Lucene search
+L

440 matches found

NVD
NVD
added 5 days ago8 views

CVE-2026-53364

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciconn: Fix memory leak in hcilebigterminate hcilebigterminate allocates isolistdata via kzallocobj but returns 0 without freeing it when neither pasyncterm nor bigsyncterm flags are set after evaluating the PA and BI...

0.00155EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: genirq/irqsim: Proper initialization of work context pointers Proper initialization of the pointers to the ops member by using kzalloc instead of kmalloc when allocating the simulation work context. Otherwise, the pointers may...

5.5CVSS6.4AI score0.00158EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/06/09 2:20 a.m.11 views

SUSE CVE-2026-46305

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: osdep: avoid NULL pointer dereference in rtwcbufalloc The return value of kzallocflex is used without ensuring that the allocation succeeded, and the pointer is dereferenced unconditionally. Guard the access t...

5.5CVSS5.4AI score0.001EPSS
Exploits0References3
OSV
OSV
added 2026/06/08 5:16 p.m.9 views

UBUNTU-CVE-2026-46305

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: osdep: avoid NULL pointer dereference in rtwcbufalloc The return value of kzallocflex is used without ensuring that the allocation succeeded, and the pointer is dereferenced unconditionally. Guard the access t...

5.5CVSS5.3AI score0.001EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/08 3:46 p.m.11 views

EUVD-2026-35170

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: osdep: avoid NULL pointer dereference in rtwcbufalloc The return value of kzallocflex is used without ensuring that the allocation succeeded, and the pointer is dereferenced unconditionally. Guard the access t...

5.4AI score0.001EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/08 3:46 p.m.59 views

CVE-2026-46305 staging: rtl8723bs: os_dep: avoid NULL pointer dereference in rtw_cbuf_alloc

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: osdep: avoid NULL pointer dereference in rtwcbufalloc The return value of kzallocflex is used without ensuring that the allocation succeeded, and the pointer is dereferenced unconditionally. Guard the access t...

0.001EPSS
Exploits0References2
NVD
NVD
added 2026/05/28 10:16 a.m.17 views

CVE-2026-46171

In the Linux kernel, the following vulnerability has been resolved: riscv: kvm: fix vector context allocation leak When the second kzalloc hostcontext.vector.datap fails in kvmriscvvcpuallocvectorcontext, the first allocation guestcontext.vector.datap is leaked. Free it before returning...

5.5CVSS0.00126EPSS
Exploits0References3
NVD
NVD
added 2026/05/28 10:16 a.m.15 views

CVE-2026-46159

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix btrfsioctlspaceinfo slotcount TOCTOU which can lead to info-leak btrfsioctlspaceinfo has a TOCTOU race between two passes over the block group RAID type lists. The first pass counts entries to determine the allocation...

4.7CVSS0.00093EPSS
Exploits0References8
OSV
OSV
added 2026/05/28 10:16 a.m.12 views

UBUNTU-CVE-2026-46159

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix btrfsioctlspaceinfo slotcount TOCTOU which can lead to info-leak btrfsioctlspaceinfo has a TOCTOU race between two passes over the block group RAID type lists. The first pass counts entries to determine the allocation...

4.7CVSS5.7AI score0.00093EPSS
Exploits0References8
CVE
CVE
added 2026/05/28 9:36 a.m.45 views

CVE-2026-46159

The CVE-2026-46159 issue affects the Linux kernel’s Btrfs code, specifically btrfs_ioctl_space_info(). A TOCTOU race occurs between two passes over block group RAID type lists: the first pass counts entries for allocation, the second fills the buffer and releases the groups_sem lock. If entries s...

4.7CVSS5.8AI score0.00093EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2026/05/28 9:36 a.m.37 views

CVE-2026-46159 btrfs: fix btrfs_ioctl_space_info() slot_count TOCTOU which can lead to info-leak

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix btrfsioctlspaceinfo slotcount TOCTOU which can lead to info-leak btrfsioctlspaceinfo has a TOCTOU race between two passes over the block group RAID type lists. The first pass counts entries to determine the allocation...

0.00093EPSS
Exploits0References8
EUVD
EUVD
added 2026/05/28 9:36 a.m.14 views

EUVD-2026-32786

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix btrfsioctlspaceinfo slotcount TOCTOU which can lead to info-leak btrfsioctlspaceinfo has a TOCTOU race between two passes over the block group RAID type lists. The first pass counts entries to determine the allocation...

5.8AI score0.00093EPSS
Exploits0References5
CVE
CVE
added 2026/05/28 9:35 a.m.29 views

CVE-2026-46139

CVE-2026-46139 covers the Linux kernel SMB client: when building an ACL descriptor in build_sec_desc(), a kzalloc-based allocation fix was introduced to zero-initialize the security descriptor buffer, replacing a previous kmalloc path. The change splits struct smb_acl's __le32 num_aces into __le1...

5.5CVSS5.9AI score0.00122EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/05/28 9:35 a.m.2 views

CVE-2026-46139 smb: client: use kzalloc to zero-initialize security descriptor buffer

In the Linux kernel, the following vulnerability has been resolved: smb: client: use kzalloc to zero-initialize security descriptor buffer Commit 62e7dd0a39c2d "smb: common: change the data type of numaces to le16" split struct smbacl's le32 numaces field into le16 numaces and le16 reserved. The...

5.5CVSS5.9AI score0.00122EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2026/05/27 3:29 a.m.5 views

SUSE CVE-2024-43822

In the Linux kernel, the following vulnerability has been resolved: ASoc: PCM6240: Return directly after a failed devmkzalloc in pcmdevicei2cprobe The value “-ENOMEM” was assigned to the local variable “ret” in one if branch after a devmkzalloc call failed at the beginning. This error code will...

5.5CVSS5.9AI score0.00193EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: sparx5: switchdev: fixed the possible NULL pointer dereferencing issue. As a possible failure in allocation, devmkzalloc may return a NULL pointer. Therefore, it is better to check for ‘db’ to prevent the dereferencing of a...

5.5CVSS5.8AI score0.00245EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.10 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Error handling was added in xhcimapurbfordma. Currently, xhcimapurbfordma creates a temporary buffer and copies the SG list to the new linear buffer. However, if kzallocnode fails, the call to sgpcopytobuffer may lead ...

5.5CVSS6AI score0.00225EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath12k: A NULL pointer dereferencing was addressed in ath12kmacophwscan. In ath12kmacophwscan, the return value of kzalloc is directly used in memcpy, which may lead to a NULL pointer dereferencing in case of a failure of...

6.4AI score0.00168EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: spi: spi-zynq-qspi: Fixed a NULL pointer dereferencing in zynqqspiexecmemop. In zynqqspiexecmemop, kzalloc is directly used in memset, which could lead to a NULL pointer dereferencing if kzalloc fails. This bug was fixed by addin...

5.5CVSS6AI score0.00225EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Linux 5.10, Linux

A issue was discovered in the Linux kernel through version 5.16-rc6. The function malidpcrtcreset in the file drivers/gpu/drm/arm/malidpcrtc.c lacks a check on the return value of kzalloc. This could lead to a null pointer dereferencing...

5.5CVSS6.7AI score0.00217EPSS
Exploits0References2
Rows per page
Query Builder