration plugin for WordPress is vulnerable to payment bypass in all versions up to, and including, 5.26.5. This is due to the /wp-json/tribe/tickets/v1/commerce/free/order endpoint not verifying that a ticket type should be free allowing the user to bypass the payment...
CVE-2025-11517
CVE-2025-11517 affects the WordPress plugin “Event Tickets and Registration” (
scsi: lpfc: Fix buffer free/clear order in deferred receive path
...
CVE-2022-50355
In the Linux kernel, the following vulnerability has been resolved: staging: vt6655: fix some erroneous memory clean-up loops In some initialization functions of this driver, memory is allocated with 'i' acting as an index variable and increasing from 0. The commit in "Fixes" introduces some...
CVE-2022-50355
In the Linux kernel, the following vulnerability has been resolved: staging: vt6655: fix some erroneous memory clean-up loops In some initialization functions of this driver, memory is allocated with 'i' acting as an index variable and increasing from 0. The commit in "Fixes" introduces some...
CVE-2023-53263 drm/nouveau/disp: fix use-after-free in error handling of nouveau_connector_create
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/disp: fix use-after-free in error handling of nouveauconnectorcreate We can't simply free the connector after calling drmconnectorinit on it. We need to clean up the drm side first. It might not fix all regressions fr...
kernel: HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove()
In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: Fix use-after-free issue in ishtphidremove The system can experience a random crash a few minutes after the driver is removed. This issue occurs due to improper handling of memory freeing in the ishtphidremove...
kernel: HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove()
In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: Fix use-after-free issue in ishtphidremove The system can experience a random crash a few minutes after the driver is removed. This issue occurs due to improper handling of memory freeing in the ishtphidremove...
PT-2025-49373
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s handling of page faults within secret memory files created using memfd secret2. Concurrent page faults in the same page by multiple tasks can lead to ...
DEBIAN-CVE-2024-43856
In the Linux kernel, the following vulnerability has been resolved: dma: fix call order in dmamfreecoherent dmamfreecoherent frees a DMA allocation, which makes the freed vaddr available for reuse, then calls devresdestroy to remove and free the data structure used to track the DMA allocation...
CVE-2024-26619 riscv: Fix module loading free order
In the Linux kernel, the following vulnerability has been resolved: riscv: Fix module loading free order Reverse order of kfree calls to resolve use-after-free error...