SUSE CVE-2022-50758

In the Linux kernel, the following vulnerability has been resolved: staging: vt6655: fix potential memory leak In function deviceinittd0ring, memory is allocated for member tdinfo of priv-apTD0Ringsi, with i increasing from 0. In case of allocation failure, the memory is freed in reversed order,...

SUSE CVE-2022-50766

In the Linux kernel, the following vulnerability has been resolved: btrfs: set generation before calling btrfscleantreeblock in btrfsinitnewbuffer syzbot is reporting uninit-value in btrfscleantreeblock 1, for commit bc877d285ca3dba2 "btrfs: Deduplicate extentbuffer init code" missed that...

SUSE CVE-2022-50780

In the Linux kernel, the following vulnerability has been resolved: net: fix UAF issue in nfqnlnfhookdrop when opsinit failed When the opsinit interface is invoked to initialize the net, but ops-init fails, data is released. However, the ptr pointer in net-gen is invalid. In this case, when...

SUSE CVE-2023-54005

In the Linux kernel, the following vulnerability has been resolved: binder: fix memory leak in binderinit In binderinit, the destruction of binderallocshrinkerinit is not performed in the wrong path, which will cause memory leaks. So this commit introduces binderallocshrinkerexit and calls it in...

SUSE CVE-2023-54017

In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: fix possible memory leak in ibmebusbusinit If deviceregister returns error in ibmebusbusinit, name of kobject which is allocated in devsetname called in deviceadd is leaked. As comment of deviceadd says, it shoul...

SUSE CVE-2023-54084

In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-digi00x: prevent potential use after free This code was supposed to return an error code if initstream failed, but it instead freed dg00x-rxstream and returned success. This potentially leads to a use after free...

SUSE CVE-2023-54138

In the Linux kernel, the following vulnerability has been resolved: drm/msm: fix NULL-deref on irq uninstall In case of early initialisation errors and on platforms that do not use the DPU controller, the deinitilisation code can be called with the kms pointer set to NULL. Patchwork:...

Linux Distros Unpatched Vulnerability : CVE-2022-50761

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - x86/xen: Fix memory leak in xeninitlockcpu In xeninitlockcpu, the @name has allocated new string by kasprintf, if bindipitoirqhandler fails, it should be freed,...

Linux Distros Unpatched Vulnerability : CVE-2023-54001

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - staging: r8712: Fix memory leak in r8712initxmitpriv In the above mentioned routine, memory is allocated in several places. If the first succeeds and a later on...

Linux Distros Unpatched Vulnerability : CVE-2022-50698

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ASoC: da7219: Fix an error handling path in da7219registerdaiclks If clkhwregister fails, the corresponding clk should not be unregistered. To handle errors fro...

Linux Distros Unpatched Vulnerability : CVE-2022-50702

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vdpasim: fix possible memory leak in vdpasimnetinit and vdpasimblkinit Inject fault while probing module, if deviceregister fails in vdpasimnetinit or...

CVE-2025-66211

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.451, an authenticated command injection vulnerability in PostgreSQL Init Script Filename handling allows users with application/service management permissions to execute...

CLSA-2025-1766598218 opensc: Fix of 4 CVEs

CVE-2024-45616: fix insufficient control of APDU buffer and its length - CVE-2024-45615: initialize uninitialized variables - CVE-2024-45617: fix insufficient or missing checking of return values - CVE-2024-45620: fix incorrect handling length of buffers or files in pkcs15init...

EUVD-2023-60361

In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-digi00x: prevent potential use after free This code was supposed to return an error code if initstream failed, but it instead freed dg00x-rxstream and returned success. This potentially leads to a use after free...

EUVD-2022-55762

In the Linux kernel, the following vulnerability has been resolved: scsi: efct: Fix possible memleak in efctdeviceinit In efctdeviceinit, when efctscsiregfctransport fails, efctscsitgtdriverexit is not called to release memory for efctscsitgtdriverinit and causes memleak: unreferenced object...

CVE-2023-54155

In the Linux kernel, the following vulnerability has been resolved: net: core: remove unnecessary framesz check in bpfxdpadjusttail Syzkaller reported the following issue: ======================================= Too BIG xdp-framesz = 131072 WARNING: CPU: 0 PID: 5020 at net/core/filter.c:4121...

CVE-2023-54084

In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-digi00x: prevent potential use after free This code was supposed to return an error code if initstream failed, but it instead freed dg00x-rxstream and returned success. This potentially leads to a use after free...

CVE-2022-50758

In the Linux kernel, the following vulnerability has been resolved: staging: vt6655: fix potential memory leak In function deviceinittd0ring, memory is allocated for member tdinfo of priv-apTD0Ringsi, with i increasing from 0. In case of allocation failure, the memory is freed in reversed order,...

CVE-2022-50761

In the Linux kernel, the following vulnerability has been resolved: x86/xen: Fix memory leak in xeninitlockcpu In xeninitlockcpu, the @name has allocated new string by kasprintf, if bindipitoirqhandler fails, it should be freed, otherwise may lead to a memory leak issue, fix it...

CVE-2022-50748

In the Linux kernel, the following vulnerability has been resolved: ipc: mqueue: fix possible memory leak in initmqueuefs commit db7cfc380900 "ipc: Free mqsysctls if ipc namespace creation failed" Here's a similar memory leak to the one fixed by the patch above. retiremqsysctls need to be called...