UBUNTU-CVE-2023-53752

In the Linux kernel, the following vulnerability has been resolved: net: deal with integer overflows in kmallocreserve Blamed commit changed: ptr = kmallocsize; if ptr size = ksizeptr; size = kmallocsizeroundupsize; ptr = kmallocsize; This allowed various crash as reported by syzbot 1 and Kyle...

CVE-2023-53752

CVE-2023-53752 is a Linux kernel vulnerability where kmalloc_reserve() truncates a 32-bit size, causing kmalloc_size_roundup(size) to yield 2^32 and leading to ZERO_SIZE_PTR allocations in skb paths. The root cause is a 32-bit obj_size, which can crash net/buffer handling when netdev mtu is near ...

CVE-2023-53752

In the Linux kernel, the following vulnerability has been resolved: net: deal with integer overflows in kmallocreserve Blamed commit changed: ptr = kmallocsize; if ptr size = ksizeptr; size = kmallocsizeroundupsize; ptr = kmallocsize; This allowed various crash as reported by syzbot 1 and Kyle...

CVE-2023-53752 net: deal with integer overflows in kmalloc_reserve()

In the Linux kernel, the following vulnerability has been resolved: net: deal with integer overflows in kmallocreserve Blamed commit changed: ptr = kmallocsize; if ptr size = ksizeptr; size = kmallocsizeroundupsize; ptr = kmallocsize; This allowed various crash as reported by syzbot 1 and Kyle...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an integer overflow in kmallocreserve, which could lead to a memory allocation failure...

PT-2025-49482

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1.39 Description The Linux kernel contained an issue where an integer overflow in the kmalloc reserve function could lead to crashes. Specifically, if the size parameter passed to kmalloc reserve was greater th...

Linux Distros Unpatched Vulnerability : CVE-2023-53752

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: deal with integer overflows in kmallocreserve Blamed commit changed: ptr = kmallocsize %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989884)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989884 advisory. In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Fix dtlaccesslock to be a rwsemaphore The dtlaccesslock needs to be a rwsempahor...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989789)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989789 advisory. In the Linux kernel, the following vulnerability has been resolved: tty: fix deadlock caused by calling printk under ttyport-lock ptywrite invokes kmalloc which may...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990111)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990111 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Check for potential null return of kmallocarray As the kmallocarray may return null,...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: genirq/irqsim: Initialize work context pointers properly Initialize ops member's pointers properly by using kzalloc instead of kmalloc when allocating the simulation work context. Otherwise the pointers contain random content...

SUSE CVE-2025-40052

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix crypto buffers in non-linear memory The crypto API, through the scatterlist API, expects input buffers to be in linear memory. We handle this with the cifssgsetbuf helper that converts vmalloc'd memory to their...

AZL-68846 CVE-2025-40052 affecting package kernel for versions less than 6.6.112.1-2

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix crypto buffers in non-linear memory The crypto API, through the scatterlist API, expects input buffers to be in linear memory. We handle this with the cifssgsetbuf helper that converts vmalloc'd memory to their...

UBUNTU-CVE-2025-40052

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix crypto buffers in non-linear memory The crypto API, through the scatterlist API, expects input buffers to be in linear memory. We handle this with the cifssgsetbuf helper that converts vmalloc'd memory to their...

EUVD-2025-36476

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix crypto buffers in non-linear memory The crypto API, through the scatterlist API, expects input buffers to be in linear memory. We handle this with the cifssgsetbuf helper that converts vmalloc'd memory to their...

CVE-2025-40052 smb: client: fix crypto buffers in non-linear memory

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix crypto buffers in non-linear memory The crypto API, through the scatterlist API, expects input buffers to be in linear memory. We handle this with the cifssgsetbuf helper that converts vmalloc'd memory to their...

CVE-2023-53713

In the Linux kernel, the following vulnerability has been resolved: arm64: sme: Use STR P to clear FFR context field in streaming SVE mode The FFR is a predicate register which can vary between 16 and 256 bits in size depending upon the configured vector length. When saving the SVE state in...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987535)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987535 advisory. In the Linux kernel, the following vulnerability has been resolved: udmabuf: validate ubuf-pagecount Syzbot has reported GPF in sgallocappendtablefrompages. The...

Linux Distros Unpatched Vulnerability : CVE-2022-50509

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: coda: Add check for kmalloc As the kmalloc may return NULL pointer, it should be better to check the return value in order to avoid NULL poineter...

CVE-2022-50509

In the Linux kernel, the following vulnerability has been resolved: media: coda: Add check for kmalloc As the kmalloc may return NULL pointer, it should be better to check the return value in order to avoid NULL poineter dereference, same as the others...