9 matches found
CVE-2026-43489
A flaw was found in the Linux kernel's liveupdate mechanism. When a retrieve operation fails, the system does not properly record the failure status. This allows a local attacker to repeatedly attempt the operation, potentially leading to attempts to access or free already freed data structures...
CVE-2026-43489
In the Linux kernel, the following vulnerability has been resolved: liveupdate: luofile: remember retrieve status LUO keeps track of successful retrieve attempts on a LUO file. It does so to avoid multiple retrievals of the same file. Multiple retrievals cause problems because once the file is...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986523)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986523 advisory. In the Linux kernel, the following vulnerability has been resolved: pci/hotplug/pnvphp: Fix hotplug driver crash on Powernv The hotplug driver for powerpc...
The vulnerability of the memcg_write_event_control() function in the Linux kernel’s memory management subsystem allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the memcgwriteeventcontrol function in the mm/memcontrol.c module of the Linux kernel’s memory management subsystem is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity,...
Google protobuf 安全漏洞
Google protobuf is a data exchange format from Google, Inc. A security vulnerability exists in Google protobuf, which stems from a security issue in the C++ JSON parser that, under certain circumstances, could cause the parser to copy freed data into an error message with malicious JSON input...
OESA-2022-1798 samba security update
Samba is a suite of programs for Linux and Unix to interoperate with Windows. Security Fixes: A flaw was found in Samba. Samba AD users can cause the server to access uninitialized data with an LDAP add or modify the request, usually resulting in a segmentation fault.CVE-2022-32745 A flaw was fou...
ALPINE-CVE-2021-28702
PCI devices with RMRRs not deassigned correctly Certain PCI devices in a system might be assigned Reserved Memory Regions specified via Reserved Memory Region Reporting, "RMRR". These are typically used for platform tasks such as legacy USB emulation. If such a device is passed through to a guest...
kernel: use-after-free in ucma_leave_multicast in drivers/infiniband/core/ucma.c
A flaw was found in the Linux Kernel in the ucmaleavemulticast function in drivers/infiniband/core/ucma.c which allows access to a certain data structure after freeing it in ucmaprocessjoin. This allows an attacker to cause a use-after-free bug and to induce kernel memory corruption, leading to a...
kernel: NULL pointer dereference in ext4/mballoc.c:ext4_process_freed_data() when mounting crafted ext4 image
The Linux kernel is vulnerable to a NULL pointer dereference in the ext4/mballoc.c:ext4processfreeddata function. An attacker could trick a legitimate user or a privileged attacker could exploit this by mounting a crafted ext4 image to cause a kernel panic...