382 matches found
CVE-2026-53227
In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix possible kfreeskb of ERRPTR After the patch in the "Fixes" tag, the allocation of the "reply" skb can happen either before or after locking the ovsmutex. However, error cleanups still follow the classical...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: s390/ctcm: Fixed double-kfree issue. The function ‘mpcrcvdsweepreqmpcginfo’ is called conditionally from the function ‘ctcmpcunpackskb’. It frees the passed mpcginfo. After that, a call to the function ‘kfree’ within the function...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: rapidio: Replace riofreenet with kfree in rioscanallocnet. When the idtab allocation fails, the network is not yet registered with rioaddnet. Therefore, calling kfreenet is sufficient to release the memory. Set mport-net to NULL ...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fixed memory leak. Why Resource release is necessary on the error handling path to prevent memory leaks. How This issue was fixed by adding the kfree function to the error handling path...
Astra Linux – Vulnerability in Linux 5.15
A issue was discovered in ksmbd within the Linux kernel versions 5.15 through 5.19, prior to 5.19.2. The file fs/ksmbd/smb2pdu.c omits a kfree call in certain error conditions during the smb2handlenegotiate process, resulting in a memory leak...
CVE-2026-46283
In the Linux kernel, the following vulnerability has been resolved: tpm: Use kfreesensitive to free auth session in tpmdevrelease tpmdevrelease uses plain kfree to free chip-auth, which contains sensitive cryptographic material including HMAC session keys, nonces, and passphrase data struct...
CVE-2026-46183
In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs-schemes: protect path kfree with damonsysfslock damonsysfsquotgoal-path can be read and written by users, via DAMON sysfs 'path' file. It can also be indirectly read, for the parameters on,offline committing to...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of locking protection for the path kfree function in mm damon sysfs-schemes. This...
Linux Distros Unpatched Vulnerability : CVE-2026-45959
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: ccp - Fix a crash due to incorrect cleanup usage of kfree Annotating a local pointer variable, which will be assigned with the kmalloc-family functions,...
EUVD-2026-32243
In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix a crash due to incorrect cleanup usage of kfree Annotating a local pointer variable, which will be assigned with the kmalloc-family functions, with the cleanupkfree attribute will make the address of the local...
EUVD-2026-32388
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix memory leak in GETDATADIRECTSYSFSPATH handler The UVERBSHANDLERMLX5IBMETHODGETDATADIRECTSYSFSPATH function allocates memory for the device path using kobjectgetpath. If the length of the device path exceeds the...
CVE-2026-45959
In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix a crash due to incorrect cleanup usage of kfree Annotating a local pointer variable, which will be assigned with the kmalloc-family functions, with the cleanupkfree attribute will make the address of the local...
UBUNTU-CVE-2026-45959
In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix a crash due to incorrect cleanup usage of kfree Annotating a local pointer variable, which will be assigned with the kmalloc-family functions, with the cleanupkfree attribute will make the address of the local...
UBUNTU-CVE-2026-45853
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Use kvfree instead of kfree in amdgpugmcgetnpsmemranges amdgpudiscoverygetnpsinfo internally allocates memory for ranges using kvcalloc, which may use vmalloc for large allocation. Using kfree to release vmalloc memor...
CVE-2026-45959 crypto: ccp - Fix a crash due to incorrect cleanup usage of kfree
In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix a crash due to incorrect cleanup usage of kfree Annotating a local pointer variable, which will be assigned with the kmalloc-family functions, with the cleanupkfree attribute will make the address of the local...
CVE-2026-45959
In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix a crash due to incorrect cleanup usage of kfree Annotating a local pointer variable, which will be assigned with the kmalloc-family functions, with the cleanupkfree attribute will make the address of the local...
CVE-2026-45959
The CVE-2026-45959 issue affects the Linux kernel crypto: CCP driver. A local pointer annotated with __cleanup(kfree) could cause kfree to receive the local stack address instead of the allocated memory, leading to a crash. The underlying cause is incorrect cleanup usage; the repository indicates...
CVE-2026-45853
The CVE-2026-45853 issue is in the Linux kernel drm/amdgpu component. The function amdgpu_discovery_get_nps_info() allocates memory for ranges with kvcalloc() (potentially vmalloc), but frees it with kfree(), which may corrupt vmalloc memory. The documented fix is to use kvfree() to safely handle...
CVE-2026-45853
drm/amdgpu: Use kvfree instead of kfree in amdgpugmcgetnpsmemranges...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the incorrect use of the cleanupkfree attribute in the crypto/ccp driver. This improper usage...