DEBIAN-CVE-2025-38012

In the Linux kernel, the following vulnerability has been resolved: schedext: bpfiterscxdsqnew should always initialize iterator BPF programs may call next and destroy on BPF iterators even after new returns an error value e.g. bpfforeach macro ignores error returns from new. bpfiterscxdsqnew cou...

PT-2025-27707 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, specifically in the iwlwifi module. The issue occurs when there is an error during initialization, causing the system to retry...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: s390/cpumf: Fix double free on error in cpumfpmueventinit In PMU event initialization functions - cpumsfpmueventinit - cpumfpmueventinit - cfdiageventinit the partially created event had to be removed when an error was detected...

kernel: i3c: master: Fix miss free init_dyn_addr at i3c_master_put_i3c_addrs()

A vulnerability was found in the i3cmasterputi3caddrs function in the Linux kernel's i3c driver. A memory management issue can occur due to a copy-paste error between "dynaddr" and "initdynaddr", which leads to incorrect handling of memory, potentially causing resource mismanagement and instabili...

drm/vkms: Fix use after free and double free on init error

...

DEBIAN-CVE-2022-49905

In the Linux kernel, the following vulnerability has been resolved: net/smc: Fix possible leaked pernet namespace in smcinit In smcinit, registerpernetsubsys&smcnetstatops is called without any error handling. If it fails, registering of &smcnetops won't be reverted. And if smcnlinit fails,...

CVE-2022-49918

CVE-2022-49918 concerns the Linux kernel IPVS subsystem. The vulnerability arises from the initialization path in ip_vs_conn_net_init() where failure to create ip_vs_conn or ip_vs_conn_sync files still leaves initialization “successful by default.” As a result, during removal, the proc entries ma...

CVE-2025-37788 cxgb4: fix memory leak in cxgb4_init_ethtool_filters() error path

In the Linux kernel, the following vulnerability has been resolved: cxgb4: fix memory leak in cxgb4initethtoolfilters error path In the for loop used to allocate the locarray and bmap for each port, a memory leak is possible when the allocation for locarray succeeds, but the allocation for bmap...

The vulnerability of the `ocfs2_global_read_info()` function in the `/fs/ocfs2/quota_local.c` module of the Linux kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the ocfs2globalreadinfo function in the /fs/ocfs2/quotalocal.c module of the Linux kernel is related to incorrect resource initialization. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not properly initializing clkdata.num, which could lead to out-of-bounds access to arrays...

UBUNTU-CVE-2025-22116

In the Linux kernel, the following vulnerability has been resolved: idpf: check error for registernetdev on init Current init logic ignores the error code from registernetdev, which will cause WARNON on attempt to unregister it, if there was one, and there is no info for the user that the creatio...

CVE-2025-22097 drm/vkms: Fix use after free and double free on init error

In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix use after free and double free on init error If the driver initialization fails, the vkmsexit function might access an uninitialized or freed defaultconfig pointer and it might double free it. Fix both possible erro...

CVE-2025-22097

In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix use after free and double free on init error If the driver initialization fails, the vkmsexit function might access an uninitialized or freed defaultconfig pointer and it might double free it. Fix both possible erro...

CVE-2024-58092 nfsd: fix legacy client tracking initialization

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix legacy client tracking initialization Get rid of the nfsd4legacytrackingops-init call in checkforlegacymethods. That will be handled in the caller nfsd4clienttrackinginit. Otherwise, we'll wind up calling...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from nfnetlinkqueue not initializing ctx, which could result in a memory allocation error...

KEX init error results with excessive memory usage

...

The vulnerability of the bfd_mach_o_get_synthetic_symtab() function in the bfd/mach-o.c component of the GNU Binutils development environment allows a attacker to cause a service failure.

The vulnerability of the bfdmachogetsyntheticsymtab function in the bfd/mach-o.c component of the GNU Binutils development environment is related to errors during variable initialization. Exploiting this vulnerability could allow an attacker to cause a service failure...

DEBIAN-CVE-2025-21924

In the Linux kernel, the following vulnerability has been resolved: net: hns3: make sure ptp clock is unregister and freed if hclgeptpgetcycle returns an error During the initialization of ptp, hclgeptpgetcycle might return an error and returned directly without unregister clock and free it. To...

UBUNTU-CVE-2025-21924

In the Linux kernel, the following vulnerability has been resolved: net: hns3: make sure ptp clock is unregister and freed if hclgeptpgetcycle returns an error During the initialization of ptp, hclgeptpgetcycle might return an error and returned directly without unregister clock and free it. To...

CVE-2025-21980 sched: address a potential NULL pointer dereference in the GRED scheduler.

In the Linux kernel, the following vulnerability has been resolved: sched: address a potential NULL pointer dereference in the GRED scheduler. If kzalloc in gredinit returns a NULL pointer, the code follows the error handling path, invoking greddestroy. This, in turn, calls gredoffload, where...