AlmaLinux 8 : kernel-rt (ALSA-2026:9135)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:9135 advisory. kernel: scsi: qla2xxx: Fix improper freeing of purex item CVE-2025-68741 kernel: ALSA: aloop: Fix racy access at PCM trigger CVE-2026-23191 Tenable has...

ROS-20260323-73-0024

A vulnerability in the atm component of the Linux operating system kernel is related to improper memory freeing before deleting the last link. Exploitation of the vulnerability allows an attacker to cause a denial of service...

ROS-20260128-73-0009

A vulnerability in the Linux operating system kernel is related to incorrect resource sweeping or freeing. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20260120-7360

A vulnerability in the drivers/net/ethernet/intel/ice component of the Linux operating system kernel is related to improper memory freeing before deleting the last link. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

curl: Memory leak in Curl_auth_create_ntlm_type3_message

Summary: When handling NTLMv2, if the decoded type-2 “TargetInfo” is large enough that ntresplen+headersize exceeds NTLMBUFSIZE 1024, the code returns early without freeing ntlmv2resp, causing a memory leak...

CVE-2023-53307

CVE-2023-53307: In the Linux kernel rbd subsystem, do_rbd_add() can trigger a use-after-free if rbd_dev_create() fails after transferring ownership of rbd_dev fields (rbd_client, spec, opts) to the rbd_dev. The root cause is that these structures are freed when rbd_dev_create() calls rbd_dev_free...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not properly freeing resources when spufsnewfile fails, which could lead to a memory leak...

CVE-2022-49153 wireguard: socket: free skb in send6 when ipv6 is disabled

In the Linux kernel, the following vulnerability has been resolved: wireguard: socket: free skb in send6 when ipv6 is disabled I got a memory leak report: unreferenced object 0xffff8881191fc040 size 232: comm "kworker/u17:0", pid 23193, jiffies 4295238848 age 3464.870s hex dump first 32 bytes: 00...

Advisory ROSA-SA-2025-2633

software: mosquitto 2.0.15 WASP: ROSA-CHROME packageevrstring: mosquitto-2.0.15 CVE-ID: CVE-2023-0809 BDU-ID: 2024-04210 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the CONNECT component of the Eclipse Mosquitto message broker is related to memory allocation based on an unreliable value of lar...

Mozilla Firefox 资源管理错误漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox, which originates from a confusing instruction in libaudio that is responsible for freeing memory. An attacker can exploit this vulnerability to cause...

CLSA-2022-1658171149 Fixed CVE-2022-31625 in php

ELS-189: Fix for Harden PHP - CVE-2022-31625: Fix freeing of uninitialized memory leading to RCE...