SUSE CVE-2024-47694

In the Linux kernel, the following vulnerability has been resolved: IB/mlx5: Fix UMR pd cleanup on error flow of driver init The cited commit moves the pd allocation from function mlx5rumrresourcecleanup to a new function mlx5rumrcleanup. So the fix in commit 1 is broken. In error flow, will hit...

DEBIAN-CVE-2024-47665

In the Linux kernel, the following vulnerability has been resolved: i3c: mipi-i3c-hci: Error out instead on BUGON in IBI DMA setup Definitely condition dmagetcachealignment defined value 256 during driver initialization is not reason to BUGON. Turn that to graceful error out with -EINVAL...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not ensuring that a vmapblock is initialized before adding it to a queue...

SUSE-SU-2024:3195-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-41062: Sync sock recv cb and release bsc1228576. - CVE-2023-52489: Fix race in accessing memorysection-usage bsc1221326. - CVE-2024-43821: Fix a possible...

UBUNTU-CVE-2024-45615

A vulnerability was found in OpenSC, OpenSC tools, PKCS11 module, minidriver, and CTK. The problem is missing initialization of variables expected to be initialized as arguments to other functions, etc...

UBUNTU-CVE-2022-48879

In the Linux kernel, the following vulnerability has been resolved: efi: fix NULL-deref in init error path In cases where runtime services are not supported or have been disabled, the runtime services workqueue will never have been allocated. Do not try to destroy the workqueue unconditionally in...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from a null pointer dereference issue in the initialization error path of the efi component...

DEBIAN-CVE-2024-39296

In the Linux kernel, the following vulnerability has been resolved: bonding: fix oops during rmmod "rmmod bonding" causes an oops ever since commit cc317ea3d927 "bonding: remove redundant NULL check in debugfs function". Here are the relevant functions being called: bondingexit bonddestroydebugfs...

kernel: ipmi_si: fix a memleak in try_smi_init()

A memory leak flaw was found in the Linux kernel's IPMI System Interface driver in the initialization error path. A local user can trigger this issue by loading the ipmisi module when initialization fails after allocating the sism structure but before registering the shutdown handler. This causes...

CVE-2024-27059 USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command

In the Linux kernel, the following vulnerability has been resolved: USB: usb-storage: Prevent divide-by-0 error in isd200atacommand The isd200 sub-driver in usb-storage uses the HEADS and SECTORS values in the ATA ID information to calculate cylinder and head values when creating a CDB for READ o...

DEBIAN-CVE-2024-26983

In the Linux kernel, the following vulnerability has been resolved: bootconfig: use memblockfreelate to free xbc memory to buddy On the time to free xbc memory in xbcexit, memblock may has handed over memory to buddy allocator. So it doesn't make sense to free memory back to memblock. memblockfre...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from an initialization error...

CVE-2021-47139

In the Linux kernel, the following vulnerability has been resolved: net: hns3: put off calling registernetdev until client initialize complete Currently, the netdevice is registered before client initializing complete. So there is a timewindow between netdevice available and usable. In this case,...

DEBIAN-CVE-2024-28084

p2putil.c in iNet wireless daemon IWD through 2.15 allows attackers to cause a denial of service daemon crash or possibly have unspecified other impact because of initialization issues in situations where parsing of advertised service information fails...

kernel: drm/amd: fix potential memory leak

A memory leak was found in the Linux kernel's AMD display driver in the clock source initialization logic. When the initialization function encounters an error in its final return path, allocated memory for the clksrc structure is not freed before returning NULL. This results in leaked memory tha...

kernel: iommu/vt-d: Clean up si_domain in the init_dmars() error path

A memory leak flaw was found in the Linux kernel's Intel VT-d IOMMU driver in the initialization error path. A local user can trigger this issue when the initdmars function fails during IOMMU setup, causing the sidomain memory to remain allocated without being freed. This results in a permanent...

kernel: dm stats: check for and propagate alloc_percpu failure

In the Linux kernel, the following vulnerability has been resolved: dm stats: check for and propagate allocpercpu failure Check allocprecpu's return value and return an error from dmstatsinit if it fails. Update allocdev to fail if dmstatsinit does. Otherwise, a NULL pointer dereference will occu...

Intel(R) NUC BIOS firmware security vulnerability

The Intel NUC is a small minicomputer from Intel Corporation USA. A security vulnerability exists in the IntelR NUC BIOS firmware that originates from improper initialization. An attacker can exploit the vulnerability to obtain sensitive information...

Function initialize Not Work

Lines of code Vulnerability details Impact As mentioned in the comment of the function initialize, "This is called right after deployment by the LensHub, so we can skip the onlyHub check". However, when the contract FollowNFT is deployed, the state variable initialized is set to true in the...

PT-2025-53183

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists within the mlx5e init rep rx function in the net/mlx55 module. Specifically, the memory allocated and pointed to by the rx res pointer is not freed during error...