CVE-2025-21599

CVE-2025-21599 affects Juniper Networks Junos OS Evolved. The vulnerability is in the Juniper Tunnel Driver (jtd) where a memory misreference occurs after handling certain malformed IPv6 packets, causing kernel memory not to be freed and leading to memory exhaustion and a Denial of Service. Affec...

Juniper Networks Junos OS Evolved 安全漏洞

Juniper Networks Junos OS Evolved is an upgraded version of Juniper Networks' Junos OS. A memory misreference vulnerability exists in Juniper Networks Junos OS Evolved, which arises from a failure to free kernel memory when processing certain malformed IPv6 packets, and can be exploited by an...

Important: kernel

Issue Overview: ntfs3 in the Linux kernel through 6.8.0 allows a physically proximate attacker to read kernel memory by mounting a filesystem e.g., if a Linux distribution is configured to allow unprivileged mounts of removable media and then leveraging local access to trigger an out-of-bounds...

CVE-2024-56779

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix nfs4openowner leak when concurrent nfsd4open occur The action force umountumount -f will attempt to kill all rpctask even umount operation may ultimately fail if some files remain open. Consequently, if an action attemp...

CVE-2024-56772 kunit: string-stream: Fix a UAF bug in kunit_init_suite()

In the Linux kernel, the following vulnerability has been resolved: kunit: string-stream: Fix a UAF bug in kunitinitsuite In kunitdebugfscreatesuite, if allocstringstream fails in the kunitsuiteforeachtestcase loop, the "suite-log = stream" has assigned before, and the error path only free the...

PT-2025-37957

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw was discovered in the Linux kernel related to the initialization of fields within the sctp v6 from sk function in the SCTP Stream Control Transmission Protocol implementation...

PT-2026-20441

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.14.0-284.11.1.el9 2 Description The Linux kernel contains a flaw related to the qla2xxx SCSI driver. A system crash can occur during load/unload testing due to improper handling of memory allocation and...

PT-2026-2866

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.17.0-rc4 Description The Linux kernel had an issue in the f2fs file system related to the management of slab caches for extended attributes. Specifically, the system was creating per-superblock slab caches, whi...

PT-2025-30784

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the ECC engine configuration during spinand cleanup. Memory allocated for the ECC engine configuration is not released, leading to a memory leak. The issue is...

CVE-2024-56748

In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Fix a possible memory leak in qedfallocandinitsb Hook "qedops-common-sbinit = qedsbinit" does not release the DMA memory sbvirt when it fails. Add dmafreecoherent to free it. This is the same way as qedrallocmemsb and...

CVE-2024-56746 fbdev: sh7760fb: Fix a possible memory leak in sh7760fb_alloc_mem()

In the Linux kernel, the following vulnerability has been resolved: fbdev: sh7760fb: Fix a possible memory leak in sh7760fballocmem When information such as info-screenbase is not ready, calling sh7760fbfreemem does not release memory correctly. Call dmafreecoherent instead...

CVE-2024-56745 PCI: Fix reset_method_store() memory leak

In the Linux kernel, the following vulnerability has been resolved: PCI: Fix resetmethodstore memory leak In resetmethodstore, a string is allocated via kstrndup and assigned to the local "options". options is then used in with strsep to find spaces: while name = strsep&options, " " != NULL If...

CVE-2024-56730 net/9p/usbg: fix handling of the failed kzalloc() memory allocation

In the Linux kernel, the following vulnerability has been resolved: net/9p/usbg: fix handling of the failed kzalloc memory allocation On the linux-next, next-20241108 vanilla kernel, the coccinelle tool gave the following error report: ./net/9p/transusbg.c:912:5-11: ERROR: allocation function on...

CVE-2024-56712

In the Linux kernel, the following vulnerability has been resolved: udmabuf: fix memory leak on last exportudmabuf error path In exportudmabuf, if dmabuffd fails because the FD table is full, a dmabuf owning the udmabuf has already been created; but the error handling in udmabufcreate will tear...

DEBIAN-CVE-2024-56701

In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Fix dtlaccesslock to be a rwsemaphore The dtlaccesslock needs to be a rwsempahore, a sleeping lock, because the code calls kmalloc while holding it, which can sleep: echo 1 /proc/powerpc/vcpudispatchstats BUG:...

DEBIAN-CVE-2024-56677

In the Linux kernel, the following vulnerability has been resolved: powerpc/fadump: Move fadumpcmainit to setuparch after initmeminit During early init CMAMINALIGNMENTBYTES can be PAGESIZE, since pageblockorder is still zero and it gets initialized later during initmeminit e.g. setuparch -...

CVE-2024-56695 drm/amdkfd: Use dynamic allocation for CU occupancy array in 'kfd_get_cu_occupancy()'

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Use dynamic allocation for CU occupancy array in 'kfdgetcuoccupancy' The kfdgetcuoccupancy function previously declared a large cuoccupancy array as a local variable, which could lead to stack overflows due to excessi...

SUSE CVE-2024-53166

In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix bfqq uaf in bfqlimitdepth Set new allocated bfqq to bic or remove freed bfqq from bic are both protected by bfqd-lock, however bfqlimitdepth is deferencing bfqq from bic without the lock, this can lead to UAF if t...

SUSE CVE-2024-53219

In the Linux kernel, the following vulnerability has been resolved: virtiofs: use pages instead of pointer for kernel direct IO When trying to insert a 10MB kernel module kept in a virtio-fs with cache disabled, the following warning was reported: ------------ cut here ------------ WARNING: CPU: ...

SUSE CVE-2024-56544

In the Linux kernel, the following vulnerability has been resolved: udmabuf: change folios array from kmalloc to kvmalloc When PAGESIZE 4096, MAXPAGEORDER 10, 64bit machine, pagealloc only support 4MB. If above this, trigger this warn and return NULL. udmabuf can change size limit, if change it t...