380 matches found
CVE-2026-23201
In the Linux kernel, the following vulnerability has been resolved: ceph: fix oops due to invalid pointer for kfree in parselongname This fixes a kernel oops when reading ceph snapshot directories .snap, for example by simply running ls /mnt/myceph/.snap. The variable str is guarded by freekfree,...
CVE-2026-23201 ceph: fix oops due to invalid pointer for kfree() in parse_longname()
In the Linux kernel, the following vulnerability has been resolved: ceph: fix oops due to invalid pointer for kfree in parselongname This fixes a kernel oops when reading ceph snapshot directories .snap, for example by simply running ls /mnt/myceph/.snap. The variable str is guarded by freekfree,...
EUVD-2026-5874
In the Linux kernel, the following vulnerability has been resolved: drm/xe/nvm: Fix double-free on aux add failure After a successful auxiliarydeviceinit, auxdev-dev.release xenvmreleasedev is responsible for the kfreenvm. When there is failure with auxiliarydeviceadd, driver will call...
CVE-2026-23162 drm/xe/nvm: Fix double-free on aux add failure
In the Linux kernel, the following vulnerability has been resolved: drm/xe/nvm: Fix double-free on aux add failure After a successful auxiliarydeviceinit, auxdev-dev.release xenvmreleasedev is responsible for the kfreenvm. When there is failure with auxiliarydeviceadd, driver will call...
CVE-2026-23046
In the Linux kernel, the following vulnerability has been resolved: virtionet: fix device mismatch in devmkzalloc/devmkfree Initial rsshdr allocation uses virtiodevice-device, but virtnetsetqueues frees using netdevice-device. This device mismatch causing below devres warning 3788.514041...
CVE-2026-23046
CVE-2026-23046 relates to a Linux kernel vulnerability in virtio_net where an allocation (rss_hdr) used virtio_device->device but deallocation used net_device->device, causing devres warnings. Multiple connected advisories (SUSE, Red Hat, Ubuntu, Debian, OSV, NVD) confirm the fix: the alloc...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005035)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005035 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix memory leak why Resource release is needed on the error handling path to...
SUSE CVE-2025-71151
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix memory and information leak in smb3reconfigure In smb3reconfigure, if smb3syncsessionctxpasswords fails, the function returns immediately without freeing and erasing the newly allocated newpassword and newpassword2. Thi...
CVE-2025-71151
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix memory and information leak in smb3reconfigure In smb3reconfigure, if smb3syncsessionctxpasswords fails, the function returns immediately without freeing and erasing the newly allocated newpassword and newpassword2. Thi...
CVE-2025-71151 cifs: Fix memory and information leak in smb3_reconfigure()
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix memory and information leak in smb3reconfigure In smb3reconfigure, if smb3syncsessionctxpasswords fails, the function returns immediately without freeing and erasing the newly allocated newpassword and newpassword2. Thi...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004184)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004184 advisory. In auditfreelsmfield of auditfilter.c, there is a possible bad kfree due to a logic error in auditdatatoentry. This could lead to local escalation of privilege with ...
CVE-2020-10841
An issue was discovered on Samsung mobile devices with P9.0 and Q10.0 Exynos 9610 chipsets software. There is an arbitrary kfree in the vipx and vertex drivers. The Samsung ID is SVE-2019-16294 February 2020...
PT-2026-8209
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's Ceph implementation where an invalid pointer is passed to the kfree function within the parse longname function. This occurs when reading Ceph snapsho...
PT-2026-8132
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the unittest data add function within the Linux kernel. If of resolve phandles fails, the allocated unittest data is not freed, resulting in a memory leak. The fi...
SUSE CVE-2022-50873
In the Linux kernel, the following vulnerability has been resolved: vdpa/vpvdpa: fix kfree a wrong pointer in vpvdparemove In vpvdparemove, the code kfree&vpvdpamgtdev-mgtdev.idtable uses a reference of pointer as the argument of kfree, which is the wrong pointer and then may hit crash like this:...
EUVD-2022-55862
In the Linux kernel, the following vulnerability has been resolved: remoteproc: sysmon: fix memory leak in qcomaddsysmonsubdev The kfree should be called when ofirqgetbyname fails or devmrequestthreadedirq fails in qcomaddsysmonsubdev, otherwise there will be a memory leak, so add kfree to fix it...
CVE-2022-50873
In the Linux kernel, the following vulnerability has been resolved: vdpa/vpvdpa: fix kfree a wrong pointer in vpvdparemove In vpvdparemove, the code kfree&vpvdpamgtdev-mgtdev.idtable uses a reference of pointer as the argument of kfree, which is the wrong pointer and then may hit crash like this:...
UBUNTU-CVE-2022-50873
In the Linux kernel, the following vulnerability has been resolved: vdpa/vpvdpa: fix kfree a wrong pointer in vpvdparemove In vpvdparemove, the code kfree&vpvdpamgtdev-mgtdev.idtable uses a reference of pointer as the argument of kfree, which is the wrong pointer and then may hit crash like this:...
CVE-2022-50836
In the Linux kernel, the following vulnerability has been resolved: remoteproc: sysmon: fix memory leak in qcomaddsysmonsubdev The kfree should be called when ofirqgetbyname fails or devmrequestthreadedirq fails in qcomaddsysmonsubdev, otherwise there will be a memory leak, so add kfree to fix it...
CVE-2022-50873
CVE-2022-50873 affects the Linux kernel. In vp_vdpa_remove(), kfree is called with the address of vp_vdpa_mgtdev->mgtdev.id_table (a pointer’s address), which is the wrong pointer and can lead to a crash (example trace included). The advisory states this has been resolved via a kernel fix; rem...