Lucene search
K

8 matches found

NVD
NVD
added 2026/06/08 5:16 p.m.10 views

CVE-2026-46283

In the Linux kernel, the following vulnerability has been resolved: tpm: Use kfreesensitive to free auth session in tpmdevrelease tpmdevrelease uses plain kfree to free chip-auth, which contains sensitive cryptographic material including HMAC session keys, nonces, and passphrase data struct...

0.00168EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/01/24 12:25 a.m.3 views

SUSE CVE-2025-71151

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix memory and information leak in smb3reconfigure In smb3reconfigure, if smb3syncsessionctxpasswords fails, the function returns immediately without freeing and erasing the newly allocated newpassword and newpassword2. Thi...

4.7CVSS5.2AI score0.00114EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/01/23 3:16 p.m.3 views

CVE-2025-71151

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix memory and information leak in smb3reconfigure In smb3reconfigure, if smb3syncsessionctxpasswords fails, the function returns immediately without freeing and erasing the newly allocated newpassword and newpassword2. Thi...

5.5CVSS5.9AI score0.00114EPSS
Exploits0References25
Cvelist
Cvelist
added 2026/01/23 2:15 p.m.25 views

CVE-2025-71151 cifs: Fix memory and information leak in smb3_reconfigure()

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix memory and information leak in smb3reconfigure In smb3reconfigure, if smb3syncsessionctxpasswords fails, the function returns immediately without freeing and erasing the newly allocated newpassword and newpassword2. Thi...

0.00114EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: nvmet-auth: Assign dhkey to NULL after kfreesensitive. ctrl-dhkey may be used across multiple calls to nvmetsetupdhgroup for the same controller. Therefore, it’s better to set it to NULL after a error-free release, in order to...

7.8CVSS6.2AI score0.00254EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/11/09 10:14 a.m.3 views

CVE-2024-50215 nvmet-auth: assign dh_key to NULL after kfree_sensitive

In the Linux kernel, the following vulnerability has been resolved: nvmet-auth: assign dhkey to NULL after kfreesensitive ctrl-dhkey might be used across multiple calls to nvmetsetupdhgroup for the same controller. So it's better to nullify it after release on error path in order to avoid double...

7.7AI score0.00254EPSS
Exploits0References4
OSV
OSV
added 2024/07/30 8:15 a.m.7 views

AZL-47344 CVE-2024-42158 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Use kfreesensitive to fix Coccinelle warnings Replace memzeroexplicit and kfree with kfreesensitive to fix warnings reported by Coccinelle: WARNING opportunity for kfreesensitive/kvfreesensitive line 1506 WARNING...

4.1CVSS5.8AI score0.00187EPSS
Exploits0References1
OSV
OSV
added 2024/07/30 8:15 a.m.5 views

UBUNTU-CVE-2024-42158

In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Use kfreesensitive to fix Coccinelle warnings Replace memzeroexplicit and kfree with kfreesensitive to fix warnings reported by Coccinelle: WARNING opportunity for kfreesensitive/kvfreesensitive line 1506 WARNING...

4.1CVSS5.8AI score0.00187EPSS
Exploits0References22
Rows per page
Query Builder