429 matches found
CVE-2024-26901 do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak
In the Linux kernel, the following vulnerability has been resolved: dosysnametohandle: use kzalloc to fix kernel-infoleak syzbot identified a kernel information leak vulnerability in dosysnametohandle and issued the following report 1. 1 "BUG: KMSAN: kernel-infoleak in instrumentcopytouser...
Fedora 39 : kernel (2024-f93cdd8831)
The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-f93cdd8831 advisory. The 6.8.6 stable kernel update contains a number of important fixes across the tree. Tenable has extracted the preceding description block directly from the...
CVE-2024-24863
CVE-2024-36014: A vulnerability in the Linux kernel DRM Malidp/MW connector path can cause a null pointer dereference. In malidp_mw_connector_reset, memory allocated with kzalloc is not checked, risking dereference if mw_state is invalid, potentially leading to a crash. The issue is addressed by ...
PT-2024-20620 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel affected versions not specified Description: The issue arises in the malidp mw connector reset function where new memory is allocated using kzalloc, but no check is performed to prevent null pointer dereferencing. To prevent this...
DEBIAN-CVE-2024-26817
In the Linux kernel, the following vulnerability has been resolved: amdkfd: use calloc instead of kzalloc to avoid integer overflow This uses calloc instead of doing the multiplication which might overflow...
CVE-2024-26817
In the Linux kernel, the following vulnerability has been resolved: amdkfd: use calloc instead of kzalloc to avoid integer overflow This uses calloc instead of doing the multiplication which might overflow...
UBUNTU-CVE-2024-26817
In the Linux kernel, the following vulnerability has been resolved: amdkfd: use calloc instead of kzalloc to avoid integer overflow This uses calloc instead of doing the multiplication which might overflow...
CVE-2024-26817
In the Linux kernel, the following vulnerability has been resolved: amdkfd: use calloc instead of kzalloc to avoid integer overflow This uses calloc instead of doing the multiplication which might overflow...
CVE-2021-47180 NFC: nci: fix memory leak in nci_allocate_device
In the Linux kernel, the following vulnerability has been resolved: NFC: nci: fix memory leak in nciallocatedevice nfcmrvldisconnect fails to free the hcidev field in struct ncidev. Fix this by freeing hcidev in ncifreedevice. BUG: memory leak unreferenced object 0xffff888111ea6800 size 1024: com...
CVE-2021-47180 NFC: nci: fix memory leak in nci_allocate_device
In the Linux kernel, the following vulnerability has been resolved: NFC: nci: fix memory leak in nciallocatedevice nfcmrvldisconnect fails to free the hcidev field in struct ncidev. Fix this by freeing hcidev in ncifreedevice. BUG: memory leak unreferenced object 0xffff888111ea6800 size 1024: com...
CVE-2021-47180
In the Linux kernel, the following vulnerability has been resolved: NFC: nci: fix memory leak in nciallocatedevice nfcmrvldisconnect fails to free the hcidev field in struct ncidev. Fix this by freeing hcidev in ncifreedevice. BUG: memory leak unreferenced object 0xffff888111ea6800 size 1024: com...
SUSE CVE-2023-52465
In the Linux kernel, the following vulnerability has been resolved: power: supply: Fix null pointer dereference in smb2probe devmkasprintf and devmkzalloc return a pointer to dynamically allocated memory which can be NULL upon failure...
UBUNTU-CVE-2023-52469
In the Linux kernel, the following vulnerability has been resolved: drivers/amd/pm: fix a use-after-free in kvparsepowertable When ps allocated by kzalloc equals to NULL, kvparsepowertable frees adev-pm.dpm.ps that allocated before. However, after the control flow goes through the following call...
kernel: scsi: lpfc: Check kzalloc() in lpfc_sli4_cgn_params_read()
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Check kzalloc in lpfcsli4cgnparamsread If kzalloc fails in lpfcsli4cgnparamsread, then we rely on lpfcreadobject's routine to NULL check pdata. Currently, an early return error is thrown from lpfcreadobject to protect...
PT-2025-43122
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s ath12k driver within the ath12k mac op hw scan function. The function directly uses the return value of kzalloc in a memcpy operation without checking...
An issue was discovered in the Linux kernel brcm_nvram_parse in drivers/nvmem/brcm_nvram.c. Lacks for the check of the return value of kzalloc() can cause the NULL Pointer Dereference.
...
AZL-27347 CVE-2023-3359 affecting package kernel for versions less than 5.15.118.1-2
An issue was discovered in the Linux kernel brcmnvramparse in drivers/nvmem/brcmnvram.c. Lacks for the check of the return value of kzalloc can cause the NULL Pointer Dereference...
AZL-27332 CVE-2023-3359 affecting package hyperv-daemons for versions less than 5.15.118.1-1
An issue was discovered in the Linux kernel brcmnvramparse in drivers/nvmem/brcmnvram.c. Lacks for the check of the return value of kzalloc can cause the NULL Pointer Dereference...
UBUNTU-CVE-2023-3359
An issue was discovered in the Linux kernel brcmnvramparse in drivers/nvmem/brcmnvram.c. Lacks for the check of the return value of kzalloc can cause the NULL Pointer Dereference...
An issue was discovered in the Linux kernel through 6.1-rc8. dpu_crtc_atomic_check in drivers/gpu/drm/msm/disp/dpu1/dpu_crtc.c lacks check of the return value of kzalloc() and will cause the NULL Pointer Dereference.
...