440 matches found
CVE-2026-53364
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciconn: Fix memory leak in hcilebigterminate hcilebigterminate allocates isolistdata via kzallocobj but returns 0 without freeing it when neither pasyncterm nor bigsyncterm flags are set after evaluating the PA and BI...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: genirq/irqsim: Proper initialization of work context pointers Proper initialization of the pointers to the ops member by using kzalloc instead of kmalloc when allocating the simulation work context. Otherwise, the pointers may...
SUSE CVE-2026-46305
In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: osdep: avoid NULL pointer dereference in rtwcbufalloc The return value of kzallocflex is used without ensuring that the allocation succeeded, and the pointer is dereferenced unconditionally. Guard the access t...
UBUNTU-CVE-2026-46305
In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: osdep: avoid NULL pointer dereference in rtwcbufalloc The return value of kzallocflex is used without ensuring that the allocation succeeded, and the pointer is dereferenced unconditionally. Guard the access t...
EUVD-2026-35170
In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: osdep: avoid NULL pointer dereference in rtwcbufalloc The return value of kzallocflex is used without ensuring that the allocation succeeded, and the pointer is dereferenced unconditionally. Guard the access t...
CVE-2026-46305 staging: rtl8723bs: os_dep: avoid NULL pointer dereference in rtw_cbuf_alloc
In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: osdep: avoid NULL pointer dereference in rtwcbufalloc The return value of kzallocflex is used without ensuring that the allocation succeeded, and the pointer is dereferenced unconditionally. Guard the access t...
CVE-2026-46171
In the Linux kernel, the following vulnerability has been resolved: riscv: kvm: fix vector context allocation leak When the second kzalloc hostcontext.vector.datap fails in kvmriscvvcpuallocvectorcontext, the first allocation guestcontext.vector.datap is leaked. Free it before returning...
CVE-2026-46159
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix btrfsioctlspaceinfo slotcount TOCTOU which can lead to info-leak btrfsioctlspaceinfo has a TOCTOU race between two passes over the block group RAID type lists. The first pass counts entries to determine the allocation...
UBUNTU-CVE-2026-46159
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix btrfsioctlspaceinfo slotcount TOCTOU which can lead to info-leak btrfsioctlspaceinfo has a TOCTOU race between two passes over the block group RAID type lists. The first pass counts entries to determine the allocation...
CVE-2026-46159
The CVE-2026-46159 issue affects the Linux kernel’s Btrfs code, specifically btrfs_ioctl_space_info(). A TOCTOU race occurs between two passes over block group RAID type lists: the first pass counts entries for allocation, the second fills the buffer and releases the groups_sem lock. If entries s...
CVE-2026-46159 btrfs: fix btrfs_ioctl_space_info() slot_count TOCTOU which can lead to info-leak
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix btrfsioctlspaceinfo slotcount TOCTOU which can lead to info-leak btrfsioctlspaceinfo has a TOCTOU race between two passes over the block group RAID type lists. The first pass counts entries to determine the allocation...
EUVD-2026-32786
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix btrfsioctlspaceinfo slotcount TOCTOU which can lead to info-leak btrfsioctlspaceinfo has a TOCTOU race between two passes over the block group RAID type lists. The first pass counts entries to determine the allocation...
CVE-2026-46139
CVE-2026-46139 covers the Linux kernel SMB client: when building an ACL descriptor in build_sec_desc(), a kzalloc-based allocation fix was introduced to zero-initialize the security descriptor buffer, replacing a previous kmalloc path. The change splits struct smb_acl's __le32 num_aces into __le1...
CVE-2026-46139 smb: client: use kzalloc to zero-initialize security descriptor buffer
In the Linux kernel, the following vulnerability has been resolved: smb: client: use kzalloc to zero-initialize security descriptor buffer Commit 62e7dd0a39c2d "smb: common: change the data type of numaces to le16" split struct smbacl's le32 numaces field into le16 numaces and le16 reserved. The...
SUSE CVE-2024-43822
In the Linux kernel, the following vulnerability has been resolved: ASoc: PCM6240: Return directly after a failed devmkzalloc in pcmdevicei2cprobe The value “-ENOMEM” was assigned to the local variable “ret” in one if branch after a devmkzalloc call failed at the beginning. This error code will...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: sparx5: switchdev: fixed the possible NULL pointer dereferencing issue. As a possible failure in allocation, devmkzalloc may return a NULL pointer. Therefore, it is better to check for ‘db’ to prevent the dereferencing of a...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Error handling was added in xhcimapurbfordma. Currently, xhcimapurbfordma creates a temporary buffer and copies the SG list to the new linear buffer. However, if kzallocnode fails, the call to sgpcopytobuffer may lead ...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: ath12k: A NULL pointer dereferencing was addressed in ath12kmacophwscan. In ath12kmacophwscan, the return value of kzalloc is directly used in memcpy, which may lead to a NULL pointer dereferencing in case of a failure of...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: spi: spi-zynq-qspi: Fixed a NULL pointer dereferencing in zynqqspiexecmemop. In zynqqspiexecmemop, kzalloc is directly used in memset, which could lead to a NULL pointer dereferencing if kzalloc fails. This bug was fixed by addin...
Astra Linux – Vulnerability in Linux 5.10, Linux
A issue was discovered in the Linux kernel through version 5.16-rc6. The function malidpcrtcreset in the file drivers/gpu/drm/arm/malidpcrtc.c lacks a check on the return value of kzalloc. This could lead to a null pointer dereferencing...