20 matches found
CVE-2026-45246
CVE-2026-45246 describes an insecure file permission vulnerability in the refresh-free configuration rewrite path for versions prior to 0.15.1. When the path rewrites the configuration file, the replacement is created with default process umask permissions instead of preserving the original file ...
CVE-2026-43419
In the Linux kernel, the following vulnerability has been resolved: ceph: fix memory leaks in cephmdscbuildpath Add putname calls to error code paths that did not free the "path" pointer obtained by getname. If ownership of this pointer is not passed to the caller via pathinfo.path, the function...
CVE-2026-43408
In the Linux kernel, the following vulnerability has been resolved: ceph: add a bunch of missing cephpathinfo initializers cephmdscbuildpath must be called with a zero-initialized cephpathinfo parameter, or else the following cephmdscfreepathinfo may crash. Example crash on Linux 6.18.12:...
CVE-2026-43419 ceph: fix memory leaks in ceph_mdsc_build_path()
In the Linux kernel, the following vulnerability has been resolved: ceph: fix memory leaks in cephmdscbuildpath Add putname calls to error code paths that did not free the "path" pointer obtained by getname. If ownership of this pointer is not passed to the caller via pathinfo.path, the function...
CVE-2026-43408
CVE-2026-43408 concerns the Linux kernel Ceph path handling: a missing zero-initialization of ceph_path_info before ceph_mdsc_build_path() calls can lead to crashes when ceph_mdsc_free_path_info() is invoked on error paths. Multiple code paths lacked proper initializers; the recommended fix is to...
CVE-2026-43408
In the Linux kernel, the following vulnerability has been resolved: ceph: add a bunch of missing cephpathinfo initializers cephmdscbuildpath must be called with a zero-initialized cephpathinfo parameter, or else the following cephmdscfreepathinfo may crash. Example crash on Linux 6.18.12:...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix deadlock when freeing cgroup storage The following commit bc235cdb423a "bpf: Prevent deadlock from recursive bpftaskstorageget|delete" first introduced deadlock prevention for fentry/fexit programs attaching on...
SUSE CVE-2026-23014
In the Linux kernel, the following vulnerability has been resolved: perf: Ensure swevent hrtimer is properly destroyed With the change to hrtimertrytocancel in perfsweventcancelhrtimer it appears possible for the hrtimer to still be active by the time the event gets freed. Make sure the event doe...
CVE-2026-23014
In the Linux kernel, the following vulnerability has been resolved: perf: Ensure swevent hrtimer is properly destroyed With the change to hrtimertrytocancel in perfsweventcancelhrtimer it appears possible for the hrtimer to still be active by the time the event gets freed. Make sure the event doe...
CVE-2026-23014 perf: Ensure swevent hrtimer is properly destroyed
In the Linux kernel, the following vulnerability has been resolved: perf: Ensure swevent hrtimer is properly destroyed With the change to hrtimertrytocancel in perfsweventcancelhrtimer it appears possible for the hrtimer to still be active by the time the event gets freed. Make sure the event doe...
EUVD-2026-4926
In the Linux kernel, the following vulnerability has been resolved: perf: Ensure swevent hrtimer is properly destroyed With the change to hrtimertrytocancel in perfsweventcancelhrtimer it appears possible for the hrtimer to still be active by the time the event gets freed. Make sure the event doe...
kernel: bpf: Fix deadlock when freeing cgroup storage
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix deadlock when freeing cgroup storage The following commit bc235cdb423a "bpf: Prevent deadlock from recursive bpftaskstorageget|delete" first introduced deadlock prevention for fentry/fexit programs attaching on...
kernel: bpf: Fix deadlock when freeing cgroup storage
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix deadlock when freeing cgroup storage The following commit bc235cdb423a "bpf: Prevent deadlock from recursive bpftaskstorageget|delete" first introduced deadlock prevention for fentry/fexit programs attaching on...
AZL-74754 CVE-2025-39911 affecting package kernel for versions less than 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: i40e: fix IRQ freeing in i40evsirequestirqmsix error path If requestirq in i40evsirequestirqmsix fails in an iteration later than the first, the error path wants to free the IRQs requested so far. However, it uses the wrong devid...
SUSE CVE-2022-49891
In the Linux kernel, the following vulnerability has been resolved: tracing: kprobe: Fix memory leak in testgenkprobe/kretprobecmd testgenkprobecmd only free buf in fail path, hence buf will leak when there is no failure. Move kfreebuf from fail path to common path to prevent the memleak. The sam...
PT-2025-18608 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A memory leak issue has been resolved in the Linux kernel. The problem occurred in the test gen kprobe/kretprobe cmd function, where the buffer was only freed in the failure path,...
UBUNTU-CVE-2024-56562
In the Linux kernel, the following vulnerability has been resolved: i3c: master: Fix miss free initdynaddr at i3cmasterputi3caddrs if dev-boardinfo && dev-boardinfo-initdynaddr ^^^ here check "initdynaddr" i3cbussetaddrslotstatus&master-bus, dev-info.dynaddr, ... ^^^^ free "dynaddr" Fix copy/past...
kernel: usb: usbip: fix a refcount leak in stub_probe()
In the Linux kernel, the following vulnerability has been resolved: usb: usbip: fix a refcount leak in stubprobe usbgetdev is called in stubdevicealloc. When stubprobe fails after that, usbputdev needs to be called to release the reference. Fix this by moving usbputdev to sdevfree error path...
PT-2024-11329
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak has been resolved in the Linux kernel. The issue occurred in the probe function when the final serial config fails, causing the info variable to leak. A resource handling...
Fedora 29 : 2:qemu (2019-88a98ce795)
CVE-2018-19364: 9pfs: use-after-free bz 1651359 - CVE-2018-19489: 9pfs: use-after-free renaming files bz 1653157 - CVE-2018-16867: usb-mtp: path traversal issue bz 1656746 - CVE-2018-16872: usb-mtp: path traversal issue bz 1659150 - CVE-2018-20191: pvrdma: uarread leads to NULL deref bz 1660315 -...