429 matches found
CVE-2021-47250
In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix memory leak in netlblcipsov4addstd Reported by syzkaller: BUG: memory leak unreferenced object 0xffff888105df7000 size 64: comm "syz-executor842", pid 360, jiffies 4294824824 age 22.546s hex dump first 32 bytes: 00...
SUSE CVE-2024-35886
In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix infinite recursion in fib6dumpdone. syzkaller reported infinite recursive calls of fib6dumpdone during netlink socket destruction. 1 From the log, syzkaller sent an AFUNSPEC RTMGETROUTE message, and then the response wa...
SUSE CVE-2024-35972
In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix possible memory leak in bnxtrdmaauxdeviceinit If ulp = kzalloc fails, the allocated edev will leak because it is not properly assigned and the cleanup path will not be able to free it. Fix it by assigning it properly...
AZL-42204 CVE-2024-35972 affecting package kernel for versions less than 5.15.158.1-1
In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix possible memory leak in bnxtrdmaauxdeviceinit If ulp = kzalloc fails, the allocated edev will leak because it is not properly assigned and the cleanup path will not be able to free it. Fix it by assigning it properly...
UBUNTU-CVE-2024-35972
In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix possible memory leak in bnxtrdmaauxdeviceinit If ulp = kzalloc fails, the allocated edev will leak because it is not properly assigned and the cleanup path will not be able to free it. Fix it by assigning it properly...
DEBIAN-CVE-2024-35886
In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix infinite recursion in fib6dumpdone. syzkaller reported infinite recursive calls of fib6dumpdone during netlink socket destruction. 1 From the log, syzkaller sent an AFUNSPEC RTMGETROUTE message, and then the response wa...
UBUNTU-CVE-2024-35886
In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix infinite recursion in fib6dumpdone. syzkaller reported infinite recursive calls of fib6dumpdone during netlink socket destruction. 1 From the log, syzkaller sent an AFUNSPEC RTMGETROUTE message, and then the response wa...
DEBIAN-CVE-2024-27048
In the Linux kernel, the following vulnerability has been resolved: wifi: brcm80211: handle pmkop allocation failure The kzalloc in brcmfpmksav3op will return null if the physical memory has run out. As a result, if we dereference the null value, the null pointer dereference bug will happen. Retu...
CVE-2024-27048
In the Linux kernel, the following vulnerability has been resolved: wifi: brcm80211: handle pmkop allocation failure The kzalloc in brcmfpmksav3op will return null if the physical memory has run out. As a result, if we dereference the null value, the null pointer dereference bug will happen. Retu...
CVE-2024-27048
In the Linux kernel, the following vulnerability has been resolved: wifi: brcm80211: handle pmkop allocation failure The kzalloc in brcmfpmksav3op will return null if the physical memory has run out. As a result, if we dereference the null value, the null pointer dereference bug will happen. Retu...
UBUNTU-CVE-2024-26964
In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Add error handling in xhcimapurbfordma Currently xhcimapurbfordma creates a temporary buffer and copies the SG list to the new linear buffer. But if the kzallocnode fails, then the following sgpcopytobuffer can lead to...
PT-2024-29757
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved by adding a NULL pointer check for kzalloc in the drm/amd/display module. The issue was addressed by checking the return pointer of...
CVE-2024-26901
In the Linux kernel, the following vulnerability has been resolved: dosysnametohandle: use kzalloc to fix kernel-infoleak syzbot identified a kernel information leak vulnerability in dosysnametohandle and issued the following report 1. 1 "BUG: KMSAN: kernel-infoleak in instrumentcopytouser...
DEBIAN-CVE-2024-26901
In the Linux kernel, the following vulnerability has been resolved: dosysnametohandle: use kzalloc to fix kernel-infoleak syzbot identified a kernel information leak vulnerability in dosysnametohandle and issued the following report 1. 1 "BUG: KMSAN: kernel-infoleak in instrumentcopytouser...
CVE-2024-26901
In the Linux kernel, the following vulnerability has been resolved: dosysnametohandle: use kzalloc to fix kernel-infoleak syzbot identified a kernel information leak vulnerability in dosysnametohandle and issued the following report 1. 1 "BUG: KMSAN: kernel-infoleak in instrumentcopytouser...
UBUNTU-CVE-2024-26901
In the Linux kernel, the following vulnerability has been resolved: dosysnametohandle: use kzalloc to fix kernel-infoleak syzbot identified a kernel information leak vulnerability in dosysnametohandle and issued the following report 1. 1 "BUG: KMSAN: kernel-infoleak in instrumentcopytouser...
CVE-2024-26901 do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak
In the Linux kernel, the following vulnerability has been resolved: dosysnametohandle: use kzalloc to fix kernel-infoleak syzbot identified a kernel information leak vulnerability in dosysnametohandle and issued the following report 1. 1 "BUG: KMSAN: kernel-infoleak in instrumentcopytouser...
CVE-2024-26901 do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak
In the Linux kernel, the following vulnerability has been resolved: dosysnametohandle: use kzalloc to fix kernel-infoleak syzbot identified a kernel information leak vulnerability in dosysnametohandle and issued the following report 1. 1 "BUG: KMSAN: kernel-infoleak in instrumentcopytouser...
CVE-2024-26901
In the Linux kernel, the following vulnerability has been resolved: dosysnametohandle: use kzalloc to fix kernel-infoleak syzbot identified a kernel information leak vulnerability in dosysnametohandle and issued the following report 1. 1 "BUG: KMSAN: kernel-infoleak in instrumentcopytouser...
CVE-2024-26901
CVE-2024-26901 is a Linux kernel information-leak vulnerability identified by syzbot in do_sys_name_to_handle, where uninitialized bytes were observed during copy to userspace. The issue was mitigated by replacing a kmalloc path with kzalloc, addressing uninitialized memory (Bytes 18–19) and rela...