429 matches found
CVE-2024-40900
In the Linux kernel, the following vulnerability has been resolved: cachefiles: remove requests from xarray during flushing requests Even with CACHEFILESDEAD set, we can still read the requests, so in the following concurrency the request may be used after it has been freed: mount | daemonthread1...
SUSE CVE-2024-40997
In the Linux kernel, the following vulnerability has been resolved: cpufreq: amd-pstate: fix memory leak on CPU EPP exit The cpudata memory from kzalloc in amdpstateeppcpuinit is not freed in the analogous exit function, so fix that. rjw: Subject and changelog edits...
DEBIAN-CVE-2024-40997
In the Linux kernel, the following vulnerability has been resolved: cpufreq: amd-pstate: fix memory leak on CPU EPP exit The cpudata memory from kzalloc in amdpstateeppcpuinit is not freed in the analogous exit function, so fix that. rjw: Subject and changelog edits...
AZL-47926 CVE-2024-40997 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: cpufreq: amd-pstate: fix memory leak on CPU EPP exit The cpudata memory from kzalloc in amdpstateeppcpuinit is not freed in the analogous exit function, so fix that. rjw: Subject and changelog edits...
DEBIAN-CVE-2024-40973
In the Linux kernel, the following vulnerability has been resolved: media: mtk-vcodec: potential null pointer deference in SCP The return value of devmkzalloc needs to be checked to avoid NULL pointer deference. This is similar to CVE-2022-3113...
AZL-48951 CVE-2024-40973 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: media: mtk-vcodec: potential null pointer deference in SCP The return value of devmkzalloc needs to be checked to avoid NULL pointer deference. This is similar to CVE-2022-3113...
UBUNTU-CVE-2024-40973
In the Linux kernel, the following vulnerability has been resolved: media: mtk-vcodec: potential null pointer deference in SCP The return value of devmkzalloc needs to be checked to avoid NULL pointer deference. This is similar to CVE-2022-3113...
CVE-2024-40900 cachefiles: remove requests from xarray during flushing requests
In the Linux kernel, the following vulnerability has been resolved: cachefiles: remove requests from xarray during flushing requests Even with CACHEFILESDEAD set, we can still read the requests, so in the following concurrency the request may be used after it has been freed: mount | daemonthread1...
do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak
...
CVE-2024-38575
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: pcie: handle randbuf allocation failure The kzalloc in brcmfpciedownloadfwnvram will return null if the physical memory has run out. As a result, if we use getrandombytes to generate random bytes in the randbuf, t...
CVE-2024-38575
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: pcie: handle randbuf allocation failure The kzalloc in brcmfpciedownloadfwnvram will return null if the physical memory has run out. As a result, if we use getrandombytes to generate random bytes in the randbuf, t...
PT-2024-10328 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the devm kzalloc function in the pcmdevice i2c probe component of the Linux kernel. It is associated with pointer dereference errors. Exploitation of this issue...
CVE-2024-36968
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix div-by-zero in l2capleflowctlinit l2capleflowctlinit can cause both div-by-zero and an integer overflow since hdev-lemtu may not fall in the valid range. Move MTU from hcidev to hciconn to validate MTU and...
CVE-2024-36968 Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init()
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix div-by-zero in l2capleflowctlinit l2capleflowctlinit can cause both div-by-zero and an integer overflow since hdev-lemtu may not fall in the valid range. Move MTU from hcidev to hciconn to validate MTU and...
CVE-2024-36968
CVE-2024-36968 (Linux kernel) : A Bluetooth L2CAP issue in the kernel could cause div-by-zero and integer overflow due to hdev->le_mtu potentially being out of range. The fix moves MTU validation from hci_dev to hci_conn, halting connection setup when MTU is invalid, and adds validation in rea...
SUSE CVE-2024-36014
In the Linux kernel, the following vulnerability has been resolved: drm/arm/malidp: fix a possible null pointer dereference In malidpmwconnectorreset, new memory is allocated with kzalloc, but no check is performed. In order to prevent null pointer dereferencing, ensure that mwstate is checked...
UBUNTU-CVE-2024-36014
In the Linux kernel, the following vulnerability has been resolved: drm/arm/malidp: fix a possible null pointer dereference In malidpmwconnectorreset, new memory is allocated with kzalloc, but no check is performed. In order to prevent null pointer dereferencing, ensure that mwstate is checked...
DEBIAN-CVE-2021-47451
In the Linux kernel, the following vulnerability has been resolved: netfilter: xtIDLETIMER: fix panic that occurs when timertype has garbage value Currently, when the rule related to IDLETIMER is added, idletimertg timer structure is initialized by kmalloc on executing idletimertgcreate function...
CVE-2021-47451
CVE-2021-47451 relates to a Linux kernel netfilter xt_IDLETIMER panic caused by idletimer_tg.timer_type containing garbage values when a rule is added. The fixed version initializes timer_type with kzalloc instead of kmalloc to prevent the NULL/D garbage read that leads to a kernel panic. Public ...
CVE-2021-47250
In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix memory leak in netlblcipsov4addstd Reported by syzkaller: BUG: memory leak unreferenced object 0xffff888105df7000 size 64: comm "syz-executor842", pid 360, jiffies 4294824824 age 22.546s hex dump first 32 bytes: 00...