379 matches found
CVE-2021-47426
In the Linux kernel, the following vulnerability has been resolved: bpf, s390: Fix potential memory leak about jitdata Make sure to free jitdata through kfree in the error path...
UBUNTU-CVE-2021-47426
In the Linux kernel, the following vulnerability has been resolved: bpf, s390: Fix potential memory leak about jitdata Make sure to free jitdata through kfree in the error path...
UBUNTU-CVE-2021-47364
In the Linux kernel, the following vulnerability has been resolved: comedi: Fix memory leak in compatinsnlist compatinsnlist handles the 32-bit version of the COMEDIINSNLIST ioctl whenwhen CONFIGCOMPAT is enabled. It allocates memory to temporarily hold an array of struct comediinsn converted fro...
CVE-2021-47426 bpf, s390: Fix potential memory leak about jit_data
In the Linux kernel, the following vulnerability has been resolved: bpf, s390: Fix potential memory leak about jitdata Make sure to free jitdata through kfree in the error path...
CVE-2021-47426
CVE-2021-47426 affects the Linux kernel (bpf, s390) with a memory leak in jit_data. The issue occurs in the error path and is resolved by freeing jit_data with kfree() to prevent leaks. The provided metrics indicate local access, low attack complexity, and low privileges needed, with no confident...
CVE-2021-47426 bpf, s390: Fix potential memory leak about jit_data
In the Linux kernel, the following vulnerability has been resolved: bpf, s390: Fix potential memory leak about jitdata Make sure to free jitdata through kfree in the error path...
CVE-2021-47364 comedi: Fix memory leak in compat_insnlist()
In the Linux kernel, the following vulnerability has been resolved: comedi: Fix memory leak in compatinsnlist compatinsnlist handles the 32-bit version of the COMEDIINSNLIST ioctl whenwhen CONFIGCOMPAT is enabled. It allocates memory to temporarily hold an array of struct comediinsn converted fro...
CVE-2021-47364
Summary (CVE-2021-47364) The Linux kernel vulnerability in the comedi subsystem affects the 32-bit version of the COMEDI_INSNLIST ioctl when CONFIG_COMPAT is enabled. The issue is a memory leak in compat_insnlist(): memory was allocated to hold a converted array of struct comedi_insn and only fre...
CVE-2021-47364
In the Linux kernel, the following vulnerability has been resolved: comedi: Fix memory leak in compatinsnlist compatinsnlist handles the 32-bit version of the COMEDIINSNLIST ioctl whenwhen CONFIGCOMPAT is enabled. It allocates memory to temporarily hold an array of struct comediinsn converted fro...
CVE-2021-47364 comedi: Fix memory leak in compat_insnlist()
In the Linux kernel, the following vulnerability has been resolved: comedi: Fix memory leak in compatinsnlist compatinsnlist handles the 32-bit version of the COMEDIINSNLIST ioctl whenwhen CONFIGCOMPAT is enabled. It allocates memory to temporarily hold an array of struct comediinsn converted fro...
CVE-2021-47305 dma-buf/sync_file: Don't leak fences on merge failure
In the Linux kernel, the following vulnerability has been resolved: dma-buf/syncfile: Don't leak fences on merge failure Each addfence call does a dmafenceget on the relevant fence. In the error path, we weren't calling dmafenceput so all those fences got leaked. Also, in the kreallocarray failur...
CVE-2021-47258 scsi: core: Fix error handling of scsi_host_alloc()
In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix error handling of scsihostalloc After device is initialized via deviceinitialize, or its name is set via devsetname, the device has to be freed via putdevice. Otherwise device name will be leaked because it is...
CVE-2021-47258 scsi: core: Fix error handling of scsi_host_alloc()
In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix error handling of scsihostalloc After device is initialized via deviceinitialize, or its name is set via devsetname, the device has to be freed via putdevice. Otherwise device name will be leaked because it is...
CVE-2024-35816
A vulnerability was found in the Linux kernel's FireWire OHCI driver, which could lead to a resource leak by leaving behind an interrupt request IRQ when a device is unbound. This issue may cause instability or improper handling of IRQs, potentially affecting system performance or reliability...
CVE-2024-35832 bcachefs: kvfree bch_fs::snapshots in bch2_fs_snapshots_exit
In the Linux kernel, the following vulnerability has been resolved: bcachefs: kvfree bchfs::snapshots in bch2fssnapshotsexit bchfs::snapshots is allocated by kvzalloc in snapshottmut. It should be freed by kvfree not kfree. Or umount will triger: 406.829178 BUG: unable to handle page fault for...
CVE-2024-35811
In Astra Linux advisories, the brcm80211 component of the Linux kernel (brcmfmac) is affected by a use-after-free in brcmf_cfg80211_detach when a USB disconnect occurs (hotplug). The vulnerability stems from the cfg80211 detach path where a timer and its worker may still run after cfg is freed (c...
SUSE CVE-2024-27395
In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: Fix Use-After-Free in ovsctexit Since kfreercu, which is called in the hlistforeachentryrcu traversal of ovsctlimitexit, is not part of the RCU read critical section, it is possible that the RCU grace period wil...
CVE-2024-27392
In the Linux kernel, the following vulnerability has been resolved: nvme: host: fix double-free of struct nvmeidns in nsupdatenuse When nvmeidentifyns fails, it frees the pointer to the struct nvmeidns before it returns. However, nsupdatenuse calls kfree for the pointer even when nvmeidentifyns...
UBUNTU-CVE-2024-27392
In the Linux kernel, the following vulnerability has been resolved: nvme: host: fix double-free of struct nvmeidns in nsupdatenuse When nvmeidentifyns fails, it frees the pointer to the struct nvmeidns before it returns. However, nsupdatenuse calls kfree for the pointer even when nvmeidentifyns...
CVE-2024-27074
In the Linux kernel, the following vulnerability has been resolved: media: go7007: fix a memleak in go7007loadencoder In go7007loadencoder, bouncei.e. go-bootfw, is allocated without a deallocation thereafter. After the following call chain: saa7134go7007init |- go7007bootencoder |-...