31 matches found
CVE-2026-43148
In the Linux kernel, the following vulnerability has been resolved: powerpc/smp: Add check for kcalloc failure in parsethreadgroups As kcalloc may fail, check its return value to avoid a NULL pointer dereference when passing it to ofpropertyreadu32array...
CVE-2026-43105
The CVE-2026-43105 issue affects the Linux kernel’s DRM VC4 driver. The root cause is a memory leak where the hang state’s BO array is allocated with kzalloc() in vc4_save_hang_state() but is not freed in vc4_free_hang_state(), leaving memory allocated when the hang state is freed. A kfree() for ...
CVE-2025-47407
Memory corruption while creating a process on the digital signal processor due to allocation failure at the kernel level...
CVE-2025-47407
CVE-2025-47407 describes a memory corruption in the DSP service during process creation caused by an allocation failure at the kernel level, linked to a TOCTOU race condition. Connected records identify a kernel-level allocation failure as the underlying trigger and the DSP service as the affecte...
CVE-2025-47407 Time-of-check Time-of-use (TOCTOU) Race Condition in DSP Service
Memory corruption while creating a process on the digital signal processor due to allocation failure at the kernel level...
CVE-2025-47407 Time-of-check Time-of-use (TOCTOU) Race Condition in DSP Service
Memory corruption while creating a process on the digital signal processor due to allocation failure at the kernel level...
EUVD-2025-209632
Memory corruption while creating a process on the digital signal processor due to allocation failure at the kernel level...
PT-2026-36843
Memory corruption while creating a process on the digital signal processor due to allocation failure at the kernel level...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: net: sched: schmultiq: fix possible OOB write in multiqtune q-bands will be assigned to qopt-bands to execute subsequent code logic after kmalloc. So the old q-bands should not be used in kmalloc. Otherwise, an out-of-bounds writ...
UBUNTU-CVE-2026-23385
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: clone set on flush only Syzbot with fault injection triggered a failing memory allocation with GFPKERNEL which results in a WARN splat: iter.err WARNING: net/netfilter/nftablesapi.c:845 at...
CVE-2026-23206
In the Linux kernel, the following vulnerability has been resolved: dpaa2-switch: prevent ZEROSIZEPTR dereference when numifs is zero The driver allocates arrays for ports, FDBs, and filter blocks using kcalloc with ethsw-swattr.numifs as the element count. When the device reports zero interfaces...
SUSE CVE-2026-23018
In the Linux kernel, the following vulnerability has been resolved: btrfs: release path before initializing extent tree in btrfsreadlockedinode In btrfsreadlockedinode we are calling btrfsinitfileextenttree while holding a path with a read locked leaf from a subvolume tree, and...
CVE-2026-23018 btrfs: release path before initializing extent tree in btrfs_read_locked_inode()
In the Linux kernel, the following vulnerability has been resolved: btrfs: release path before initializing extent tree in btrfsreadlockedinode In btrfsreadlockedinode we are calling btrfsinitfileextenttree while holding a path with a read locked leaf from a subvolume tree, and...
CVE-2022-50867 drm/msm/a6xx: Fix kvzalloc vs state_kcalloc usage
In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: Fix kvzalloc vs statekcalloc usage adrenoshowobject is a trap! It will re-allocate the pointer it is passed on first call, when the data is ascii85 encoded, using kvmalloc/ kvfree. Which means the data passed to it...
CVE-2022-50713
In the Linux kernel, the following vulnerability has been resolved: clk: visconti: Fix memory leak in viscontiregisterpll @pll-ratetable has allocated memory by kmemdup, if clkhwregister fails, it should be freed, otherwise it will cause memory leak issue, this patch fixes it...
SUSE CVE-2025-68309
In the Linux kernel, the following vulnerability has been resolved: PCI/AER: Fix NULL pointer access by aerinfo The kzallocGFPKERNEL may return NULL, so all accesses to aerinfo-xxx will result in kernel panic. Fix it...
CVE-2025-40052
CVE-2025-40052 (Linux kernel, SMB/CIFS crypto path) fixes a bug where aead_request context could end up in vmalloc memory, causing sg_set_buf() to crash when virt_addr_valid(buf) fails under heavy parallel I/O. Root cause: creq allocation used kvzalloc(), potentially placing __ctx in vmalloc area...
Linux Distros Unpatched Vulnerability : CVE-2025-40052
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smb: client: fix crypto buffers in non-linear memory The crypto API, through the scatterlist API, expects input buffers to be in linear memory. We handle this...
CVE-2025-39935 ASoC: codec: sma1307: Fix memory corruption in sma1307_setting_loaded()
In the Linux kernel, the following vulnerability has been resolved: ASoC: codec: sma1307: Fix memory corruption in sma1307settingloaded The sma1307-set.headersize is how many integers are in the header there are 8 of them but instead of allocating space of 8 integers we allocate 8 bytes. This lea...
EUVD-2024-30781
Malicious code in bioql PyPI...