CVE-2022-50346 ext4: init quota for 'old.inode' in 'ext4_rename'

In the Linux kernel, the following vulnerability has been resolved: ext4: init quota for 'old.inode' in 'ext4rename' Syzbot found the following issue: ext4parseparam: swantextraisize=128 ext4inodeinfoinit: swantextraisize=32 ext4rename: old.inode=ffff88823869a2c8 old.dir=ffff888238699828...

CVE-2022-50342 floppy: Fix memory leak in do_floppy_init()

In the Linux kernel, the following vulnerability has been resolved: floppy: Fix memory leak in dofloppyinit A memory leak was reported when floppyallocdisk failed in dofloppyinit. unreferenced object 0xffff888115ed25a0 size 8: comm "modprobe", pid 727, jiffies 4295051278 age 25.529s hex dump firs...

CVE-2022-50342 floppy: Fix memory leak in do_floppy_init()

In the Linux kernel, the following vulnerability has been resolved: floppy: Fix memory leak in dofloppyinit A memory leak was reported when floppyallocdisk failed in dofloppyinit. unreferenced object 0xffff888115ed25a0 size 8: comm "modprobe", pid 727, jiffies 4295051278 age 25.529s hex dump firs...

CVE-2022-50339 Bluetooth: avoid hci_dev_test_and_set_flag() in mgmt_init_hdev()

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: avoid hcidevtestandsetflag in mgmtinithdev syzbot is again reporting attempt to cancel uninitialized work at mgmtindexremoved 1, for setting of HCIMGMT flag from mgmtinithdev from hcimgmtcmd from hcisocksendmsg can rac...

CVE-2022-50340 media: vimc: Fix wrong function called when vimc_init() fails

In the Linux kernel, the following vulnerability has been resolved: media: vimc: Fix wrong function called when vimcinit fails In vimcinit, when platformdriverregister&vimcpdrv fails, platformdriverunregister&vimcpdrv is wrongly called rather than platformdeviceunregister&vimcpdev, which causes...

CVE-2022-50340 media: vimc: Fix wrong function called when vimc_init() fails

In the Linux kernel, the following vulnerability has been resolved: media: vimc: Fix wrong function called when vimcinit fails In vimcinit, when platformdriverregister&vimcpdrv fails, platformdriverunregister&vimcpdrv is wrongly called rather than platformdeviceunregister&vimcpdev, which causes...

CVE-2022-50340 media: vimc: Fix wrong function called when vimc_init() fails

In the Linux kernel, the following vulnerability has been resolved: media: vimc: Fix wrong function called when vimcinit fails In vimcinit, when platformdriverregister&vimcpdrv fails, platformdriverunregister&vimcpdrv is wrongly called rather than platformdeviceunregister&vimcpdev, which causes...

CVE-2022-50339 Bluetooth: avoid hci_dev_test_and_set_flag() in mgmt_init_hdev()

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: avoid hcidevtestandsetflag in mgmtinithdev syzbot is again reporting attempt to cancel uninitialized work at mgmtindexremoved 1, for setting of HCIMGMT flag from mgmtinithdev from hcimgmtcmd from hcisocksendmsg can rac...

CVE-2022-50340

CVE-2022-50340 affects the vimc hardware-media driver in the Linux kernel. The issue arises in vimc_init(): if platform_driver_register(&vimc_pdrv) fails, the code incorrectly calls platform_driver_unregister(&vimc_pdrv) instead of platform_device_unregister(&vimc_pdev), causing a kernel warning ...

CVE-2025-36244

CVE-2025-36244 : IBM AIX/VIOS Kerberos vulnerability allowing a local user to write to arbitrary files with root privileges due to improper initialization of critical variables. Affected: AIX 7.2, 7.3; VIOS 3.1, 4.1; vulnerable fileset: krb5.client.rte (1.16.1.0–1.16.1.7). CVSS base score 7.4 (HI...

CVE-2025-36244 IBM AIX privilege escalation

IBM AIX 7.2, 7.3, IBM VIOS 3.1, and 4.1, when configured to use Kerberos network authentication, could allow a local user to write to files on the system with root privileges due to improper initialization of critical variables...

UBUNTU-CVE-2025-39812

In the Linux kernel, the following vulnerability has been resolved: sctp: initialize more fields in sctpv6fromsk syzbot found that sin6scopeid was not properly initialized, leading to undefined behavior. Clear sin6scopeid and sin6flowinfo. BUG: KMSAN: uninit-value in sctpv6cmpaddr+0x887/0x8c0...

CVE-2025-39830 net/mlx5: HWS, Fix memory leak in hws_pool_buddy_init error path

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: HWS, Fix memory leak in hwspoolbuddyinit error path In the error path of hwspoolbuddyinit, the buddy allocator cleanup doesn't free the allocator structure itself, causing a memory leak. Add the missing kfree to properl...

CVE-2025-39812 sctp: initialize more fields in sctp_v6_from_sk()

In the Linux kernel, the following vulnerability has been resolved: sctp: initialize more fields in sctpv6fromsk syzbot found that sin6scopeid was not properly initialized, leading to undefined behavior. Clear sin6scopeid and sin6flowinfo. BUG: KMSAN: uninit-value in sctpv6cmpaddr+0x887/0x8c0...

UBUNTU-CVE-2023-53278

In the Linux kernel, the following vulnerability has been resolved: ubifs: Fix memory leak in ubifssysfsinit When insmod ubifs.ko, a kmemleak reported as below: unreferenced object 0xffff88817fb1a780 size 8: comm "insmod", pid 25265, jiffies 4295239702 age 100.130s hex dump first 8 bytes: 75 62 6...

CVE-2023-53284 drm/msm/dpu: check for null return of devm_kzalloc() in dpu_writeback_init()

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: check for null return of devmkzalloc in dpuwritebackinit Because of the possilble failure of devmkzalloc, dpuwbconn might be NULL and will cause null pointer dereference later. Therefore, it might be better to check ...

CVE-2023-53278

CVE-2023-53278 affects the Linux kernel in the ubifs subsystem, specifically a memory leak in ubifs_sysfs_init() that occurs when insmod ubifs.ko is loaded. The entry states the vulnerability has been resolved via a fix for the memory leak, with the observable kmemleak report and backtrace indica...

CVE-2023-53278 ubifs: Fix memory leak in ubifs_sysfs_init()

In the Linux kernel, the following vulnerability has been resolved: ubifs: Fix memory leak in ubifssysfsinit When insmod ubifs.ko, a kmemleak reported as below: unreferenced object 0xffff88817fb1a780 size 8: comm "insmod", pid 25265, jiffies 4295239702 age 100.130s hex dump first 8 bytes: 75 62 6...

PT-2025-38008

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw related to Bluetooth functionality. Specifically, a race condition can occur within the mgmt init hdev function due to the lack of serialization via hc...

PT-2025-37994

Name of the Vulnerable Software and Affected Versions: IBM AIX versions 7.2 through 7.3 IBM VIOS versions 3.1 through 4.1 Description: IBM AIX and VIOS, when configured to use Kerberos network authentication, may allow a local user to gain root privileges by writing to files on the system due to...