Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013240)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013240 advisory. In the Linux kernel, the following vulnerability has been resolved: udplite: Fix NULL pointer dereference in skmemraiseallocated. syzbot reported 0 a null-ptr-deref ...

SUSE CVE-2023-54004

In the Linux kernel, the following vulnerability has been resolved: udplite: Fix NULL pointer dereference in skmemraiseallocated. syzbot reported 0 a null-ptr-deref in skgetrmem0 while using IPPROTOUDPLITE 0x88: 14:25:52 executing program 1: r0 = socket$inet60xa, 0x80002, 0x88 We had a similar...

CVE-2023-54004

In the Linux kernel, the following vulnerability has been resolved: udplite: Fix NULL pointer dereference in skmemraiseallocated. syzbot reported 0 a null-ptr-deref in skgetrmem0 while using IPPROTOUDPLITE 0x88: 14:25:52 executing program 1: r0 = socket$inet60xa, 0x80002, 0x88 We had a similar...

CVE-2023-54004

In the Linux kernel, the following vulnerability has been resolved: udplite: Fix NULL pointer dereference in skmemraiseallocated. syzbot reported 0 a null-ptr-deref in skgetrmem0 while using IPPROTOUDPLITE 0x88: 14:25:52 executing program 1: r0 = socket$inet60xa, 0x80002, 0x88 We had a similar...

CVE-2023-54004

Summary of CVE-2023-54004 : In the Linux kernel, a vulnerability in UDPLITE (UDP-Lite) allows a local user to trigger a NULL pointer dereference in the __sk_mem_raise_allocated() path via IPPROTO_UDPLITE, causing a kernel crash (DoS). The root cause is a null-ptr-deref in the memory-allocation sc...

CVE-2023-54004 udplite: Fix NULL pointer dereference in __sk_mem_raise_allocated().

In the Linux kernel, the following vulnerability has been resolved: udplite: Fix NULL pointer dereference in skmemraiseallocated. syzbot reported 0 a null-ptr-deref in skgetrmem0 while using IPPROTOUDPLITE 0x88: 14:25:52 executing program 1: r0 = socket$inet60xa, 0x80002, 0x88 We had a similar...

DEBIAN-CVE-2022-48781

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - get rid of algmemoryallocated algmemoryallocated does not seem to be really used. algproto does have a .memoryallocated field, but no corresponding .sysctlmem. This means skhasaccount returns true, but all...

CVE-2021-47525

In the Linux kernel, the following vulnerability has been resolved: serial: liteuart: fix use-after-free and memleak on unbind Deregister the port when unbinding the driver to prevent it from being used after releasing the driver data and leaking memory allocated by serial core...

CVE-2021-47499

CVE-2021-47499 – Linux kernel, iio: accel: kxcjk-1013 : The issue was a memory leak in the probe path for iio_triggered_buffer_setup, caused when ACPI type is ACPI_SMO8500 and data->dready_trig was not set, preventing freeing of allocated memory. The root cause is the probe-path logic leaving ...

CVE-2021-47444 drm/edid: In connector_bad_edid() cap num_of_ext by num_blocks read

In the Linux kernel, the following vulnerability has been resolved: drm/edid: In connectorbadedid cap numofext by numblocks read In commit e11f5bd8228f "drm: Add support for DP 1.4 Compliance edid corruption test" the function connectorbadedid started assuming that the memory for the EDID passed ...

Denial Of Service

graphviz is vulnerable Denial Of Service. The vulnerability is due to improper handling of input files, leading to the possibility of reading beyond the allocated memory...

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.04 / 23.10 : Vim vulnerabilities (USN-6557-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.04 / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6557-1 advisory. It was discovered that Vim could be made to dereference invalid memory. An attacker could possibly us...

CVE-2023-46246

Vim is an improved version of the good old UNIX editor Vi. Heap-use-after-free in memory allocated in the function gagrowinner in in the file src/alloc.c at line 748, which is freed in the file src/exdocmd.c in the function docmdline at line 1010 and then used again in src/cmdhist.c at line 759...

CVE-2023-46246

Vim is an improved version of the good old UNIX editor Vi. Heap-use-after-free in memory allocated in the function gagrowinner in in the file src/alloc.c at line 748, which is freed in the file src/exdocmd.c in the function docmdline at line 1010 and then used again in src/cmdhist.c at line 759...

Out-of-bounds

u'Out of bound writes happen when accessing usagetable header entry beyond the memory allocated for the header' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, QCS404, QCS610, Rennell, SC7180, SDX55,...

CVE-2020-3636

u'Out of bound writes happen when accessing usagetable header entry beyond the memory allocated for the header' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, QCS404, QCS610, Rennell, SC7180, SDX55,...

Out-of-bounds

Symantec Endpoint Protection Manager SEPM, prior to 14.2 RU2 MP1, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program...

Integer overflow

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9625, MDM9635M, SD 400, and SD 800, while computing the length of memory allocated for a Diag event, if the buffer length is very small or greater than the maximum, an integer overflow may occur, which...

Buffer overflow

In the function wmaunifiedpowerdebugstatseventhandler in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-18, if the value parambuf-numdebugregister received from the FW command buffer is close to max of uint32, then the computation performed using this variable to calculate...

CVE-2017-6469

In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is an LDSS dissector crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-ldss.c by ensuring that memory is allocated for a certain data structure...