Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: scsi: target: pscsi: Fixed bioput for error cases As of commit 066ff571011d “block: turning biokmalloc into a simple kmalloc wrapper”, a memory block allocated by biokmalloc must be freed using biouninit and kfree. This process i...

CVE-2026-23133 wifi: ath10k: fix dma_free_coherent() pointer

In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: fix dmafreecoherent pointer dmaalloccoherent allocates a DMA mapped buffer and stores the addresses in XXXunaligned fields. Those should be reused when freeing the buffer rather than the aligned addresses...

UBUNTU-CVE-2023-53830

In the Linux kernel, the following vulnerability has been resolved: platform/x86: think-lmi: Fix memory leak when showing current settings When retriving a item string with tlmisetting, the result has to be freed using kfree. In currentvalueshow however, malformed item strings are not freed,...

SUSE CVE-2023-53745

In the Linux kernel, the following vulnerability has been resolved: um: vector: Fix memory leak in vectorconfig If the return value of the umlparsevectorifspec function is NULL, we should call kfreeparams to prevent memory leak...

EUVD-2025-32811

In the Linux kernel, the following vulnerability has been resolved: usb: host: xhci: Fix potential memory leak in xhciallocstreaminfo xhciallocstreaminfo allocates stream context array for streaminfo -streamctxarray with xhciallocstreamctx. When some error occurs, streaminfo-streamctxarray is not...

CVE-2022-50115

CVE-2022-50115 : In the Linux kernel, the ASoC: SOF: ipc3-topology vulnerability caused potential memory corruption due to a double free of ipc_control_data in error/rollback paths when load_bytes-related validation fails. The issue arose because scontrol->ipc_control_data could be freed but n...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from a memory leak caused by not freeing newmodelnumber...

CVE-2025-21694

CVE-2025-21694 : Linux kernel vulnerability in fs/proc/__read_vmcore (kdump path). Root cause: second loop in __read_vmcore could still hit softlockups; fix adds cond_resched() to yield in that loop. Impact: softlockups may interfere with RCU memory freeing and cause crashdump stalls in memory-co...

CVE-2024-50152

A doubly freeing memory vulnerability exists in the Linux kernel smb client. After the first successful memory allocation for 'ea', the second memory release for 'ea' will result in double free, leading to loss of availability of the system. Mitigation Mitigation for this issue is either not...

UBUNTU-CVE-2024-36956

In the Linux kernel, the following vulnerability has been resolved: thermal/debugfs: Free all thermal zone debug memory on zone removal Because thermaldebugtzremove does not free all memory allocated for thermal zone diagnostics, some of that memory becomes unreachable after freeing the thermal...

GPAC 资源管理错误漏洞

GPAC is an open source multimedia framework. GPAC version v2.1-DEV-rev478-g696e6f868-master is vulnerable to a memory misquoting vulnerability that stems from a confusion in the QIsTypeOn function in /gpac/src/bifs/unquantize.c responsible for freeing memory. An attacker could exploit this...

Vim Resource Management Error Vulnerability (CNVD-2022-68074)

Vim is a cross-platform text editor. A security vulnerability exists in Vim versions prior to 9.0.0614, which stems from a confusion in the instruction in the didsetstringoption function that the program is responsible for freeing memory. An attacker can exploit the vulnerability to potentially...

Google Chrome Media Memory Misreference Vulnerability

Google Chrome is a web browser from Google, an American company. A memory misreference vulnerability exists in versions of Google Chrome prior to 106.0.5249.62, which stems from a mix-up in instructions responsible for freeing memory in Media. An attacker could exploit the vulnerability potential...

Google Chrome Survey Memory Misreference Vulnerability

Google Chrome is a web browser from Google, an American company. A memory misreference vulnerability exists in versions of Google Chrome prior to 106.0.5249.62, which stems from a confusion in the instructions responsible for freeing memory in Survey. An attacker could exploit the vulnerability t...

Google Chrome WebSQL Memory Misreference Vulnerability

Google Chrome is a web browser from Google, an American company. A memory misreference vulnerability exists in versions of Google Chrome prior to 105.0.5195.52, which stems from a mix-up in instructions responsible for freeing memory in WebSQL. An attacker could exploit this vulnerability to...

UBUNTU-CVE-2021-42522

There is a Information Disclosure vulnerability in anjuta/plugins/document-manager/anjuta-bookmarks.c. This issue was caused by the incorrect use of libxml2 API. The vendor forgot to call 'gfree' to release the return value of 'xmlGetProp'...

GPAC Memory Misreference Vulnerability

GPAC is an open source multimedia framework. previous versions of GPAC v2.1.0-DEV are vulnerable to a memory mis-reference vulnerability, which stems from a confusion in the program's instructions responsible for freeing memory. An attacker could exploit this vulnerability to potentially cause th...

Adobe InCopy Memory Misreference Vulnerability

Adobe InCopy is a text editing software for authoring from Adobe U.S.A. A memory mis-reference vulnerability exists in Adobe InCopy, which stems from a mix-up in the program's instructions for freeing memory. An attacker could exploit this vulnerability to execute arbitrary code on the system...

A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.15.11. This occurs because of a race condition in tee_shm_get_from_id during an attempt to free a shared memory object.

...