kernel: bpf, verifier: Fix memory leak in array reallocation for stack state

A flaw was found in the eBPF subsystem in the Linux kernel. An incorrect logic in a helper function for memory reallocation can cause memory leaks when a memory allocation error occurs, potentially leading to system instability and a denial of service...

kernel: USB: ULPI: fix memory leak with using debugfs_lookup()

In the Linux kernel, the following vulnerability has been resolved: USB: ULPI: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove instead whi...

kernel: drm/amdkfd: Fix memory leakage

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix memory leakage This patch fixes potential memory leakage and seg fault in gpuvmimportdmabuf function...

kernel: selinux: enable use of both GFP_KERNEL and GFP_ATOMIC in convert_context()

In the Linux kernel, the following vulnerability has been resolved: selinux: enable use of both GFPKERNEL and GFPATOMIC in convertcontext The following warning was triggered on a hardware environment: SELinux: Converting 162 SID table entries... BUG: sleeping function called from invalid context ...

kernel: mm/vmemmap/devdax: fix kernel crash when probing devdax devices

A flaw was discovered in the device DAX devdax probing implementation of the Linux kernel memory management subsystem mm/vmemmap/devdax. Under specific architecture configurations for example POWER9 with hash MMU, the code path in vmemmappopulatecompoundpages did not properly account for...

PT-2025-26033 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A memory leak issue has been identified in the Linux kernel when using fscache. Specifically, when the 'index == next cached' case is encountered, a refcount leak on the struct page...

A use-after-free vulnerability was found in the Netfilter subsystem of the Linux kernel when processing batch requests to update nf_tables configuration. (CVE-2023-32233)

In the Linux kernel through 6.3.1, a use-after-free in Netfilter nftables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled...

Rocky Linux 8 : kernel (RLSA-2022:5316)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:5316 advisory. - A buffer over-read at the framebuffer layer in the fbcon code in the Linux kernel before 5.8.15 could be used by local attackers to read kernel memory...

Rocky Linux 8 : kernel-rt (RLSA-2022:5344)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:5344 advisory. - A buffer over-read at the framebuffer layer in the fbcon code in the Linux kernel before 5.8.15 could be used by local attackers to read kernel memory...

SUSE-SU-2023:4351-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-3777: Fixed a use-after-free vulnerability in netfilter: nftables component can be exploited to achieve local privilege escalation. bsc1215095 -...

Researchers Find 34 Windows Drivers Vulnerable to Full Device Takeover

As many as 34 unique vulnerable Windows Driver Model WDM and Windows Driver Frameworks WDF drivers could be exploited by non-privileged threat actors to gain full control of the devices and execute arbitrary code on the underlying systems. "By exploiting the drivers, an attacker without privilege...

SUSE CVE-2017-2618

A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files before 4.9.10. An empty null write to this file can crash the system by causing the system to attempt to access unmapped kernel memory...

DEBIAN-CVE-2023-46813

An issue was discovered in the Linux kernel before 6.5.9, exploitable by local users with userspace access to MMIO registers. Incorrect access checking in the VC handler and instruction emulation of the SEV-ES emulation of MMIO accesses could lead to arbitrary write access to kernel memory and th...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an incorrect access check in the VC handler and an instruction emulation of SEV-ES emulation of MMIO access...

CLSA-2023-1698306895 Fix of 7 CVEs

CVE-2023-0597 // CVE-url: https://ubuntu.com/security/CVE-2023-0597 - x86/kasan: Map shadow for percpu pages on demand - x86/mm: Recompute physical address for every page of per-CPU CEA mapping - x86/mm: Populate KASAN shadow for entire per-CPU range of CPU entry area - x86/mm: Do not shuffle CPU...

macOS 13.x < 13.6.1 Multiple Vulnerabilities (HT213985)

The remote host is running a version of macOS / Mac OS X that is 13.x prior to 13.6.1. It is, therefore, affected by multiple vulnerabilities: - The issue was addressed with improved memory handling. This issue is fixed in iOS 17.1 and iPadOS 17.1, macOS Monterey 12.7.1, iOS 16.7.2 and iPadOS...

Ubuntu: Security Advisory (USN-6416-3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

kernel: netfilter: use-after-free in nf_tables when processing batch requests can lead to privilege escalation

A use-after-free vulnerability was found in the Netfilter subsystem of the Linux kernel when processing batch requests to update nftables configuration. This vulnerability can be abused to perform arbitrary reads and writes in kernel memory. A local user with CAPNETADMIN capability could use this...

kernel: netfilter: use-after-free in nf_tables when processing batch requests can lead to privilege escalation

A use-after-free vulnerability was found in the Netfilter subsystem of the Linux kernel when processing batch requests to update nftables configuration. This vulnerability can be abused to perform arbitrary reads and writes in kernel memory. A local user with CAPNETADMIN capability could use this...

kernel: use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c

A use-after-free flaw was found in the Linux kernel's implementation of logical link control and adaptation protocol L2CAP, part of the Bluetooth stack in the l2capconnect and l2capleconnectreq functions. An attacker with physical access within the range of standard Bluetooth transmission could...