CVE-2023-54084 ALSA: firewire-digi00x: prevent potential use after free

In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-digi00x: prevent potential use after free This code was supposed to return an error code if initstream failed, but it instead freed dg00x-rxstream and returned success. This potentially leads to a use after free...

CVE-2022-50780 net: fix UAF issue in nfqnl_nf_hook_drop() when ops_init() failed

In the Linux kernel, the following vulnerability has been resolved: net: fix UAF issue in nfqnlnfhookdrop when opsinit failed When the opsinit interface is invoked to initialize the net, but ops-init fails, data is released. However, the ptr pointer in net-gen is invalid. In this case, when...

CVE-2022-50770

Affected software: Linux kernel ocfs2 filesystem code. Issue: memory leak in ocfs2_mount_volume() related to replay_map not freed on error paths, and replay_map memory not freed if d_make_root() fails in ocfs2_fill_super(). Consequence: potential memory leak during mount/recovery of OCFS2 volumes...

CVE-2022-50770 ocfs2: fix memory leak in ocfs2_mount_volume()

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix memory leak in ocfs2mountvolume There is a memory leak reported by kmemleak: unreferenced object 0xffff88810cc65e60 size 32: comm "mount.ocfs2", pid 23753, jiffies 4302528942 age 34735.105s hex dump first 32 bytes: 10 ...

CVE-2022-50766

Summary: CVE-2022-50766 is a Linux kernel vulnerability in the Btrfs path. Reported to affect the Btrfs init flow, where generation data was incorrectly handled in btrfs_init_new_buffer, leading to uninitialized reads in btrfs_clean_tree_block. The root cause is that btrfs_set_header_generation()...

CVE-2022-50761

The CVE-2022-50761 entry concerns a memory leak in the Linux kernel under x86/xen: in xen_init_lock_cpu(), a string allocated with kasprintf() is not freed if bind_ipi_to_irqhandler() fails, potentially leaking memory. The description notes this memory leak is fixed in Xen/CPU initialization code...

CVE-2022-50758 staging: vt6655: fix potential memory leak

In the Linux kernel, the following vulnerability has been resolved: staging: vt6655: fix potential memory leak In function deviceinittd0ring, memory is allocated for member tdinfo of priv-apTD0Ringsi, with i increasing from 0. In case of allocation failure, the memory is freed in reversed order,...

CVE-2022-50758

CVE-2022-50758 affects the Linux kernel (staging: vt6655) and is triggered by a memory-leak in device_init_td0_ring when allocation fails. The root cause is that the freeing loop decrements i and omits i=0, leaving allocated memory unreleased. The fix extends the freeing loop to include the case ...

CVE-2022-50758 staging: vt6655: fix potential memory leak

In the Linux kernel, the following vulnerability has been resolved: staging: vt6655: fix potential memory leak In function deviceinittd0ring, memory is allocated for member tdinfo of priv-apTD0Ringsi, with i increasing from 0. In case of allocation failure, the memory is freed in reversed order,...

CVE-2022-50748

The CVE-2022-50748 entry concerns a memory leak in the Linux kernel’s IPC/mqueue area. The root cause is a failed init_mqueue_fs path where mq_sysctls are not retired, leading to unreleased memory. A fix was applied (see commit db7cfc380900) to ensure retirement of mq_sysctls if IPC namespace cre...

EUVD-2025-205086

In the Linux kernel, the following vulnerability has been resolved: md: init bioset in mddevinit IO operations may be needed before mdrun, such as updating metadata after writing sysfs. Without bioset, this triggers a NULL pointer dereference as below: BUG: kernel NULL pointer dereference, addres...

CVE-2022-50727 scsi: efct: Fix possible memleak in efct_device_init()

In the Linux kernel, the following vulnerability has been resolved: scsi: efct: Fix possible memleak in efctdeviceinit In efctdeviceinit, when efctscsiregfctransport fails, efctscsitgtdriverexit is not called to release memory for efctscsitgtdriverinit and causes memleak: unreferenced object...

CVE-2022-50727 scsi: efct: Fix possible memleak in efct_device_init()

In the Linux kernel, the following vulnerability has been resolved: scsi: efct: Fix possible memleak in efctdeviceinit In efctdeviceinit, when efctscsiregfctransport fails, efctscsitgtdriverexit is not called to release memory for efctscsitgtdriverinit and causes memleak: unreferenced object...

CVE-2022-50725 media: vidtv: Fix use-after-free in vidtv_bridge_dvb_init()

In the Linux kernel, the following vulnerability has been resolved: media: vidtv: Fix use-after-free in vidtvbridgedvbinit KASAN reports a use-after-free: BUG: KASAN: use-after-free in dvbdmxdevrelease+0x4d5/0x5d0 dvbcore Call Trace: ... dvbdmxdevrelease+0x4d5/0x5d0 dvbcore...

CVE-2025-68368

In the Linux kernel, the following vulnerability has been resolved: md: init bioset in mddevinit IO operations may be needed before mdrun, such as updating metadata after writing sysfs. Without bioset, this triggers a NULL pointer dereference as below: BUG: kernel NULL pointer dereference, addres...

UBUNTU-CVE-2025-68726

In the Linux kernel, the following vulnerability has been resolved: crypto: aead - Fix reqsize handling Commit afddce13ce81d "crypto: api - Add reqsize to cryptoalg" introduced crareqsize field in cryptoalg struct to replace type specific reqsize fields. It looks like this was introduced...

AZL-78410 CVE-2025-68365 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Initialize allocated memory before use KMSAN reports: Multiple uninitialized values detected: - KMSAN: uninit-value in ntfsreadhdr 3 - KMSAN: uninit-value in bcmp 3 Memory is allocated by getname, which is a wrapper for...

CVE-2023-54017

In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: fix possible memory leak in ibmebusbusinit If deviceregister returns error in ibmebusbusinit, name of kobject which is allocated in devsetname called in deviceadd is leaked. As comment of deviceadd says, it shoul...

CVE-2022-50702

In the Linux kernel, the following vulnerability has been resolved: vdpasim: fix possible memory leak in vdpasimnetinit and vdpasimblkinit Inject fault while probing module, if deviceregister fails in vdpasimnetinit or vdpasimblkinit, but the refcount of kobject is not decreased to 0, the name...

CVE-2023-54001

In the Linux kernel, the following vulnerability has been resolved: staging: r8712: Fix memory leak in r8712initxmitpriv In the above mentioned routine, memory is allocated in several places. If the first succeeds and a later one fails, the routine will leak memory. This patch fixes commit...