8 matches found
CVE-2026-43457
A flaw was found in the Linux kernel's Management Component Transport Protocol MCTP over I2C receive path. When the midev-allowrx flag is false, a newly allocated network buffer skb is not properly freed. This memory leak can lead to a gradual exhaustion of system memory, potentially allowing a...
CVE-2026-43457
In the Linux kernel, the following vulnerability has been resolved: mctp: i2c: fix skb memory leak in receive path When 'midev-allowrx' is false, the newly allocated skb isn't consumed by netifrx, it needs to free the skb directly...
EUVD-2022-43307
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-0646
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw use after free in the Linux kernel Management Component Transport Protocol MCTP subsystem was found in the way user triggers cancelworksync after the...
UBUNTU-CVE-2025-21972
In the Linux kernel, the following vulnerability has been resolved: net: mctp: unshare packets when reassembling Ensure that the fraglist used for reassembly isn't shared with other packets. This avoids incorrect reassembly when packets are cloned, and prevents a memory leak due to circular...
The vulnerability of the mctproute_input() function in the implementation of the Management Component Transport Protocol (MCTP) kernel of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the mctprouteinput function in the net/mctp/route.c module, which is part of the Management Component Transport Protocol MCTP implementation in the Linux operating system, relates to the reutilization of previously freed memory. Exploiting this vulnerability could allow an...
SUSE CVE-2022-3977
A use-after-free flaw was found in the Linux kernel MCTP Management Component Transport Protocol functionality. This issue occurs when a user simultaneously calls DROPTAG ioctl and socket close happens, which could allow a local user to crash the system or potentially escalate their privileges on...
Design/Logic Flaw
A use-after-free flaw was found in the Linux kernel MCTP Management Component Transport Protocol functionality. This issue occurs when a user simultaneously calls DROPTAG ioctl and socket close happens, which could allow a local user to crash the system or potentially escalate their privileges on...