CVE-2025-38196

In the Linux kernel, the following vulnerability has been resolved: iouring/rsrc: validate buffer count with offset for cloning syzbot reports that it can trigger a WARNON for kmalloc attempt that's too big: WARNING: CPU: 0 PID: 6488 at mm/slub.c:5024 kvmallocnodenoprof+0x520/0x640 mm/slub.c:5024...

CVE-2025-38196 io_uring/rsrc: validate buffer count with offset for cloning

In the Linux kernel, the following vulnerability has been resolved: iouring/rsrc: validate buffer count with offset for cloning syzbot reports that it can trigger a WARNON for kmalloc attempt that's too big: WARNING: CPU: 0 PID: 6488 at mm/slub.c:5024 kvmallocnodenoprof+0x520/0x640 mm/slub.c:5024...

PT-2025-30805

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a memory leak in the nvmet subsystem related to bio integrity. When nvmet receives commands with metadata, a continuous memory leak occurs within the kmalloc-12...

DEBIAN-CVE-2022-50151

In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: fix random warning message when driver load Warning log: 4.141392 Unexpected gfp: 0x4 GFPDMA32. Fixing up to gfp: 0xa20 GFPATOMIC. Fix your code! 4.150340 CPU: 1 PID: 175 Comm: 1-0050 Not tainted...

UBUNTU-CVE-2022-50151

In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: fix random warning message when driver load Warning log: 4.141392 Unexpected gfp: 0x4 GFPDMA32. Fixing up to gfp: 0xa20 GFPATOMIC. Fix your code! 4.150340 CPU: 1 PID: 175 Comm: 1-0050 Not tainted...

CVE-2022-49959 openvswitch: fix memory leak at failed datapath creation

In the Linux kernel, the following vulnerability has been resolved: openvswitch: fix memory leak at failed datapath creation ovsdpcmdnew-ovsdpchange-ovsdpsetupcallportids allocates array via kmalloc. If for some reason newvport fails during ovsdpcmdnew dp-upcallportids must be freed. Add missing...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from ccp sev ioctl using kmalloc instead of kzalloc, which could lead to a kernel memory leak...

kernel: wifi: rtw89: coex: check NULL return of kmalloc in btc_fw_set_monreg()

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: coex: check NULL return of kmalloc in btcfwsetmonreg kmalloc may fail, return value might be NULL and will cause NULL pointer dereference. Add check NULL return of kmalloc in btcfwsetmonreg...

kernel: mm, slub: avoid zeroing kmalloc redzone

In the Linux kernel, the following vulnerability has been resolved: mm, slub: avoid zeroing kmalloc redzone Since commit 946fa0dbf2d8 "mm/slub: extend redzone check to extra allocated kmalloc space than requested", setting origsize treats the wasted space objectsize - origsize as a redzone. Howev...

kernel: udmabuf: change folios array from kmalloc to kvmalloc

In the Linux kernel, the following vulnerability has been resolved: udmabuf: change folios array from kmalloc to kvmalloc When PAGESIZE 4096, MAXPAGEORDER 10, 64bit machine, pagealloc only support 4MB. If above this, trigger this warn and return NULL. udmabuf can change size limit, if change it t...

kernel: scsi: lpfc: Fix a possible null pointer dereference

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix a possible null pointer dereference In function lpfcxcvrdatashow, the memory allocation with kmalloc might fail, thereby making rdpcontext a null pointer. In the following context and functions that use this...

PT-2025-18903 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved. The issue is related to the devm kmalloc array function in the fdp nci i2c read device properties function, which may fail and...

CVE-2022-49803

CVE-2022-49803 relates to the Linux kernel netdevsim memory leak in nsim_dev->fa_cookie. The issue arises when nsim_dev_trap_fa_cookie_write() allocates fa_cookie with kmalloc and assigns it to nsim_dev->fa_cookie, but nsim_drv_remove() fails to free it, leading to a leak reported by kmemle...

UBUNTU-CVE-2025-21950

In the Linux kernel, the following vulnerability has been resolved: drivers: virt: acrn: hsm: Use kzalloc to avoid info leak in pmcmdioctl In the "pmcmdioctl" function, three memory objects allocated by kmalloc are initialized by "hcallgetcpustate", which are then copied to user space. The...

SUSE CVE-2024-58008

In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: dcp: fix improper sg use with CONFIGVMAPSTACK=y With vmalloc stack addresses enabled CONFIGVMAPSTACK=y DCP trusted keys can crash during en- and decryption of the blob encryption key via the DCP crypto driver. This...

CVE-2024-58016

In the Linux kernel, the following vulnerability has been resolved: safesetid: check size of policy writes syzbot attempts to write a buffer with a large size to a sysfs entry with writes handled by handlepolicyupdate, triggering a warning in kmalloc. Check the size specified for write buffers...

DEBIAN-CVE-2024-58008

In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: dcp: fix improper sg use with CONFIGVMAPSTACK=y With vmalloc stack addresses enabled CONFIGVMAPSTACK=y DCP trusted keys can crash during en- and decryption of the blob encryption key via the DCP crypto driver. This...

UBUNTU-CVE-2024-58008

In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: dcp: fix improper sg use with CONFIGVMAPSTACK=y With vmalloc stack addresses enabled CONFIGVMAPSTACK=y DCP trusted keys can crash during en- and decryption of the blob encryption key via the DCP crypto driver. This...

UBUNTU-CVE-2024-58016

In the Linux kernel, the following vulnerability has been resolved: safesetid: check size of policy writes syzbot attempts to write a buffer with a large size to a sysfs entry with writes handled by handlepolicyupdate, triggering a warning in kmalloc. Check the size specified for write buffers...

SUSE CVE-2021-47649

In the Linux kernel, the following vulnerability has been resolved: udmabuf: validate ubuf-pagecount Syzbot has reported GPF in sgallocappendtablefrompages. The problem was in ubuf-pages == ZEROPTR. ubuf-pagecount is calculated from arguments passed from user-space. If user creates udmabuf with...