437 matches found
CVE-2022-49556 KVM: SVM: Use kzalloc for sev ioctl interfaces to prevent kernel data leak
In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Use kzalloc for sev ioctl interfaces to prevent kernel data leak For some sev ioctl interfaces, the length parameter that is passed maybe less than or equal to SEVFWBLOBMAXSIZE, but larger than the data that PSP firmwar...
CVE-2022-49556
In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Use kzalloc for sev ioctl interfaces to prevent kernel data leak For some sev ioctl interfaces, the length parameter that is passed maybe less than or equal to SEVFWBLOBMAXSIZE, but larger than the data that PSP firmwar...
CVE-2022-49141 net: dsa: felix: fix possible NULL pointer dereference
In the Linux kernel, the following vulnerability has been resolved: net: dsa: felix: fix possible NULL pointer dereference As the possible failure of the allocation, kzalloc may return NULL pointer. Therefore, it should be better to check the 'sgi' in order to prevent the dereference of NULL...
CVE-2022-49141 net: dsa: felix: fix possible NULL pointer dereference
In the Linux kernel, the following vulnerability has been resolved: net: dsa: felix: fix possible NULL pointer dereference As the possible failure of the allocation, kzalloc may return NULL pointer. Therefore, it should be better to check the 'sgi' in order to prevent the dereference of NULL...
CVE-2024-57911
In the Linux kernel, the following vulnerability has been resolved: iio: dummy: iiosimplydummybuffer: fix information leak in triggered buffer The 'data' array is allocated via kmalloc and it is used to push data to user space from a triggered buffer, but it does not set values for inactive...
SUSE CVE-2024-57911
In the Linux kernel, the following vulnerability has been resolved: iio: dummy: iiosimplydummybuffer: fix information leak in triggered buffer The 'data' array is allocated via kmalloc and it is used to push data to user space from a triggered buffer, but it does not set values for inactive...
CVE-2024-57911
In the Linux kernel, the following vulnerability has been resolved: iio: dummy: iiosimplydummybuffer: fix information leak in triggered buffer The 'data' array is allocated via kmalloc and it is used to push data to user space from a triggered buffer, but it does not set values for inactive...
UBUNTU-CVE-2024-57911
In the Linux kernel, the following vulnerability has been resolved: iio: dummy: iiosimplydummybuffer: fix information leak in triggered buffer The 'data' array is allocated via kmalloc and it is used to push data to user space from a triggered buffer, but it does not set values for inactive...
CVE-2024-57911 iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer
In the Linux kernel, the following vulnerability has been resolved: iio: dummy: iiosimplydummybuffer: fix information leak in triggered buffer The 'data' array is allocated via kmalloc and it is used to push data to user space from a triggered buffer, but it does not set values for inactive...
SUSE CVE-2024-56773
In the Linux kernel, the following vulnerability has been resolved: kunit: Fix potential null dereference in kunitdevicedrivertest kunitkzalloc may return a NULL pointer, dereferencing it without NULL check may lead to NULL dereference. Add a NULL check for teststate...
DEBIAN-CVE-2024-56773
In the Linux kernel, the following vulnerability has been resolved: kunit: Fix potential null dereference in kunitdevicedrivertest kunitkzalloc may return a NULL pointer, dereferencing it without NULL check may lead to NULL dereference. Add a NULL check for teststate...
UBUNTU-CVE-2024-56773
In the Linux kernel, the following vulnerability has been resolved: kunit: Fix potential null dereference in kunitdevicedrivertest kunitkzalloc may return a NULL pointer, dereferencing it without NULL check may lead to NULL dereference. Add a NULL check for teststate...
CVE-2024-56773 kunit: Fix potential null dereference in kunit_device_driver_test()
In the Linux kernel, the following vulnerability has been resolved: kunit: Fix potential null dereference in kunitdevicedrivertest kunitkzalloc may return a NULL pointer, dereferencing it without NULL check may lead to NULL dereference. Add a NULL check for teststate...
AZL-56544 CVE-2024-56766 affecting package kernel for versions less than 5.15.176.3-1
In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: fix double free in atmelpmecccreateuser The "user" pointer was converted from being allocated with kzalloc to being allocated by devmkzalloc. Calling kfreeuser will lead to a double free...
UBUNTU-CVE-2024-56766
In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: fix double free in atmelpmecccreateuser The "user" pointer was converted from being allocated with kzalloc to being allocated by devmkzalloc. Calling kfreeuser will lead to a double free...
CVE-2024-56766
The CVE-2024-56766 issue affects the Linux kernel’s MTD/NAND path (mtd: rawnand) with a double-free in atmel_pmecc_create_user(). The root cause is allocating the user object with kzalloc() and then freeing it with kfree() after converting the allocation to devm_kzalloc(), leading to a use-after-...
PT-2025-30763
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A potential null pointer dereference issue was identified in the tegra crtc reset function within the DRM/tegra subsystem of the Linux kernel. Specifically, memory is allocated using...
CVE-2024-56730
In the Linux kernel, the following vulnerability has been resolved: net/9p/usbg: fix handling of the failed kzalloc memory allocation On the linux-next, next-20241108 vanilla kernel, the coccinelle tool gave the following error report: ./net/9p/transusbg.c:912:5-11: ERROR: allocation function on...
SUSE CVE-2024-56730
In the Linux kernel, the following vulnerability has been resolved: net/9p/usbg: fix handling of the failed kzalloc memory allocation On the linux-next, next-20241108 vanilla kernel, the coccinelle tool gave the following error report: ./net/9p/transusbg.c:912:5-11: ERROR: allocation function on...
CVE-2024-56730
In the Linux kernel, the following vulnerability has been resolved: net/9p/usbg: fix handling of the failed kzalloc memory allocation On the linux-next, next-20241108 vanilla kernel, the coccinelle tool gave the following error report: ./net/9p/transusbg.c:912:5-11: ERROR: allocation function on...