DEBIAN-CVE-2024-26743

In the Linux kernel, the following vulnerability has been resolved: RDMA/qedr: Fix qedrcreateuserqp error flow Avoid the following warning by making sure to free the allocated resources in case that qedrinituserqueue fail. ----------- cut here ----------- WARNING: CPU: 0 PID: 143192 at...

UBUNTU-CVE-2024-26743

In the Linux kernel, the following vulnerability has been resolved: RDMA/qedr: Fix qedrcreateuserqp error flow Avoid the following warning by making sure to free the allocated resources in case that qedrinituserqueue fail. ----------- cut here ----------- WARNING: CPU: 0 PID: 143192 at...

Linux kernel security vulnerabilities

The Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A security vulnerability exists in the Linux kernel that stems from the initialization of vf2pflock in adfdevinit, which, when failed, leaves vf2pflock either uninitialized or destroyed , and...

CVE-2023-31346

Failure to initialize memory in SEV Firmware may allow a privileged attacker to access stale data from other guests...

kernel: drm/amdkfd: Fix double release compute pasid

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix double release compute pasid If kfdprocessdeviceinitvm returns failure after vm is converted to compute vm and vm-pasid set to compute pasid, KFD will not take pdd-drmfile reference. As a result, drm close file...

kernel: drm: amd: display: Fix memory leakage

A memory leak flaw was found in the Linux kernel's AMD display driver in the display context construction logic. A local user can trigger this issue during AMD GPU initialization when the dcconstructctx function fails to release allocated memory in error paths. This results in permanent memory...

kernel: ALSA: ymfpci: Fix BUG_ON in probe function

An assertion failure was found in the Linux kernel's Yamaha YMF sound card driver during buffer validation. The probe function includes a BUGON assertion that compares DMA buffer sizes without accounting for alignment, causing the assertion to fail when the aligned buffer size doesn't exactly mat...

kernel: net: wwan: iosm: fix NULL pointer dereference when removing device

In the Linux kernel, the following vulnerability has been resolved: net: wwan: iosm: fix NULL pointer dereference when removing device In suspend and resume cycle, the removal and rescan of device ends up in NULL pointer dereference. During driver initialization, if the ipcimemwwanchannelinit fai...

kernel: ixgbevf: Fix resource leak in ixgbevf_init_module()

In the Linux kernel, the following vulnerability has been resolved: ixgbevf: Fix resource leak in ixgbevfinitmodule ixgbevfinitmodule won't destroy the workqueue created by createsinglethreadworkqueue when pciregisterdriver failed. Add destroyworkqueue in fail path to prevent the resource leak...

kernel: perf/smmuv3: Fix hotplug callback leak in arm_smmu_pmu_init()

A resource-handling flaw was found in the Linux kernel performance monitoring driver for ARM System Memory Management Unit version 3 in the way hotplug callbacks are registered during driver initialization. If driver registration fails, previously added CPU hotplug callbacks are not removed,...

PT-2025-40703

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s wwan subsystem, specifically within the iosm component. During a suspend and resume cycle, a NULL pointer dereference can occur during device removal ...

kernel: Linux kernel: Memory leak in vdpa_sim leading to denial of service

A flaw was found in the vdpasim component of the Linux kernel. This memory leak vulnerability occurs when a module is probed and the deviceregister function fails within vdpasimnetinit or vdpasimblkinit. In such a scenario, the reference count of the kobject is not properly decreased, leading to...

kernel: drm/i915: fix a possible refcount leak in intel_dp_add_mst_connector()

In the Linux kernel, the following vulnerability has been resolved: drm/i915: fix a possible refcount leak in inteldpaddmstconnector If drmconnectorinit fails, intelconnectorfree will be called to take care of proper free. So it is necessary to drop the refcount of port before intelconnectorfree...

SUSE CVE-2009-1093

LdapCtx in the LDAP service in Java SE Development Kit JDK and Java Runtime Environment JRE 5.0 Update 17 and earlier; 6 Update 12 and earlier; SDK and JRE 1.3.124 and earlier; and 1.4.219 and earlier does not close the connection when initialization fails, which allows remote attackers to cause ...

SUSE CVE-2016-1686

The CPDFDIBSource::CreateDecoder function in core/fpdfapi/fpdfrender/fpdfrenderloadimage.cpp in PDFium, as used in Google Chrome before 51.0.2704.63, mishandles decoder-initialization failure, which allows remote attackers to cause a denial of service out-of-bounds read via a crafted PDF document...

ALPINE-CVE-2023-0401

A NULL pointer can be dereferenced when signatures are being verified on PKCS7 signed or signedAndEnveloped data. In case the hash algorithm used for the signature is known to the OpenSSL library but the implementation of the hash algorithm is not available the digest initialization will fail...

GSD-2023-1000274 Bluetooth: Fix not cleanup led when bt_init fails

Bluetooth: Fix not cleanup led when btinit fails This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.227 by commit...

GSD-2023-1000212 Bluetooth: Fix not cleanup led when bt_init fails

Bluetooth: Fix not cleanup led when btinit fails This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.159 by commit...

kernel: drm/virtio: Ensure that objs is not NULL in virtio_gpu_array_put_free()

A flaw was found in the virtio-gpu module in the Linux kernel. If the initialization fails, for example, due to a fault injection, a missing check in the virtiogpuarrayputfree function can cause a NULL pointer dereference, resulting in a denial of service...

kernel: drm/virtio: Ensure that objs is not NULL in virtio_gpu_array_put_free()

A flaw was found in the virtio-gpu module in the Linux kernel. If the initialization fails, for example, due to a fault injection, a missing check in the virtiogpuarrayputfree function can cause a NULL pointer dereference, resulting in a denial of service...