431 matches found
PT-2022-34791 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.12 Description: A potential security issue exists due to a failure to return an error code when kmalloc fails. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux...
PT-2022-34867 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.14.295 Description: The issue is related to a potential security vulnerability in the Linux Kernel. It has been fixed in version v4.14.295. The problem occurs when kmalloc fails, and an error is not properly...
PT-2022-7434 · Linux +4 · Linux Kernel +4
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the kmalloc function in the Linux kernel, which can fail due to out-of-memory conditions. If it fails, the function should return an error code errno instead of...
GSD-2022-1003296 lkdtm/bugs: Check for the NULL pointer after calling kmalloc
lkdtm/bugs: Check for the NULL pointer after calling kmalloc This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.47 by commit...
GSD-2022-1002661 lkdtm/bugs: Check for the NULL pointer after calling kmalloc
lkdtm/bugs: Check for the NULL pointer after calling kmalloc This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.4 by commit...
kernel: RDMA/uverbs: NULL pointer dereference in uapi_finalize()
An issue was discovered in the Linux kernel through 5.16-rc6. uapifinalize in drivers/infiniband/core/uverbsuapi.c lacks check of kmallocarray...
kernel: RDMA/uverbs: NULL pointer dereference in uapi_finalize()
An issue was discovered in the Linux kernel through 5.16-rc6. uapifinalize in drivers/infiniband/core/uverbsuapi.c lacks check of kmallocarray...
kernel security, bug fix, and enhancement update
An update is available for kernel. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...
PT-2022-7497 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel version 5.17.0-smp-DEV 801 Description: The vulnerability is related to the io uring component in the Linux kernel. Looping approximately 65535 times doing kmalloc calls can trigger soft lockups, especially with DEBUG features...
PT-2022-5915 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.16-rc6 Description: The issue is related to the lkdtm ARRAY BOUNDS function in the drivers/misc/lkdtm/bugs.c module of the Linux kernel. It lacks a check of the return value of kmalloc and will cause a null...
PT-2021-7531 · Linux +5 · Linux Kernel +5
Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 5.16-rc6 Description: An issue was discovered in the Linux kernel where the uapi finalize function in drivers/infiniband/core/uverbs uapi.c lacks a check of kmalloc array. This issue is related to a pointer...
PT-2021-7530 · Linux +5 · Linux Kernel +5
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.16-rc6 Description: The issue is related to the ef100 update stats function in the drivers/net/ethernet/sfc/ef100 nic.c module of the Linux kernel, which lacks a check of the return value of kmalloc. This can...
kernel: memory leak upon a kmalloc failure in kvm_io_bus_unregister_dev function in virt/kvm/kvm_main.c
A flaw was found in the KVM hypervisor of the Linux kernel. A memory leak could occur in kvmiobusunregisterdev upon a kmalloc failure. The highest threat from this vulnerability is to system availability...
kernel: memory leak upon a kmalloc failure in kvm_io_bus_unregister_dev function in virt/kvm/kvm_main.c
A flaw was found in the KVM hypervisor of the Linux kernel. A memory leak could occur in kvmiobusunregisterdev upon a kmalloc failure. The highest threat from this vulnerability is to system availability...
DEBIAN-CVE-2020-36312
An issue was discovered in the Linux kernel before 5.8.10. virt/kvm/kvmmain.c has a kvmiobusunregisterdev memory leak upon a kmalloc failure, aka CID-f65886606c2d...
UBUNTU-CVE-2020-36312
An issue was discovered in the Linux kernel before 5.8.10. virt/kvm/kvmmain.c has a kvmiobusunregisterdev memory leak upon a kmalloc failure, aka CID-f65886606c2d...
Linux kernel memory leak vulnerability (CNVD-2021-29473)
The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A kvmiobusunregisterdev memory leak vulnerability exists in virt/kvm/kvmmain.c in versions of Linux kernel prior to...
Linux kernel 安全漏洞
The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A kvmiobusunregisterdev memory leak vulnerability exists in virt/kvm/kvmmain.c in versions of Linux kernel prior to...
A flaw was found in the Linux kernel's handle_rx() function in the [vhost_net] driver. A malicious virtual guest under specific conditions can trigger an out-of-bounds write in a kmalloc-8 slab on a virtual host which may lead to a kernel memory corruption and a system panic. Due to the nature of the flaw privilege escalation cannot be fully ruled out. Versions from v4.16 and newer are vulnerable.
...
PT-2020-3072
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a buffer overflow in the Direct IO function of the Linux kernel, which can be exploited to gain unauthorized access to protected information or cause a denial o...